Aggregator

The FBI, CISA, NSA, EPA, DOE, and U.S. Cyber Command jointly disclosed on April 7, 2026, that Iranian-affiliated advanced persistent threat (APT) actors are actively targeting internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs). These industrial devices are widely used in critical infrastructure, including water treatment plants, energy facilities, and government operations. The advisory, labeled AA26-097A, […]

The post Censys Warns 5,219 Rockwell/Allen-Bradley PLCs Are Exposed Amid Iranian APT Activity appeared first on Cyber Security News.

You must login to view this content

You must login to view this content

A recently disclosed high-severity vulnerability in GitHub Copilot Chat allowed attackers to silently siphon sensitive data from private repositories. Tracked as CVE-2025-59145 with a near-perfect CVSS score of 9.6, the flaw enabled the theft of source code, API keys, and cloud secrets without requiring the execution of any malicious code. Dubbed “CamoLeak,” this exploit highlights […]

The post Hackers Exploit GitHub Copilot Vulnerability to Exfiltrate Sensitive Data appeared first on Cyber Security News.

Hewlett-Packard Enterprise (HPE) has disclosed a security flaw in its Aruba Networking Private 5G Core On-Prem platform. This vulnerability allows attackers to steal user credentials by exploiting an open redirect issue in the system’s login process. The vulnerability is officially documented as CVE-2026-23818, exists within the platform’s graphical user interface (GUI) and functions as an […]

The post HPE Aruba Private 5G Platform Vulnerability Enables Credential Theft Attacks appeared first on Cyber Security News.

A targeted mobile espionage campaign has been quietly operating across the Middle East since at least 2022, using fake versions of widely trusted secure messaging apps to plant a powerful Android spyware named ProSpy on victims’ devices. Attackers behind this operation crafted their malicious apps to look identical to well-known platforms like Signal, ToTok, and […]

The post Hackers Impersonate Secure Messaging Apps to Deploy ProSpy in Middle East Espionage Attacks appeared first on Cyber Security News.

Explore how LLM proxies secure AI models by controlling prompts, traffic, and outputs across production environments and exposed APIs.

The post What Is an LLM Proxy and How Proxies Help Secure AI Models appeared first on Security Boulevard.

Why Product Teams Fail at Feature Prioritization Most product engineering teams don’t have a shortage of ideas. They have a shortage of impact. Roadmaps are...Read More

The post How to Prioritize Product Strategy Features Using Data Instead of Opinions appeared first on ISHIR | Custom AI Software Development Dallas Fort-Worth Texas.

The post How to Prioritize Product Strategy Features Using Data Instead of Opinions appeared first on Security Boulevard.

You must login to view this content

A critical and largely overlooked attack surface in the AI agent ecosystem, third-party API routers that can be weaponized to silently hijack tool calls, drain cryptocurrency wallets, and exfiltrate sensitive credentials at scale. As AI agents increasingly automate high-stakes tasks, executing code, managing cloud infrastructure, and handling financial transactions, they depend on intermediary services called […]

The post AI Router Vulnerabilities Allow Attackers to Inject Malicious Code and Steal Sensitive Data appeared first on Cyber Security News.

See how you can use Tenable Hexa AI to determine in minutes if you’re impacted by the Axios npm supply chain attack. Learn how easy it is to automate configuration of scans, identify impacted assets, prioritize remediation, and more using agentic AI from Tenable.

1. Tenable Hexa AI, the agentic engine of the Tenable One Exposure Management Platform, can tell you in minutes if your organization is running compromised versions of the Axios npm package following a recent discovery of a supply chain attack.
    
2. Tenable Hexa AI configures and launches scans; tags affected assets by severity, owner, or business unit to scope the blast radius of the threat; and automates remediation scans to verify remediation effectiveness.
    
3. The workflow that Tenable Hexa AI automates (targeted scan, tag, remediate, verify) applies to any emerging threat, whether the discovery of a new CVE, zero-day vulnerability, or supply chain compromise.
    

When a highly utilized code package like the Axios npm package is compromised in a supply chain attack, news of the compromise often sets off a mad scramble for security teams. Responding to the discovery can take days, and typically involves manually configuring different assessments to identify if vulnerable versions of the software are present in your environment, and if so, which assets are affected by them. Then, of course, you have to implement recommended remediations, which in the case of the Axios npm supply chain attack include:

• Downgrade to safe versions: [email protected] or [email protected]
• Remove the phantom dependency: node_modules/plain-crypto-js/
• Block C2 traffic to sfrclak[.]com and 142.11.206.73
• Treat affected systems as fully compromised: rotate all secrets and credentials, rebuild from clean snapshots
• Audit CI/CD pipelines: ephemeral runners require secret rotation; self-hosted runners are treated as fully compromised
• Search for file artifacts: /Library/Caches/com.apple.act.mond (macOS), %PROGRAMDATA%\wt.exe (Windows), /tmp/ld.py (Linux).

Even if you can respond and remediate within hours, it’s still not fast enough for AI-assisted threat actors. These days, we need to answer three critical questions in minutes: 

• Are we exposed?
• Where are we exposed?
• How quickly can we mitigate the threat? 

In the first of a series of blogs on use cases for the Tenable Hexa AI agentic engine, we show you how Tenable Hexa AI accelerates this exact workflow to reduce your window of risk.

When researchers discover a new zero-day or supply chain compromise, the first question on security teams’ minds isn’t “How do we fix it?” It’s “Are we affected?” Answering that question shouldn’t be difficult, and with Tenable Hexa AI, it couldn’t be simpler. 

Open Tenable Hexa AI and type something like, “Show me all assets in my environment vulnerable to the Axios Supply Chain vulnerability.”

Tenable Hexa AI then queries the Tenable One Exposure Data Fabric, the data already collected from your existing scans, agents, and integrations. Within seconds, Tenable Hexa AI produces a clear picture of which assets are running the compromised Axios versions, where they sit in your network, and how critical they are to your business. 

No query language. No console-hopping. No waiting for a new scan to finish. Just ask the question and get the answer. 

Now you know which assets are affected, but a flat list isn’t a response plan; it’s a starting point. The next step is to scope the blast radius and organize it for action. With Tenable Hexa AI, this is as simple as telling Tenable Hexa AI to “Tag this with the category Supply Chain and value Axios.” 

Tenable Hexa AI then bulk-applies the tag across every asset in one action. And just like that, you’ve turned a raw discovery into a structured, queryable incident surface. 

This matters because tagging is the bridge between exposure discovery and remediation by the right team. Once assets are tagged, you can slice them by business unit or owner to route remediation work. You can feed tagged assets into dashboards for executive visibility, and critically, the tag preserves a snapshot of the blast radius as the environment changes. 

Supply chain attacks have seen a staggering increase in recent years, with the Sonatype 2024 State of the Software Supply Chain report showing a 156% year-over-year surge in attacks targeting upstream repositories like npm and PyPI. So the question isn’t if another package will be poisoned, but how much of your weekend it will consume when it happens.

What we’ve shown here with the Axios response (i.e., scope, discover, prioritize) is more than just a fix for one npm package. It represents a fundamental shift in how security teams handle emergency response. 

By using Tenable Hexa AI, you are building agentic and operational muscle memory. You can deploy the exact same conversational workflow you used to hunt for malicious versions of Axios the moment the next Log4j, XZ Utils, or MoveIt-style vulnerability hits the news.

Tenable Hexa AI transforms high-pressure fire drills like the discovery of the Axios npm supply chain attack into a structured, repeatable, and sane workflow. Instead of writing custom scripts or manually configuring policies under duress, you simply tell Tenable Hexa AI what to do, and the agentic engine handles the grunt work for you. 

Stay tuned for more use cases demonstrating the agentic power of Tenable Hexa AI. Here’s what’s coming next: 

• Using Tenable Hexa AI to target remediation scans at tagged assets, schedule post-patch verification, and compare before/after results to confirm the threat is neutralized
• Using Tenable Hexa AI to automate the creation of risk dashboards and report on security KPIs
• Using Tenable Hexa AI to map vulnerabilities to asset owners (via Okta, CMDB, or custom mappings) and automatically notify the right teams.
• Using Tenable Hexa AI to trigger patching workflows and network isolation for compromised assets

Tenable Hexa AI is currently in private preview for select Tenable One customers. Contact your Tenable Account Team to join the private preview program.

Want to learn more? Download the Tenable Hexa AI data sheet to get the full technical breakdown of our agentic capabilities.