Cybercriminals still allowed to walk into office blocks and convince staff to let them plug in their own thumb drives
Veeam security advisory (AV26-513)
[Control Systems] Phoenix Contact Security Advisory (AV26-514)
Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a coordinated SEO poisoning operation that also manipulated AI chatbot...
GitHub security advisory (AV26-512)
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent...
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate....
Xage Security announced major enhancements to its Zero Trust for Artificial Intelligence (AI) platform, providing a jailbreak-proof security... The post Xage expands Zero Trust for AI platform to...
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee...
Hitachi security advisory (AV26-511)
Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams.
CERT-In says internet-facing or critical systems should be patched, mitigated, or cut off within half a day where feasible
Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container...
Wir haben Hinweise darauf, dass die Ransomware-Gruppe Qilin Initial Access von Akteur:innen der ZipLine-Phishing-Kampagne erwirbt und für eigene Verschlüsselungs- und Erpressungsoperationen...
The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Lots of interesting statistics. Press release. News articles.
Talos researchers find 4 heap-based buffer overflow vulnerabilities in MediaArea's MediaInfoLib.
Make your mark on the call-for-proposal platform
Artificial intelligence (AI) is changing the shape of the application attack surface. A traditional application assessment usually starts with familiar questions, such as:
Wiz CIRT and Wiz Research detail JINX-0164, a threat actor using LinkedIn social engineering, custom macOS malware, and CI/CD hijacking to target cryptocurrency organizations.
CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of...
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a revised schedule for virtual town hall meetings on... The post CISA sets June town hall meetings on CIRCIA cyber...
The U.S. National Institute of Standards and Technology (NIST) released Special Publication 800-238, the FY 2025 Annual Report... The post NIST FY2025 report highlights cybersecurity and privacy...
Football fans are increasingly targeted by scams exploiting club loyalty, national teams, football collectibles, streaming demand, and the growing excitement around the FIFA World Cup 2026,...
Tenable Research has developed a graph-based model linking 600+ threat groups to real-world customer exposures. It reveals which vulnerabilities sit at the intersection of severity, active...
How Wiz helps organizations adopt an AI Operating Model for AI Threat Readiness
CERT Polska has received a report about 3 vulnerabilities (CVE-2026-35087, CVE-2026-35089 and CVE-2026-35090) found in Slican telephone exchanges software.
EvidenceForge generates high-quality, realistic, and consistent datasets across multiple log formats, enabling teams to effectively train personnel and validate detection models without the need...
Strong Active Directory passwords don't have to come at the expense of usability. Specops Software explains how passphrases, breached password protection, and self-service resets can improve...
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana...