Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Blog

Byadmblake June 22, 2026

Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily read artificial intelligence (AI) conversions from other customers’ applications without requiring authentication. The vulnerabilities have been collectively codenamed DifyTap by Zafran Security.

The vulnerabilities have been collectively codenamed DifyTap by Zafran Security.

Blog

Nation-State Threats Put SMBs in Their Sights

Cyberthreat groups increasingly see small and medium-sized businesses, especially those with links to larger businesses, as the weak link in the supply chain for software and IT services.

Read More Nation-State Threats Put SMBs in Their Sights
Blog

An industry first: Sophos Firewall and NDR Essentials

Sophos Firewall is once again pioneering new innovations.

Read More An industry first: Sophos Firewall and NDR Essentials
Blog

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

Cybersecurity researchers have flagged a new phishing campaign that’s using fake voicemails and purchase orders to deliver a malware loader called UpCrypter. The campaign leverages “carefully crafted emails to deliver malicious URLs linked to convincing phishing pages,” Fortinet FortiGuard Labs researcher Cara Lin said. “These pages are designed to entice recipients into downloading JavaScript

Read More Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
Blog

CISO’s Expert Guide To AI Supply Chain Attacks

AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations. Download the full CISO’s expert guide to AI Supply chain attacks here. TL;DR AI-enabled supply chain attacks are exploding in scale and sophistication – Malicious package uploads to open-source repositories jumped…

Read More CISO’s Expert Guide To AI Supply Chain Attacks
Blog

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

It’s Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. Elsewhere

Read More Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms
Blog

Insight Partners, VC Giant, Falls to Social Engineering

The startup incubator and PR firm with holdings in more than 70 cybersecurity firms has announced a data breach with as-yet-unknown effects.

Read More Insight Partners, VC Giant, Falls to Social Engineering

Related