ChannelLife US - Industry insider news for technology resellers
United States

Threat modelling Stories

American Stories

Threat modelling stories

Global Stories

Threat modelling stories

Windows 11 sandbox flaw lets attackers escape with one click
Application Security

Windows 11 sandbox flaw lets attackers escape with one click

Microsoft patched a CVE-2025-59199 flaw in October after researchers showed a single click could let low-integrity code escape Windows 11's sandbox.

By Joseph Gabriel Lagonsin 4 min read Last week
MIND first data security firm in Anthropic cyber scheme
Data Protection

MIND first data security firm in Anthropic cyber scheme

Broader Claude access should help MIND sharpen data discovery and loss prevention for customers, after it joined Anthropic's cyber scheme.

By Sofiah Nichole Salivio 3 min read Last month
OpenSSF adds five members & new security resources
Application Security

OpenSSF adds five members & new security resources

Members are backing tougher open source security as OpenSSF expands guidance on regulation, Python coding and AI-driven vulnerability tools.

By Sofiah Nichole Salivio 4 min read Last month
Anthropic model can chain bugs into exploits, Cloudflare
Cloud Security

Anthropic model can chain bugs into exploits, Cloudflare

The findings suggest AI-assisted bug hunting is edging closer to practical exploitation, raising the stakes for software teams racing to patch flaws.

By Mark Tarre 4 min read Last month
Sweet launches AI red-team agent to test attack paths
Cloud Security

Sweet launches AI red-team agent to test attack paths

Security teams under pressure to prove real exploitability can now test live production systems for attack paths rather than theoretical flaws.

By Sofiah Nichole Salivio 4 min read Last month
Integrated Quantum launches Kaggle test of VEIL anonymity
Data Protection

Integrated Quantum launches Kaggle test of VEIL anonymity

The public test could bolster or undermine claims that VEIL can anonymise sensitive AI data without letting outsiders recover the original records.

By Sean Mitchell 4 min read Last month
JupiterOne launches tools for AI attack surface risk
Software-as-a-Service

JupiterOne launches tools for AI attack surface risk

JupiterOne rolls out AI attack surface and vulnerability tools to help security teams map links, prioritise flaws and cut through alert overload.

By Joseph Gabriel Lagonsin 4 min read Last month
KnowBe4 partners Secure Code Warrior on AI training
Data Protection

KnowBe4 partners Secure Code Warrior on AI training

Organisations using AI in software development will get training on secure coding and governance as vulnerabilities and data risks mount.

By Mark Tarre 4 min read Last month
OpenAI launches GPT-5.5-Cyber for vetted defenders
Firewalls

OpenAI launches GPT-5.5-Cyber for vetted defenders

Vetted security teams will get fewer refusals on authorised tasks as OpenAI tightens access around its most permissive cyber model.

By Mark Tarre 4 min read Last month
Tenable finds GitHub workflow flaw in Microsoft repo
DevOps

Tenable finds GitHub workflow flaw in Microsoft repo

A flaw in a widely watched Microsoft repository could have let attackers run code and steal secrets through GitHub Actions, Tenable said.

By Mark Tarre 4 min read Last month
Banks leave databases open to AI attack, says Liquibase
Application Security

Banks leave databases open to AI attack, says Liquibase

Banks could face undetected ledger and pricing changes as autonomous AI attacks exploit poorly governed databases, Liquibase warns.

By Karen Joy Bacudo 4 min read Wed, 29th Apr 2026
Google flags urgency as AI reshapes cyber threats
Digital Transformation

Google flags urgency as AI reshapes cyber threats

Patching delays now carry greater risk as Google says AI is helping attackers scale intrusions, speed up breaches and automate operations.

By Sean Mitchell 5 min read Tue, 28th Apr 2026
Bitdefender warns journalists on phishing & source safety
Malware

Bitdefender warns journalists on phishing & source safety

Reporters face rising risks from phishing, spyware and device compromise as Bitdefender urges tighter source protection and account security.

By Sofiah Nichole Salivio 4 min read Tue, 28th Apr 2026
Wiz expands AI security coverage across cloud & edge
Hyperscale

Wiz expands AI security coverage across cloud & edge

Customers gain broader visibility into AI risks as Wiz adds cloud, edge and coding-tool coverage, with Red Agent now in public preview.

By Sean Mitchell 4 min read Fri, 24th Apr 2026
LangWatch launches open-source tool for AI red-teaming
Data Protection

LangWatch launches open-source tool for AI red-teaming

The framework is designed to expose hidden risks in production AI systems that can be missed by conventional one-off tests.

By Sean Mitchell 4 min read Tue, 21st Apr 2026

Stories from Other Regions

Threat modelling stories

KnowBe4 adds AI secure coding training with partner
Data Protection

KnowBe4 adds AI secure coding training with partner

Organisations using AI-assisted development can now get specialist secure coding training as KnowBe4 expands its library for technical teams.

By Joseph Gabriel Lagonsin 4 min read Last month
WitFoo opens 100 million-record cyber attack dataset
Data Science

WitFoo opens 100 million-record cyber attack dataset

Researchers can now train on live attack traffic after a new open-source dataset adds 100 million labelled security records from production systems.

By Kaleah Salmon 4 min read Mon, 20th Apr 2026