The release of Hexstrike-AI marks a turning point in the cybersecurity landscape. The framework, billed as a next-generation tool for red teams and researchers, is capable of orchestrating over 150 specialized AI agents, capable of autonomously conducting scans, exploitation, and persistence on targets. However, within hours of its release, it became the subject of discussion on the dark web, where several actors attempted to use it to target zero-day vulnerabilities, aiming to install webshells for unauthenticated remote code execution. Hexstrike-AI was billed as a “revolutionary AI-based offensive security framework,” designed to combine professional tools and autonomous agents. However, its release quickly sparked

Microsoft today introduced POML (Prompt Orchestration Markup Language), a new markup language for prompt orchestration and specifically designed to enable rapid and structured prototyping of large language models (LLMs). POML aims to address the limitations of traditional prompt development—often characterized by lack of structure, complex data integration, and format sensitivity—by offering a modular, readable, and maintainable approach. However, its introduction has sparked lively debate: some see it as a step forward in prompt engineering, while others see it as nothing more than a “reimagining” of XML, with a complexity that could reduce its practical adoption. Syntactically, POML is similar to HTML: it

A unified and secure approach to support digital transformation, enable hybrid working, and reduce operational complexity. By Federico Saraò, Specialized System Engineer SASE, Fortinet Italy The nature of a company’s digital operations has changed dramatically over the last decade. The traditional office terminal work model has been completely revolutionized to make way for a dynamic model where business activities are increasingly distributed throughout both inside and outside the workplace, and therefore need to be able to be performed promptly from any type of terminal. To ensure this operational flexibility, it is absolutely necessary for companies to migrate to a new architectural model

The hacker group LunaLock has added a new element to the classic extortion scheme, preying on the fears of artists and clients. On August 30, a message appeared on the Artists&Clients website, which connects independent illustrators with clients: the attackers reported the theft and encryption of all data on the resource. The hackers promised to publish the site’s source code and users’ personal information on the darknet if the owner didn’t pay $50,000 in cryptocurrency. But the main lever was the prospect of transferring the stolen works and information to companies that train neural networks for inclusion in training sets. The site

Automaker Jaguar Land Rover (JLR) announced that it was forced to disable several systems due to a hacker attack. The incident appears to have impacted the automaker’s manufacturing and retail operations. “JLR has been impacted by a cyber incident. We have taken immediate action to mitigate the impact by preemptively shutting down our systems,” the company said in a statement. “There is currently no evidence of customer data theft, however, our retail and manufacturing operations have suffered significant disruption.” JLR also said it is currently working on a controlled restart of all global applications. The company did not provide a specific timeline

The record for the largest DDoS attack ever recorded in June 2025 has already been broken. Cloudflare said it recently blocked the largest DDoS attack in history, which peaked at 11.5 Tbps. “Cloudflare’s defenses are operating nonstop. Over the past few weeks, we’ve blocked hundreds of hyper-volume DDoS attacks, the largest of which peaked at 5.1 billion packets per second and 11.5 Tbps,” Cloudflare said. According to the company, the attack was a UDP flood originating from multiple cloud and IoT providers, including Google Cloud. Cloudflare representatives said they plan to publish a detailed report on the incident in the near future.

The global data center industry is preparing for a sharp increase in computing platforms for AI demands. According to Goldman Sachs, installed data center capacity will grow by approximately 50% by 2027, and electricity consumption will double by 2030. At the same time, analysts explicitly state that they are closely monitoring signs of overheating: mass adoption of AI could fall short of current expectations if monetization fails or if cheaper innovations emerge that make the models a commodity. Currently, global data center capacity is approximately 62 GW. Cloud workloads account for 58%, traditional enterprise workloads 29%, and artificial intelligence 13%. By comparison,

A data intrusion was detected by Cloudflare, where an experienced attacker was able to access and steal sensitive customer data from the company’s Salesforce instance. The breach was part of a larger supply chain attack that exploited a vulnerability in the Salesloft Drift chatbot integration, affecting hundreds of organizations worldwide. It is important to note that in addition to CloudFlare, the following organizations were also victims of this supply chain incident: The incident that hit Cloudflare, along with leading companies such as Palo Alto Networks, Zscaler, and even Google, demonstrates how a single point of vulnerability in a cloud SaaS platform can

This week, a proof-of-concept exploit was published for CVE-2025-53772, a critical remote code execution vulnerability in Microsoft’s IIS Web Deploy (msdeploy) tool, which has raised urgent alarms in the .NET and DevOps communities. CVE-2025-53772 is a critical RCE vulnerability in the msdeploy.axd and msdeployagentservice endpoints of Microsoft Web Deploy, caused by insecure deserialization of HTTP header data in GZip + Base64 format. Allows an authenticated attacker to remote code execution. Microsoft has assigned a CVSS score of 8.8 for CVE-2025-53772. Immediate mitigations include disabling the Web Deploy Agent (MsDepSvc) service, applying strict network ACLs on the msdeploy.axd endpoint, and applying inbound filters

Chinese company Tencent has made public the source code of a new set of Hunyuan-MT language models, specially optimized for translation tasks. The developers claim that the algorithms perform better than Google Translate in the popular WMT25 benchmark. The set comprises four models, including two flagship models: Hunyuan-MT-7B and Hunyuan-MT-Chimera-7B, each containing 7 billion parameters. Two compressed versions are also presented, which use less memory but operate with a slight loss in translation quality. Tencent used four datasets for training. Two of them included texts in 33 languages without translation, while the other two included several million sentence pairs and their translations.