A new report out today from managed detection and response company Expel Inc. details a newly identified variant of the Shai Hulud malware that is demonstrating how software supply chain attacks are evolving beyond isolated package compromises into self-propagating campaigns that turn developers themselves into distribution points. Shai Hulud is a malware campaign first observed in ...

The University of Phoenix has confirmed a major data breach affecting nearly 3.5 million current and former students, employees, faculty and suppliers, which followed an exploit by the Clop ransomware group in November. Clop is a prolific cybercrime group known for large-scale data-extortion attacks that focus on exploiting “zero-day” or yet-unpatched vulnerabilities in widely used ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team has uncovered a spike in holiday-themed phishing activity that blends impostor Docusign credential harvesting with deceptive loan offer spam that creates a threat for both corporate and consumer targets. The Christmas Docusign-themed phishing campaign abuses the Docusign brand to entice users into ...

A new report out today from Swiss artificial intelligence-powered managed extended detection and response company Ontinue AG warns of the growing abuse of Nezha, a legitimate open-source server monitoring tool, as a stealthy post-exploration remote access trojan. Nezha, initially developed for the Chinese information technology community, has gained nearly 10,000 stars on GitHub and is actively maintained. ...

Cybersecurity and password service provider 1Password LLC today announced a new partnership with artificial intelligence code editor company Cursor Inc. to bring secure, just-in-time secrets to Cursor. The partnership has started with the deployment of a Hooks Script that gives developers a secure, just-in-time way to ensure required secrets are made available to Cursor’s AI agents via ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code execution vulnerability in Cursor Inc.’s integrated development environment that exposed risks tied to trusted installation workflows and agentic AI tooling. The vulnerability, tracked as CVE-2025-64106 and rated 8.8 in severity, affected Cursor’s Model Context Protocol installation flows and ...

Edison Scientific Inc., a San Francisco-based artificial intelligence startup building autonomous AI scientists to help accelerate scientific research, announced today that it has raised $70 million in new funding to expand its operations and development efforts. Founded earlier this year as a spin-off from the nonprofit research organization Future House Inc., Edison Scientific is aiming ...

Shares of BlackBerry Ltd. were volatile in after-hours trading today after the company reported earnings and revenue beats in its fiscal 2026 third quarter. For the quarter that ended on Nov. 30, BlackBerry reported adjusted earnings per share of five cents, up from breakeven in the same quarter of the previous fiscal year, on revenue ...

A new report out today from edge cloud platform provider Fastly Inc. has found that bot traffic continues to reshape the modern web, as artificial intelligence crawlers, fetchers and increasingly sophisticated headless bots drive both operational strain and new business decisions across industries. The findings, detailed in Fastly’s Q3 Threat Insights Report, found that while humans still ...

Artificial intelligence operating system for patents startup Ankar.ai Ltd. today revealed that it has raised $20 million in new funding to grow its team and expand further into the U.S. Founded in 2023 in the U.K., Ankar has built an AI-powered operating system for innovation that transforms how companies and law firms generate and protect ...