Latest Updates
Security and municipal technology
Recent developments that may affect networks, public services, critical infrastructure, employees, Microsoft environments, and technology planning.
AI & Technology
Claude Chrome extension flaw lets malicious extensions trigger AI actions
A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to abuse Claude's access to connected services such as Gmail, Google Docs, Google Calend…
Read the original article →
Security News
New OkoBot framework deploys 20 payloads to steal data, crypto
A new malicious framework called OkoBot is delivering more than 20 payloads in attacks focused on stealing cryptocurrency wallet seed phrases, credentials, and other sensitive data. [...]
Read the original article →
Government Technology
States review satellite BEAD locations after new broadband data changed eligibility
After making more federal broadband funding open to satellite internet deployments, the NTIA is now asking some states to review their project lists.
Read the original article →
Microsoft Security
Least privilege for AI agents: Identity, access, and tool binding
As AI agents become more autonomous, strong identity, access, and auditing controls are critical to keeping them secure. The post Least privilege for AI agents: Identity, access, and tool binding appeared first on Microsoft Security Blog.
Read the original article →
AI & Technology
AI Agents Broke the Security Playbook. Here's What Replaces It.
Traditional security workflows were built for environments that changed at human speed. Token Security explains why AI agents require a new approach: building on a live identity foundation while giving security teams the flexibility to create workflows tailored to…
Read the original article →
Security News
Scattered Spider members behind TfL hack get five years in prison
Two leading members of the Scattered Spider cybercrime collective were sentenced to five years and six months in prison each for hacking Transport for London (TfL) in 2024. [...]
Read the original article →
Microsoft Security
Windows 11 24H2 Home and Pro reach end of support in 90 days
Microsoft announced on Wednesday that systems running Windows 10 Enterprise LTSB 2016 and Home and Pro editions of Windows 11 24H2 will stop receiving updates in three months. [...]
Read the original article →
Actively Exploited
CISA orders feds to patch actively exploited Oracle flaw by Saturday
CISA has ordered federal agencies to secure their systems by Saturday against ongoing attacks exploiting a critical vulnerability in the Oracle E-Business Suite financial application. [...]
Read the original article →
Microsoft Security
Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery
Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This analysis breaks down the attack chain, payload delivery, and recommended defenses. The post Unpacking the AsyncAPI npm supply chain compromis…
Read the original article →
Public Sector Security
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the lo…
Read the original article →
Microsoft Security
Turning threat intelligence into decisive action with Defender Experts
Security teams have never had more visibility, yet rarely have they felt more uncertain. Signal pours in from endpoints, identities, cloud workloads, and a sprawling mix of third-party tools. The post Turning threat intelligence into decisive action with Defender…
Read the original article →
Government Technology
Pennsylvania launches measles data dashboard
Pennsylvania's new measles dashboard features details such as total case numbers and hospitalization rates at the county level.
Read the original article →
Government Technology
As wildfire satellites enter orbit, early adopter states prepare for new data
Newly launched satellites can detect relatively small blazes, giving emergency responders earlier situational awareness during the critical first stages of an ignition.
Read the original article →
Municipal Security
Arizona’s new regional cyber center a ‘force multiplier’ for local governments, students
A new regional security operations center, run from two community college locations, is the latest piece of Arizona's plan to bolster the cyber defense of under-resourced local governments and build a talent pipeline.
Read the original article →
Public Sector Security
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe After Effects is a digital visual effects and motion graphics application used for creating cinematic movie titles, transitions…
Read the original article →
Microsoft Security
Critical Patches Issued for Microsoft Products, July 14, 2026
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the…
Read the original article →
Microsoft Security
Defending SaaS-based applications against ShinyHunters OAuth abuse
Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ShinyHunters, including voice phishing (vishing), supply-chain compromise, and misconfigured guest access targeting SaaS-based applications. The pos…
Read the original article →
Government Technology
Mamdani’s new ‘PIT Crew’ tech teams to help New York agencies improve digital services
New York's PIT Crew initiative will pair teams of in-house technologists with city agencies to solve problems with digital services solutions.
Read the original article →