research Archives

This photograph taken on January 13, 2025 in Toulouse shows screens displaying the logo of Grok, a generative artificial intelligence chatbot developed by xAI, the American company specializing in artificial intelligence and it’s founder South African businessman Elon Musk. (Photo by Lionel BONAVENTURE / AFP) (Photo by LIONEL BONAVENTURE/AFP via Getty Images)

Why skipping security prompting on Grok’s newest model is a huge mistake

An AI red-teaming company found that xAI’s Grok 4 is “not suitable for enterprises” without substantial security prompting.

6 days ago By Derek B. Johnson

Abstract application data matrix. (Getty Images)

Oligo Security strives to fill application-layer gaps in MITRE ATT&CK framework

Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.

Jul 8, 2025 By Matt Kapko

The ‘16 billion password breach’ story is a farce

Experts told CyberScoop the research 'doesn’t pass a sniff test' and detracts from needed conversations around credential abuse and information stealers.

Jun 24, 2025 By Matt Kapko

Cyber experts call for supercharging volunteer network to protect community organizations

To defend “target rich, resource poor” critical infrastructure from cyberattacks, the U.S. must expand its patchwork volunteer system, a new report concludes.

Jun 17, 2025 By Derek B. Johnson

chrome extension — (Stephen Shankland / Flickr)

Browser extension sales, updates pose hidden threat to enterprises

Some browser extension permissions are too broad, and owners can quickly repurpose pre-approved capabilities for malicious intent, a security researcher told CyberScoop.

Mar 27, 2025 By Matt Kapko

String of defects in popular Kubernetes component puts 40% of cloud environments at risk

Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.

Mar 26, 2025 By Matt Kapko

Cybercriminals picked up the pace on attacks last year

Ransomware groups last year achieved lateral movement within an average of 48 minutes after gaining initial access to targeted environments, threat intelligence experts said.

Mar 5, 2025 By Matt Kapko

The Department of Justice building is pictured in Washington, DC, on January 22, 2022. (Photo by STEFANI REYNOLDS/AFP via Getty Images)

Army soldier linked to Snowflake attack spree allegedly tried to sell data to foreign spies

Federal prosecutors accuse Cameron Wagenius of searching how to defect to Russia before he tried to sell stolen data to a foreign intelligence service.

Feb 27, 2025 By Matt Kapko

A photo taken on March 31, 2023 in Manta, near Turin, shows a computer screen with the home page of the artificial intelligence OpenAI web site, displaying its chatGPT robot. (Photo by Marco BERTORELLO / AFP) (Photo by MARCO BERTORELLO/AFP via Getty Images)

‘Severe’ bug in ChatGPT’s API could be used to DDoS websites

The vulnerability, described by a researcher as “bad programming,” allows an attacker to send unlimited connection requests through ChatGPT’s API.

Jan 22, 2025 By Derek B. Johnson

An Opened Orange Colored Lock Standing Out From Locked Green Colored Locks on Green Background Directly Above View. (Getty Images)

Hackers find 15,000 credentials by scanning for git configuration

The credentials are likely for future phishing and spam campaigns, Sysdig researchers said.

Oct 30, 2024 By Christian Vasquez