@SCMagazine profile picture
SC Media @SCMagazine

The official Twitter feed for all things IT security. A CyberRisk Alliance Resource.

Joined November 2008
  • Tweets 100,066
  • Following 1,803
  • Followers 119,342
5,938 Photos and videos
Pinned Tweet
SC Media@SCMagazine
Jun 12
.@ServiceNow says security researchers — not attackers — were behind recent unauthorized access activity. Experts say customers still need clear guidance on scope, impact and detection. #cybersecurity #CISO #infosec bit.ly/4ammUvu

ServiceNow says security researchers, not hackers, accessed data

ServiceNow investigates access issue, says no attacker activity found.

scworld.com
1
2
296
The @FBI seized 13 websites tied to a suspected Chinese espionage campaign that used fake consulting jobs and AI-generated personas to recruit U.S. security clearance holders. #cybersecurity #CISO #infosec bit.ly/4elDPPW

FBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionage

The sites were used to lure security clearance holders into divulging classified information.

scworld.com
2
1
189
#AI agents can explore networks using legitimate access, making intent nearly invisible. As MCP adoption grows, defenders need new ways to detect agent behavior and risk, says @indeed's Harshad Sadashiv Kadam in this op-ed. #cybersecurity #CISO #infosec bit.ly/4xqxE5Y

AI Agents are already exploring your network. How do you detect their intent?

AI agents and MCP tools are creating new cybersecurity risks and blind spots.

scworld.com
1
268
AI-driven attacks are accelerating faster than human-led defenses, says @SeviiAI's Curt Aubley in this op-ed. Security leaders are turning to autonomous detection and response to keep pace with machine-speed threats. #cybersecurity #CISO #infosec #AI bit.ly/4v1G0PL

How autonomous defense and remediation stands up to AI cyber threats

AI tools like ADR can help humans and machines work side-by-side to defeat today’s threats.

scworld.com
1
2
265
AI is becoming a core business capability, helping security teams automate detection, accelerate response and shift #cybersecurity from reactive defense to proactive protection, says @Fortinet's Carl Windsor in this commentary. #CISO #infosec #AI bit.ly/4vFJc3F

Time to integrate AI into the core of the business

The most successful companies will turn AI into a persistent, intelligent layer that protects the enterprise.

scworld.com
237
A new Mini Shai-Hulud “Hades” variant has infected 23 PyPI package versions, targeting developers with malware designed to steal tokens, keys and cloud credentials, according to @SocketSecurity. #cybersecurity #CISO #infosec bit.ly/3QxsqEQ

Mini Shai-Hulud ‘Hades’ variant affects 23 PyPI package versions

The JavaScript stealer payload includes an anti-analysis LLM prompt injection.

scworld.com
291
.@AnthropicAI has released its Fable model to the public, bringing Mythos-level vulnerability discovery capabilities with new safeguards designed to prevent cyber misuse. #cybersecurity #CISO #infosec #AI bit.ly/4eg0VaB

‘Mythos-level’ Fable model released to public: How Anthropic plans to prevent misuse

Safeguard layers aim to block and reroute cyber-related requests while retaining Mythos-level capabilities.

scworld.com
2
2
378
.@ServiceNow says security researchers — not attackers — were behind recent unauthorized access activity. Experts say customers still need clear guidance on scope, impact and detection. #cybersecurity #CISO #infosec bit.ly/4ammUvu

ServiceNow says security researchers, not hackers, accessed data

ServiceNow investigates access issue, says no attacker activity found.

scworld.com
1
1
1
521
The @FBI seized 13 websites tied to a suspected Chinese espionage campaign that used fake consulting jobs and AI-generated personas to recruit U.S. security clearance holders. #cybersecurity #CISO #infosec bit.ly/4elDPPW

FBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionage

The sites were used to lure security clearance holders into divulging classified information.

scworld.com
2
6
500
Chinese APTs are changing the game, says @PicusSecurity's Hüseyin Can Yüceel in this op-ed. As attackers rely on valid credentials and covert infrastructure, defenders must focus more on identity and behavior than indicators alone. #cybersecurity #CISO bit.ly/3QAGb5F

Chinese APTs have made identity part of the intrusion path

Don’t merely identify the attacker – understand how they behave.

scworld.com
252
AI agents need identities, governance and access controls just like human users says @Keyfactor's Ellen Boam in this commentary. As agentic #AI grows, managing digital identities is becoming a core security requirement. #cybersecurity #CISO #infosec bit.ly/43pCBOF

How managing digital identities has become critical to agentic AI projects

Teams need identity systems that have access control, the ability to limit and revoke privileges, and auditability.

scworld.com
1
2
293
The @CISAgov added an exploited Check Point VPN auth bypass flaw to KEV, urging rapid patching after targeted attacks and Qilin-linked post-compromise activity. #cybersecurity #CISO #infosec bit.ly/4vCfz39

CISA adds Check Point VPN bug to list of exploited vulnerabilities

CISA warns of an exploited Check Point VPN flaw that lets attackers bypass authentication.

scworld.com
3
401
Suspected North Korean hackers are using fake job offers and coding tests to trick developers into deploying malware that steals crypto, credentials and sensitive data, according to @proofpoint. #cybersecurity #CISO #infosec bit.ly/3StA9UW

Suspected North Korean actors use fake ‘coding assignments’ to steal crypto

Targets are encouraged to clone Git repositories to their VS Code or Cursor code editors.

scworld.com
4
2
342
.@Google says the Silent Ransom Group is using vishing, social engineering and even in-person visits to gain access and steal data from U.S. organizations. #cybersecurity #CISO #infosec bit.ly/4vEs3ax

Silent Ransom Group moves to in-person method if vishing attempt fails

Mandiant warns Silent Ransom Group uses vishing and even in-person visits to steal data.

scworld.com
317
A new Mini Shai-Hulud “Hades” variant has infected 23 PyPI package versions, targeting developers with malware designed to steal tokens, keys and cloud credentials, according to @SocketSecurity. #cybersecurity #CISO #infosec bit.ly/3QxsqEQ

Mini Shai-Hulud ‘Hades’ variant affects 23 PyPI package versions

The JavaScript stealer payload includes an anti-analysis LLM prompt injection.

scworld.com
1
4
9
2,219
#AI agents can explore networks using legitimate access, making intent nearly invisible. As MCP adoption grows, defenders need new ways to detect agent behavior and risk, says @indeed's Harshad Sadashiv Kadam in this op-ed. #cybersecurity #CISO #infosec bit.ly/4xqxE5Y

AI Agents are already exploring your network. How do you detect their intent?

AI agents and MCP tools are creating new cybersecurity risks and blind spots.

scworld.com
4
319
.@AnthropicAI has released its Fable model to the public, bringing Mythos-level vulnerability discovery capabilities with new safeguards designed to prevent cyber misuse. #cybersecurity #CISO #infosec #AI bit.ly/4eg0VaB

‘Mythos-level’ Fable model released to public: How Anthropic plans to prevent misuse

Safeguard layers aim to block and reroute cyber-related requests while retaining Mythos-level capabilities.

scworld.com
4
4
442
AI-driven attacks are accelerating faster than human-led defenses, says @SeviiAI's Curt Aubley in this op-ed. Security leaders are turning to autonomous detection and response to keep pace with machine-speed threats. #cybersecurity #CISO #infosec #AI bit.ly/4v1G0PL

How autonomous defense and remediation stands up to AI cyber threats

AI tools like ADR can help humans and machines work side-by-side to defeat today’s threats.

scworld.com
1
229
The @FBI seized 13 websites tied to a suspected Chinese espionage campaign that used fake consulting jobs and AI-generated personas to recruit U.S. security clearance holders. #cybersecurity #CISO #infosec bit.ly/4elDPPW

FBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionage

The sites were used to lure security clearance holders into divulging classified information.

scworld.com
1
1
377
In this op-ed, @Optiv's James Turgal says the debate over Trump’s AI executive order highlights a core challenge: how to balance innovation, national competitiveness and accountability for increasingly powerful #AI models. #cybersecurity #CISO #infosec bit.ly/4umgiEA

The Trump AI EO strikes a compromise to balance innovation with accountability

The AI EO underscores the need for innovation and secuirty to evolve together.

scworld.com
223
Load more