(Credit: daily_creativity – stock.adobe.com)

(Credit: daily_creativity – stock.adobe.com)

‘Claude Code install’ search result leads to ClickFix infostealer attack

Laura FrenchMay 29, 2026

The attack leverages a polyglot file, heavy obfuscation and fileless execution to evade detection.

RESOURCES

Identity
Laying the groundwork: A practical path to identity security for AI agents
Identity
A new identity class: Why AI agents require runtime control
Application security
APIs under pressure: How AI is rewriting the rules of enterprise security
SASE
Next-generation enterprise defense: Managing risk in the age of agentic AI
Managed Security Services
The CISO shortage: Finding leadership without a leader

PODCASTS

Vulnerability Management
Linux Supply Chain How-To – PSW #928
Leadership
What Security Leaders Should Expect from RSAC – Joseph Blankenship – BSW #449
Vulnerability Management
Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland – SWN #584
Application security
AppSec Conversations on Agents, LLMs, and OWASP from RSAC – Scott Clinton, Janet Worthington, Merritt Maxim – ASW #384
AI/ML
Visibility with EDR/MDR is still important, ‘the basics’ are impossible, and the news – Rob Allen – ESW #460

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Futuristic Digital Padlock and Cyber Security Concept with Binary Data Streams

IBM, Red Hat launch Project Lightwell to secure open-source software

Steve ZurierMay 28, 2026

IBM and Red Hat launch $5 billion effort to secure open-source software supply chains.

Cisco study finds major frontier models susceptible to multi-turn prompt injection attacks

Laura FrenchMay 28, 2026

Single-turn attack success rates are not a reliable benchmark for model safety, Cisco concludes.

AI agent data tools and workflow automation concept with businessman typing on laptop and interacting with digital process interface for artificial intelligence development, integration, productivity

Application security

OWASP launches FinBot to help developers secure AI agents

OWASP GenAI Security Project Team May 28, 2026

OWASP’s FinBot gives developers hands-on training to secure AI agents.

Secure By Design Pledge

Vulnerability Management

CISA adds LiteSpeed cPanel plugin bug to exploited vulnerabilities list

Steve ZurierMay 27, 2026

CISA warns of exploited LiteSpeed flaw putting shared hosting at risk.

Threat Management

Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor

Laura FrenchMay 27, 2026

Career-themed phishing lures targeted employees of US domestic airlines during Operation Epic Fury.

Drupal website. Drupal is a free and open-source web content management system (CMS) written in PHP.

Vulnerability Management

Drupal bug added to CISA list of known exploited vulnerabilities

Steve ZurierMay 26, 2026

Drupal SQL injection flaw CVE-2026-9082 added to CISA KEV as active attacks target sites.

Vulnerability Management

You can now nominate vulnerabilities for CISA’s KEV with this form

Laura FrenchMay 22, 2026

CISA seeks to engage the wider community to more quickly identify active exploitation.

Vulnerability Management

Cisco patches critical 10.0 flaw in Secure Workload APIs

Steve ZurierMay 22, 2026

Cisco patches critical 10.0 API flaw in Secure Workload platform.

EVENTS