Ravie LakshmananMar 25, 2026Browser Security / Threat Intelligence Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs. “It logs keystrokes, dumps cookies and session tokens, captures screenshots, and takes commands from a C2 server hidden in a Solana blockchain memo,” Aikido security researcher Ilyas Makari said in a report published last week. GlassWorm is the moniker assigned to a persistent campaign that obtains an initial foothold…
Author: admin
AI-native vendors capture the fastest growth, dominating enterprise software budgetsOpenAI and Anthropic are the top beneficiaries of rising AI spendTraditional SaaS tools are losing relevance as AI adoption acceleratesEnterprise software spending is undergoing a structural shift as artificial intelligence moves beyond limited trials into core operational budgets, new research has confirmed.Over the past year, decision-making has moved away from whether AI tools are worth funding toward which vendors should receive increasing allocations, reflecting a broader change in procurement priorities, where AI is no longer treated as an add-on but as the central line item shaping software budgets.Tropic’s analysis of more…
Vorlon has unveiled AI Agent Flight Recorder and AI Agent Action Center, adding forensics and coordinated response to secure enterprise agentic ecosystems and close a key security gap. The agentic ecosystem contains SaaS applications, AI agents, API integrations, non-human identities, and the sensitive data flows connecting them. It’s become the fastest-growing attack surface in the enterprise, moves at machine speed, and most organizations lack adequate supervision. The Agentic Ecosystem Security Gap: 2026 CISO Report, a Vorlon survey of 500 U.S. security leaders, documents the scale of the problem: 99.4% of organizations experienced at least one SaaS or AI ecosystem security…
There’s an interesting paradox currently occurring in the realm of marketing. Marketers have more tools and data at their fingertips, yet despite this influx of information, marketing leaders also somehow have less clarity than ever before. Over the past decade, Google’s algorithms and privacy regulations have significantly shifted traditional SEO best practices. SEO has evolved from a precise science to more of a trust discipline, where marketers must infuse credibility and authority into their content to improve visibility. The new opportunity at hand isn’t scraping more consumer behavior but rather listening to it in a new manner. By diving deeper…
Summary The Razer Blade 16 uses an Intel Core Ultra 9 386H, with 60% better battery life and 33% faster CPU than the previous laptop. It also comes with up to 64GB LPDDR5X-9600 RAM, Nvidia GTX 5090, and 2TB SSD options. The laptop starts at $3,499.99, and comes with a bundle that includes Resident Evil: Requiem and one month of Xbox Game Pass. On paper, gaming laptops sound like the dream machine for playing on the go. You have a fully decked-out machine that lets you play whatever you want, wherever you are. Then the laptop’s battery goes dead in…
Opswat also discovered two other Catalyst 9300 vulnerabilities: CVE-2026-20112 (cross-site scripting) and CVE-2026-20113 (CRLF injection). These relate to the IOS XE IOx integration environment which enables cloud edge computing features on Catalyst switches. The first of these, CVE-2026-20112, could be exploited by an “authenticated user [who] could store malicious JavaScript payloads that would later execute in the context of another user’s session,” said Opswat in its full vulnerability analysis. The second, CVE-2026-20113, would allow an attacker to cover their tracks for any exploit on IOS XE IOx: “By injecting crafted control characters, an attacker can forge or manipulate log entries,…
Experts said companies rushing to buy AI services risked letting their existing, still-vital defensive measures deteriorate.
If you’re someone that often faces buyer’s remorse, you might want to be careful where you get your next shiny smartphone from. Buying a new device via your carrier of choice is one of the most popular means of procuring a new phone. However, for those eyeing T-Mobile for their next purchase, make sure you really want the device that you’re buying because the carrier’s restocking fee just went up. Related 6 hidden fees AT&T, Verizon, and T-Mobile users often overlook Hidden fees can turn your affordable phone plan into an expensive surprise The carrier quietly updated its support documentation…
Attacks leveraging the ‘PolyShell’ vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. According to eCommerce security company Sansec, hackers started exploiting the critical PolyShell issue en masse last week, just two days after public disclosure. “Mass exploitation of PolyShell started on March 19th, and Sansec has now found PolyShell attacks on 56.7% of all vulnerable stores,” Sansec says. The researchers previously reported that the problem lies in Magento’s REST API, which accepts file uploads as part of the custom options for the cart item, allowing polyglot files to achieve remote…
Google released the March 2026 spam update less than 24 hours ago and it is already done rolling out. The update finished today at 10:40 a.m. ET. This update was released yesterday (March 24) at 3:20 p.m. It took 19 hours and 30 minutes to fully roll out, which is super fast. Why we care. This is the second Google algorithm update announced in 2026. It’s unclear what spam it targeted, but if you see ranking or traffic changes in the next few days, the Google March 2026 spam update could be the cause. More on spam update. Google’s documentation says: “While Google’s automated…