Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

WebMCP explained: Inside Chrome 146’s agent-ready web preview

WebMCP exposes structured website actions for AI agents. See how it works, why it matters, and how to test it in Chrome 146.

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

Nokia expands Network as Code ecosystem, advances API-based agentic AI with Google Cloud #MWC26

Nokia expands Network as Code ecosystem, advances API-based agentic AI with Google Cloud #MWC26The growing list of telecommunication providers ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
CoinDesk

Vitalik Buterin reveals his bold new plan to fix Ethereum’s scaling problem

The new post reflects Buterin’s renewed focus on scaling Ethereum’s base layer, after several years in which much of the ecosystem’s scaling strategy centered on layer-2 rollups.
Forbes

Top Website Statistics For 2025

Katherine Haan, MBA, is a Senior Staff Writer for Forbes Advisor and a former financial advisor turned international bestselling author and business coach. For more than a decade, she’s helped small ...