diginomica

Risky business? AI agents are asking for your SSH keys. 21,000 exposed instances tell their own cautionary tale...

Security researchers found more than 21,000 exposed OpenClaw deployments, highlighting why enterprise adoption of AI agents needs to pay more than lip service to "guardrails".

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
SecurityWeek

API Threats Grow in Scale as AI Expands the Blast Radius

Most API vulnerabilities are fast, remote, and easy to exploit. Attackers take full advantage of these attributes.

Here is how Microsoft is improving PowerShell and Windows OpenSSH in 2026Here is how Microsoft is improving PowerShell and Windows OpenSSH in 2026Here is how Microsoft is ...

Microsoft is gearing up for big PowerShell and Windows OpenSSH changes in 2026, but security will come before flashy new features.
Federal News Network

DoD memo’s use cases clarify mission impact of new policies on PKI credentials, expanded authentication

They removed focus from the container that holds the credential and put focus on the credential itself. That's very helpful ...

February’s Patch Tuesday release fixes 59 flaws, including 6 being exploited

IT admins will be busy this month patching Microsoft software and apps, but not nearly as busy as they were in January.
UC Berkeley School of Information

Berkeley Cybersecurity Master’s Students Develop API Security Test for Different Users

Rest Assured “VentiAPI”, by Master of Information and Cybersecurity grads Karl-Johan Westhoff, Bleu Strong, Jenny Garcia, and Tyler Heslop, helps organizations find and fix vulnerabilities in their ...