Information Security Buzz
VerifiedOnline/Digital
ISBuzz News is an independent resource that provides the best in breaking news for the information security community. Collated from security experts and industry leaders, content is carefully selected to provide you with the latest threat trends, insights, practical solutions, hot topics and advice from around the globe. Source
Actions
Media Outlet details
| Scope | National, Trade/B2B |
|---|---|
| Language | English |
| Country | Australia |
|
Similarweb UVM |
Request pricing |
|
Comscore UVM |
Request pricing |
Recent Articles
Search ArticlesAmericans are ignoring scam calls, but phishing emails still fool many
AI Summary Basic summary Americans are becoming more effective at avoiding spam calls and texts, but new research suggests that the strategy comes with an unexpected cost. A new survey of 1,000 Americans from privacy company Cloaked, revealed that two-thirds of respondents have missed an important phone call because they ignored an unknown number.
AI-assisted software engineering is creating a new delivery paradox
AI can generate code faster than most software organizations can absorb it. This should be a productivity breakthrough, but it also exposes a larger problem: many of the processes surrounding software delivery still happen at human speed. A new white paper from code4thought looks at what happens when AI changes how quickly teams write software, and what software engineering produces, how organizations govern it, and where engineers add the most value.
Sysdig uncovers first documented agentic ransomware operation
Security researchers at Sysdig have documented what they believe is the first documented case of an AI agent running a ransomware operation from end to end. Dubbed JADEPUFFER, the operation used a large language model (LLM) to automate an attack that began with the exploitation of an internet-facing Langflow instance and ended in destructive database extortion.
Filigran report: Organisations can see their threats but can’t act fast enough
Fragmented tools and manual processes are widening the gap between threat awareness and effective CTEM. Only 41% of organisations have a fully consolidated view of cyber risk exposure, and security teams spend 42% of their time investigating risks that turn out to be low priority or non-exploitable At the same time, AI-driven CTEM processes expected to nearly double, from 37% to 59%, within two years; 88% say that automation is essential to keep pace with the growing volume of risk.
The next phase of endpoint security starts with simplicity
For years, enterprise endpoints were expected to handle everything locally, including productivity, collaboration, storage, and security, while supporting increasingly complex operating systems and applications. But as more workloads have moved into cloud-delivered environments, that model has started to break down. Today’s employees work across virtual desktops, web applications, browsers, and collaboration platforms from virtually anywhere.
Klue supply chain breach exposes Salesforce data at several security firms
AI Summary Basic summary A supply chain attack targeting Klue, a competitive intelligence platform, has lead to the theft of Salesforce data from multiple entities, including several cybersecurity vendors. Klue disclosed that threat actors had gained unauthorized access to part of its integration infrastructure in June after compromising a legacy credential linked to a backend system.
What Are AI SOC Agents? Use Cases, Architecture, and the Leading Vendors
The SANS 2025 Global SOC Survey found that 85% of SOCs trigger incident response primarily from endpoint alerts, while 42% admit to ingesting all data into their SIEM with no structured plan for retrieval or analysis. Volume has outpaced human capacity, and the gap between alerts fired and alerts investigated keeps widening. As a result, threats that should be caught get missed. Detection tools fire as designed. What SOCs lack is the time to follow up on everything those tools catch.
ShinyHunters targets Oracle PeopleSoft customers through critical zero-day
AI Summary Basic summary Oracle has issued a security alert to customers about a critical vulnerability affecting PeopleSoft environments after the notorious threat actor ShinyHunters claimed it used a previously unknown flaw to compromise over 100 entities. The vulnerability CVE-2026-35273 is in Oracle PeopleSoft PeopleTools, and has a CVSS score of 9.8/10. “Oracle PeopleSoft Enterprise Applications customers may also be affected by this vulnerability.
AI-Powered Attacks Become Top Concern for Security Professionals, New Filigran Survey Reveals
AI Summary Basic summary AI-powered attacks are the biggest cybersecurity concern among security professionals. Forty-one percent identified AI-powered attacks at scale as their biggest security concern, nearly double the number citing supply chain risk (21%) or unknown threats (21%). AI-driven threats and what security professionals are doing about them is also the top concern for nearly one in three boards (32%).
SIG report: AI-generated code is linked to twice the security risk and rising technical debt
AI Summary Basic summary AI-supported coding has progressed from experimental to the norm in organizations, yet technical debt, security risks, and costs could be piling up much faster than anyone realizes. This is one of the key takeaways from the Software Improvement Group (SIG) 2026 State of Software report, which analyzed more than 30,000 software systems and more than 400 billion lines of code.