Toggle light / dark theme

Hackers are utilizing the WordPress mu-plugins (“Must-Use Plugins”) directory to stealthily run malicious code on every page while evading detection.

The technique was first observed by security researchers at Sucuri in February 2025, but adoption rates are on the rise, with threat actors now utilizing the folder to run three distinct types of malicious code.

“The fact that we’ve seen so many infections inside mu-plugins suggests that attackers are actively targeting this directory as a persistent foothold,” explains Sucuri’s security analyst Puja Srivastava.

Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components.

The issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has them active by default.

Linux user namespaces allow users to act as root inside an isolated sandbox (namespace) without having the same privileges on the host.

Microsoft has removed the ‘BypassNRO.cmd’ script from Windows 11 preview builds, which allowed users to bypass the requirement to use a Microsoft Account when installing the operating system.

This change was introduced in the latest Windows 11 Insider Dev preview build, which means it will likely be coming to production builds.

“We’re removing the bypassnro.cmd script from the build to enhance security and user experience of Windows 11,” reads the Windows 11 Insider Preview Build 26200.5516 release notes.

AI agents need two things to succeed in this space: infinite scalability and the ability to connect agents from different blockchains. Without the former, agents do not have infrastructure with sufficient capacity to transact. Without the latter, agents would be off on their own island blockchains, unable to truly connect with each other. As agent actions become more complex on chain, more of their data will also have to live on the ledger, making optimizing for both of these factors important right now.

Because of all of this, I believe the next frontier of AI agents on blockchains is in gaming, where their training in immersive worlds will inevitably lead to more agentic behavior crossing over to non-gaming consumer spaces.

If the future of autonomous consumer AI agents sounds scary, it is because we have not yet had a way to independently verify LLM training models or the actions of AI agents so far. Blockchain provides the necessary transparency and transaction security so that this inevitable phenomenon can operate on safer rails. I believe the final home for these AI agents will be Web3.

Our machines will be smart enough and eventually we will through intelligence enhancement.


For over a century, Einstein’s theories have been the bedrock of modern physics, shaping our understanding of the universe and reality itself. But what if everything we thought we knew was just the surface of a much deeper truth? In February 2025, at Google’s high-security Quantum A-I Campus in Santa Barbara, a team of scientists gathered around their latest creation — a quantum processor named Willow. What happened next would leave even Neil deGrasse Tyson, one of the world’s most renowned astrophysicists, in tears. This is the story of how a cutting-edge quantum chip opened a door that many thought would remain forever closed, challenging our most fundamental beliefs about the nature of reality. This is a story you do not want to miss.

Whether it’s CRMs, project management tools, payment processors, or lead management tools — your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more.

A new report, Understanding SaaS Security Risks: Why CASB Solutions Fail to Cover ‘Shadow’ SaaS and SaaS Governance, highlighting the pressing security challenges faced by enterprises using SaaS applications. The research underscores the growing inefficacy of traditional CASB solutions and introduces a revolutionary browser-based approach to SaaS security that ensures full visibility and real-time protection against threats.

Below, we bring the main highlights of the report. Read the full report here.

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor’s cloud platform.

The potential impact of the security problems has been assessed as severe because they could be used in attacks that could at least influence grid stability, and affect user privacy.

In a grimmer scenario, the vulnerabilities could be exploited to disrupt or damage power grids by creating an imbalance between power generation and demand.

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser’s sandbox on Windows systems.

Tracked as CVE-2025–2857, this flaw is described as an “incorrect handle could lead to sandbox escapes” and was reported by Mozilla developer Andrew McCreight.

The vulnerability impacts the latest Firefox standard and extended support releases (ESR) designed for organizations that require extended support for mass deployments. Mozilla fixed the security flaw in Firefox 136.0.4 and Firefox ESR versions 115.21.1 and 128.8.1.

Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.

Last week, a person named ‘rose87168’ claimed to have breached Oracle Cloud servers and began selling the alleged authentication data and encrypted passwords of 6 million users. The threat actor also said that stolen SSO and LDAP passwords could be decrypted using the info in the stolen files and offered to share some of the data with anyone who could help recover them.

The threat actor released multiple text files consisting of a database, LDAP data, and a list of 140,621 domains for companies and government agencies that were allegedly impacted by the breach. It should be noted that some of the company domains look like tests, and there are multiple domains per company.

Researchers from the University of Science and Technology of China (USTC) of the Chinese Academy of Sciences revealed that not all forms of quantum nonlocality guarantee intrinsic randomness. They demonstrated that violating two-input Bell inequalities is both necessary and sufficient for certifying randomness, but this equivalence breaks down in scenarios involving multiple inputs. The study is published in Physical Review Letters.

Quantum mechanics is inherently probabilistic, and this intrinsic has been leveraged for applications like random number generation. However, ensuring the security of these random numbers in real-world scenarios is challenging due to potential vulnerabilities in the devices used.

Bell nonlocality, where particles exhibit correlations that cannot be explained by classical physics, offers a way to certify randomness without trusting the devices. Previous studies have shown that violating Bell inequalities can certify randomness in simple two-input, two-output systems. However, the applicability of this principle to more complex, multiple-input, multiple-output (MIMO) systems has been unclear.