critical infrastructure

Found fast, fixed slow: The gap the AI clearinghouse must close
A new AI cybersecurity clearinghouse, mandated by a recent executive order, faces the critical challenge of moving beyond rapid vulnerability discovery to effective remediation. While AI can quickly identify software flaws, the process of validating, prioritizing, and patching these issues remains a significant bottleneck, particularly for open-source software. The clearinghouse must focus on building infrastructure for triage, incentivizing maintainer and user collaboration, and leveraging Software Bills of Materials (SBOMs) to ensure vulnerabilities are actually fixed.

'BusySnake' Infostealer Slithers Into Critical Infrastructure Networks
A sophisticated information-stealing malware known as 'BusySnake' has been observed targeting critical infrastructure. Threat actors identified as 'Armored Likho' have successfully infiltrated government and electrical power organizations across Russia, Brazil, and Kazakhstan.