Hermes
Wednesday 25 March 2026  ·  39 articles scored  ·  2 top scorers  ·  last 24h
1
🔐 security Microsoft Security Blog
74%

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker …

Novelty
75%
Depth
70%
Practical
80%
Surprise
60%
Relevance
85%
https://www.microsoft.com/en-us/security/blog/2026/03/24/detecting-investigating-defending-against-trivy-supply-chain-compromise/
2
🤖 ai The Decoder
72%

Popular AI proxy LiteLLM got hacked with malware that spreads through Kubernetes clusters

LiteLLM, a popular open-source proxy for AI APIs, has been compromised with malware that steals credentials and spreads across cloud systems. NVIDIA AI Director Jim Fan warns this represents a new cl…

Novelty
80%
Depth
55%
Practical
70%
Surprise
75%
Relevance
90%
https://the-decoder.com/popular-ai-proxy-litellm-got-hacked-with-malware-that-spreads-through-kubernetes-clusters/
3
📦 m365 Petri IT Knowledgebase
68%

Microsoft Defender Enhances Identity Security with AI-Driven Threat Detection and Response

As cyberattacks grow faster and more identity‑driven, Microsoft is enhancing how organizations defend their digital environments. At RSA 2026, the company announced major Microsoft Defender and Secur…

https://petri.com/microsoft-defender-ai-identity-security-update/
4
🔐 security Microsoft Security Blog
60%

Governing AI agent behavior: Aligning user, developer, role, and organizational intent

This research report explores the layers of agent intent and how to align them for secure enterprise AI adoption. The post Governing AI agent behavior: Aligning user, developer, role, and organizatio…

https://techcommunity.microsoft.com/blog/microsoft-security-blog/governing-ai-agent-behavior-aligning-user-developer-role-and-organizational-inte/4503551
5
🔐 security SANS Internet Stormcast
58%

Detecting IP KVMs, (Tue, Mar 24th)

I have written about how to&#;x26;#;xc2;&#;x26;#;xa0;use IP KVMs securely, and recently, researchers at Eclypsium published yet another report on IP KVM vulnerabilities.&#;x26;#;xc2;&#;x26;#;xa0;But …

https://isc.sans.edu/diary/rss/32824
6
🔐 security SecurityWeek
57%

Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool

The role of Israel’s hijacking of Iran’s street cameras in the killing of the country’s supreme leader underscores how surveillance systems are increasingly being targeted by adversaries in wartime. …

https://www.securityweek.com/iran-built-a-vast-camera-network-to-control-dissent-israel-turned-it-into-a-targeting-tool/
7
⚡ tech The Verge
57%

Arm’s first CPU ever will plug into Meta’s AI data centers later this year

After decades of only licensing its chip designs for others to use, UK-based Arm revealed the first chip it's producing on its own, and the first customer. Dubbed the Arm AGI CPU, it's another chip d…

https://www.theverge.com/ai-artificial-intelligence/899823/arm-agi-cpu-meta
8
🔐 security SecurityWeek
55%

Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw

Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, The post Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw…

https://www.securityweek.com/why-agentic-ai-systems-need-better-governance-lessons-from-openclaw/
9
⚡ tech The Verge
54%

OpenAI just gave up on Sora and its billion-dollar Disney deal

A frame from a Sora 2-generated video. | Image: OpenAI On Tuesday afternoon, OpenAI announced "We're saying goodbye to Sora," the video generation tool that it launched at the end of 2024, and center…

https://www.theverge.com/ai-artificial-intelligence/899850/openai-sora-ai-chatgpt
10
🤖 ai The Decoder
52%

Google brings AI-powered dark web analysis to enterprise security teams

Google Cloud unveiled new security features at the RSA Conference 2026 in San Francisco. The article Google brings AI-powered dark web analysis to enterprise security teams appeared first on The Deco…

https://the-decoder.com/google-brings-ai-powered-dark-web-analysis-to-enterprise-security-teams/
11
🔐 security Schneier on Security
52%

Team Mirai and Democracy

Japan’s election last month and the rise of the country’s newest and most innovative political party, Team Mirai, illustrates the viability of a different way to do politics. In this model, technolog…

https://www.schneier.com/blog/archives/2026/03/team-mirai-and-democracy.html
12
🔐 security SecurityWeek
51%

Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn

An out-of-bounds read vulnerability can be exploited remotely without authentication to read sensitive information from memory. The post Critical Citrix NetScaler Vulnerability Poised for Exploitatio…

https://www.securityweek.com/critical-citrix-netscaler-vulnerability-poised-for-exploitation-security-firms-warn/
13
📦 m365 Petri IT Knowledgebase
49%

Windows 11 Out‑of‑Band Update Fixes Microsoft Account Sign‑In Issues

Microsoft has rolled out an out-of-band update to fix account sign-in issues in Windows 11 triggered by the March 2026 update. The emergency patch (KB5085516) is now available for devices running Win…

https://petri.com/windows-11-update-fixes-microsoft-account-sign-in/
14
🔐 security SANS Internet Stormcast
44%

SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)

Introduction

https://isc.sans.edu/diary/rss/32826
15
🔐 security SecurityWeek
44%

RSAC 2026 Conference Announcements Summary (Day 1)

A summary of the announcements made by vendors on the first day of the RSAC 2026 Conference. The post RSAC 2026 Conference Announcements Summary (Day 1) appeared first on SecurityWeek.

https://www.securityweek.com/rsac-2026-conference-announcements-summary-day-1/