cloud security

Lessons From AI Hacking: Every Model, Every Layer Is Risky

Hillai Ben Sasson and Dan Segev, researchers at Wiz, discovered vulnerabilities in every major AI platform they targeted over two years of research. Their findings, to be presented at the RSAC Conference, highlight the importance of focusing on AI infrastructure security across model training, inference, application, and cloud layers. The researchers emphasize the need for regular security reviews and compliance checks to address the rapidly evolving threat landscape.

https://www.darkreading.com/application-security/lessons-ai-hacking-model-every-layer-risky

UK.gov Launches Cyber ‘lockdown’ Campaign as 80% of Orgs Hit

UK government launches cyber lockdown campaign urging businesses to enhance digital defenses, as report shows 82% of organizations experienced cyber incidents. Only 30% adhere to Cyber Essentials standards. Campaign aims to raise awareness among SMEs about the risks and importance of basic cybersecurity measures. Free resources offered to assist businesses in improving security practices.

https://www.theregister.com/2026/02/17/govt_launches_cyber_lockdown_push/

A Rise in Hacktivist Attacks Puts All Web Applications at Risk, Warns UK’s NCSC

UK's NCSC warns of rising pro-Russia hacktivist DDoS attacks threatening web applications. These attacks disrupt services, erode trust, and may target sensitive data. Organizations must enhance web application security to protect against DDoS and other threats, ensuring operational resilience. Barracuda offers multilayered protection, including real-time threat intelligence, to safeguard digital services.

https://blog.barracuda.com/2026/02/06/hacktivist-attacks-web-applications-risk-ncsc

Spyware Maker Is Hijacking Diplomatic Efforts to Limit Commercial Hacking, Civil Society Warns

Civil society alleges NSO Group, a spyware manufacturer with a history of human rights violations, is using diplomatic initiatives like the Pall Mall Process to rehabilitate its image despite reports of abuses. While NSO claims engagement in reining in spyware misuse, officials from France and the UK affirm they did not invite NSO's participation. Critics stress that NSO's history, including targeting journalists and activists, undermines its claims of responsible governance, while calls for exclusion from future negotiations are growing amid concerns over accountability and transparency.

https://therecord.media/spyware-maker-pall-mall-process-reputation

Hand CVE Over to the Private Sector

The Common Vulnerability Enumeration (CVE) initiative, created in 1999, is criticized for being redundant and mismanaged. Despite receiving substantial government funding, MITRE’s CVE program is perceived as lacking objectivity, quick response capability, and expertise in vulnerability database management. The author argues that the program’s high costs and slow response times suggest it is not meeting the requirements of a federally funded research and development center.

https://www.darkreading.com/cybersecurity-operations/hand-cve-over-to-private-sector

Infosec 101 for Activists

TLDR: Infosec 101 for Activists outlines digital safety for activists, emphasizing risks like privacy breaches, doxxing, and police surveillance during protests. It provides tools to use (e.g., Signal, BitWarden) and avoid (e.g., Google Maps, WhatsApp), along with tips for secure phone setup and communication. Key advice includes using strong passwords, enabling two-factor authentication, and avoiding digital trails at protests. The guide aims to help activists protect their personal information and enhance their security.

https://infosecforactivists.org/

5 Key Cyber Security Trends for 2025

TLDR: In 2025, key cyber security trends include: 1) AI's role in cyber warfare and disinformation, 2) ransomware evolving into data exfiltration, 3) increased threats from infostealers targeting sensitive data, 4) vulnerabilities in edge devices as entry points for attacks, and 5) cloud security challenges due to misconfigurations. Organizations must adopt proactive risk management and unified security strategies to combat advanced threats.

https://blog.checkpoint.com/research/5-key-cyber-security-trends-for-2025/

Scroll to Top