IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 310 of 902
Articles – Threat Beat ·

The Justice Department on Monday said it has arrested four people in the Los Angeles area for allegedly working together on a bomb plot that was set to take place around the city on New Year’s...

Critical Manufacturing Communications News
Articles – Threat Beat ·

Audio streaming platform SoundCloud has confirmed that outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database exposing...

Communications Defense Industrial Base News
Articles – Threat Beat ·

As the rest of the world rushes to harness the power of artificial intelligence, militant groups also are experimenting with the technology, even if they aren’t sure exactly what to do with it....

Communications Defense Industrial Base News
Articles – Threat Beat ·

The Space Force intends to go solo in developing a follow-on to the classified SILENTBARKER space surveillance constellation currently operated in tandem with the National Reconnaissance Office...

Communications Defense Industrial Base News
The Register - Security ·

Adult site, streaming platform, and Japanese retailer expose user info, but not credentials Three very different companies have now confirmed data breaches affecting millions of users – each...

Commercial Facilities Transportation Systems
Schneier on Security ·

New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: China is already the world’s largest exporter of AI powered surveillance technology;...

Energy Uncategorized AI
CERT Polska ·

CERT Polska has received a report about 3 vulnerabilities (from CVE-2025-65074 to CVE-2025-65076) found in WaveStore Server software.

CVE vulnerability
The Register - Security ·

New spy boss says officers must master code alongside tradecraft as agency navigates 'space between peace and war' MI6's new chief Blaise Metreweli outlined her vision for technology-augmented...

The Hacker News ·

Google has announced that it's discontinuing its dark web report tool in February 2026, less than two years after it was launched as a way for users to monitor if their personal information is...

Information Technology
Securelist ·

Kaspersky researchers describe how they gained access to a vehicle's head unit by exploiting a single vulnerability in its modem.

ToddyCat Hacking Team Critical Manufacturing Communications Research Vulnerabilities and exploits
WeLiveSecurity ·

A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Financial Services ESET research
Cyble ·

Last week’s reports from Cyble Research & Intelligence Labs (CRIL) to clients highlighted new flaws from December 03 through December 09, 2025, including newly disclosed IT vulnerabilities, ICS...

Critical Manufacturing Energy Vulnerability Vulnerability Management
Tenable Blog ·

Many EDR vendors are retrofitting their tools and slapping an “exposure management” label on them. Don’t be fooled. These offerings often conceal unexpected costs and create dangerous blind spots....

Information Technology Financial Services
The Register - Security ·

PwC supports clients across the full cyber lifecycle Sponsored Post Managing cybersecurity risk has never been simple, but in today's threat landscape it can also become a source of strength. PwC...

Information Technology
The Register - Security ·

Bum note for 20 percent of users whose data leaked Music hosting and streaming service SoundCloud has admitted it suffered a cyberattack.…

Project Zero ·

While on Project Zero, we aim for our research to be leading-edge, our blog design was … not so much. We welcome readers to our shiny new blog! For the occasion, we asked members of Project Zero...

Project Zero ·

Preface Hello from the future! This is a blogpost I originally drafted in early 2017. I wrote what I intended to be the first half of this post (about escaping from the VM to the VirtualBox host...

Project Zero ·

This post was originally written in 2016 for the Project Zero blog. However, in the end it was published separately in the journal PoC||GTFO issue #13 as well as in the second volume of the...

Maxwell Dulin's Resources ·

The Comet browser has an extension built in that lets an AI agent perform any browser tasks a user can. Of course, driven by prompts. Under the hood, Comet has an extension that runs in the...

The Register - Security ·

'Sustained focus on Western critical infrastructure' Russia's Main Intelligence Directorate (GRU) is behind a years-long campaign targeting energy, telecommunications, and tech providers, stealing...

Energy Communications
Maxwell Dulin's Resources ·

An AI browser agent architecture works by granting a privileged origin control of the browser through an agent interface. In the case of Atlas, the focus of this post, they relied on the Mojo IPC...

Chromium Transportation Systems
The Hacker News ·

A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like...

Information Technology
Cyber Security Advisories - MS-ISAC ·

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these...

Maxwell Dulin's Resources ·

Clickjacking is a classic attack in which an iframe is embedded within another website's content, transparently, to trick the user into interacting with that website. This article describes a...

Food and Agriculture
Maxwell Dulin's Resources ·

Inline cache is an optimization in the V8 browser engine that speeds up property access. When a function is invoked, Ignition compiles it into bytecode, collecting profiling and feedback each time...

Chromium Energy
Maxwell Dulin's Resources ·

Jane Street is a quantitative trading firm that takes code quality seriously. One of the significant ways to improve code quality is through tests, as they act as documentation, a reminder of...

Information Technology
The Hacker News ·

Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass...

Information Technology
Maxwell Dulin's Resources ·

Web3 has three key steps that almost every serious project does: write good tests, get audits/contests on the codebase, and start a bug bounty program. This has substantially reduced the number of...

Financial Services
Threats | CyberScoop ·

The federal government contractor admits it made multiple mistakes in the hiring and firing of Muneeb and Sohaib Akhter. The post Opexus claims background checks missed red flags on twins accused...

Government Facilities Cybercrime Cybersecurity
SECURITY.COM ·

How scalable DLP data discovery accelerates compliance and reduces operational drag

Financial Services Information Technology