Today, we’re announcing Sec-Gemini v1, a new experimental AI model focused on advancing cybersecurity AI frontiers. As outlined a year ago, defenders face the daunting task of securing against all …
Category:
Safety & Security
Safety & Security
Alert: Exploit available to threat actors for SAP S/4HANA critical vulnerability
by David Walker
“This vulnerability could fill in an important gap in an attacker’s arsenal to attack these systems,” he added. “They will still need some credentials, but they could be low-level credentials …
Safety & Security
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security
by David Walker
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many …
Safety & Security
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers
by David Walker
Sep 03, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to …
Managing safety with spreadsheets, email chains, and scattered documents isn’t just frustrating—it’s risky. If you’ve ever lost track of a deadline, missed an inspection, or felt overwhelmed by manual processes, …
For those of you who follow my blog posts but are not prepared to pay a SafetyAtWorkBlog subscription (you know who you are 😁), I have produced a daily audio …
Posted by Jasika Bawa, Andy Lim, and Xinghui Lu, Google Chrome Security Tech support scams are an increasingly prevalent form of cybercrime, characterized by deceptive tactics aimed at extorting money …
Safety & Security
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
by David Walker
“The fundamental issue here is that key pieces of our critical infrastructure, for example network technologies like core routers, remain far too easy to compromise and gain persistence on,” said …
Safety & Security
Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security
by David Walker
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited …
Safety & Security
Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
by David Walker
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate …