diginomica

Risky business? AI agents are asking for your SSH keys. 21,000 exposed instances tell their own cautionary tale...

Security researchers found more than 21,000 exposed OpenClaw deployments, highlighting why enterprise adoption of AI agents needs to pay more than lip service to "guardrails".
SecurityWeek

API Threats Grow in Scale as AI Expands the Blast Radius

Most API vulnerabilities are fast, remote, and easy to exploit. Attackers take full advantage of these attributes.

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Federal News Network

DoD memo’s use cases clarify mission impact of new policies on PKI credentials, expanded authentication

They removed focus from the container that holds the credential and put focus on the credential itself. That's very helpful ...