Loading…

Whats The Hax?

Daily intelligence on threats, breaches, and defenders

Latest
Security LatestA Bipartisan Amendment Would End Police License Plate Tracking NationwideFor [Blue|Purple] Teams in Cyber DefenceGitHub’s Fake Engagement Problem Is Hiding in Plain SightFor [Blue|Purple] Teams in Cyber DefenceStatecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR)BleepingComputerUkraine identifies infostealer operator tied to 28,000 stolen accountsBleepingComputerHackers bypass SonicWall VPN MFA due to incomplete patchingReverse EngineeringGeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam)cybersecuritySecond Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltrationhacking: security in practicewordpress memberpresscybersecurityCybercrime service disrupted for abusing Microsoft platform to sign malwareDavid BombalMouse disappearing in Kali? Fix it 2026 (VMWare Workstation Pro)For [Blue|Purple] Teams in Cyber DefenceZer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triageLatest newsLinus Torvalds admits he has a 'love-hate relationship with AI'Security - Ars TechnicaGoogle publishes exploit code threatening millions of Chromium usershacking: security in practiceThe Open Source USB Drive Built for PrivacycybersecurityIs there no more privacy left in the world?Reverse EngineeringAI Agents defeat obfuscated JavaScript in 10 minutesLatest newsYou can get $1,500 off Samsung's 85-inch Frame Pro TV - but hurrycybersecurityMicrosoft Edge had a password blunder, and it raises a bigger browser trust problemcybersecurityHuawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms networkLatest newsThese 8 Kindle models just lost support, but that doesn't make them obsoleteSecurity LatestA Bipartisan Amendment Would End Police License Plate Tracking NationwideFor [Blue|Purple] Teams in Cyber DefenceGitHub’s Fake Engagement Problem Is Hiding in Plain SightFor [Blue|Purple] Teams in Cyber DefenceStatecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR)BleepingComputerUkraine identifies infostealer operator tied to 28,000 stolen accountsBleepingComputerHackers bypass SonicWall VPN MFA due to incomplete patchingReverse EngineeringGeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam)cybersecuritySecond Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltrationhacking: security in practicewordpress memberpresscybersecurityCybercrime service disrupted for abusing Microsoft platform to sign malwareDavid BombalMouse disappearing in Kali? Fix it 2026 (VMWare Workstation Pro)For [Blue|Purple] Teams in Cyber DefenceZer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triageLatest newsLinus Torvalds admits he has a 'love-hate relationship with AI'Security - Ars TechnicaGoogle publishes exploit code threatening millions of Chromium usershacking: security in practiceThe Open Source USB Drive Built for PrivacycybersecurityIs there no more privacy left in the world?Reverse EngineeringAI Agents defeat obfuscated JavaScript in 10 minutesLatest newsYou can get $1,500 off Samsung's 85-inch Frame Pro TV - but hurrycybersecurityMicrosoft Edge had a password blunder, and it raises a bigger browser trust problemcybersecurityHuawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms networkLatest newsThese 8 Kindle models just lost support, but that doesn't make them obsolete

By Source

Feeds organized so you can skim by site.

Density Sort
SL
Security Latest
1h ago · 20 items
20 loaded
GitHub’s Fake Engagement Problem Is Hiding in Plain Sight 1h ago Statecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR) 1h ago Zer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triage 2h ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era 7h ago 5 credential access detection rules beyond LSASS — KQL + Sigma, production-ready 7h ago Remote Process Read Primitive via NtCreateThreadEx Exit Code 12h ago aimap: Discover Exposed AI Services 12h ago FalkorDB: A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation. 12h ago Why China Is Now a Peer Competitor to the United States in Cyberspace 13h ago nginx-rift-private-lab: Private Nginx Rift ASLR lab, exploit chain, and demo recordings 14h ago
20 loaded
BL
BleepingComputer
1h ago · 15 items
Ukraine identifies infostealer operator tied to 28,000 stolen accounts 1h ago The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California. Hackers bypass SonicWall VPN MFA due to incomplete patching 1h ago Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. Grafana breach caused by missed token rotation after TanStack attack 6h ago The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last week. Identity Alone Isn't Enough: Why Device Security Has to Share the Load 8h ago Identity checks alone can't stop attackers using stolen session tokens and compromised devices. Specops Software outlines why Zero Trust strategies increasingly depend on continuous device verification. Drupal critical update to fix bug with high exploitation risk 9h ago Drupal has announced a Exploit released for new PinTheft Arch Linux root escalation flaw 11h ago PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. GitHub confirms breach of 3,800 repos via malicious VSCode extension 13h ago GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. Microsoft shares mitigation for YellowKey Windows zero-day 14h ago Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. GitHub investigates internal repositories breach claimed by TeamPCP 16h ago GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed approximately 4,000 repositories containing private code. Max-severity flaw in ChromaDB for AI apps allows server hijacking 23h ago A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers.
15 loaded
RE
Reverse Engineering
1h ago · 20 items
GeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam) 1h ago AI Agents defeat obfuscated JavaScript in 10 minutes 3h ago What is it Wednesdays: Episode 0002 5h ago TinyLoad v5 - encrypted strings, obfuscated opmap, IAT wiping, payload depends on stub (implemented feedback from last post) 7h ago Tracing CVE-2026-34472 auth bypass through decompiled ZTE H188A firmware and Lua wizard routing 8h ago How to build .NET obfuscator 11h ago Math at Scale: Reversing The Construction Of The Perspective-Projection Matrix (Game Engine Reversing) 1d ago Deep dive into the object creation flow in Windows - PART 4: Handle table internals. 1d ago Tracing CVE-2026-34473 pre-auth DoS through decompiled CGILua request parsing in ZTE H-series firmware 1d ago Open-source Hermes bytecode decompiler for React Native apps (Rust) 1d ago
20 loaded
CY
cybersecurity
1h ago · 20 items
Second Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltration 1h ago Cybercrime service disrupted for abusing Microsoft platform to sign malware 1h ago Is there no more privacy left in the world? 3h ago Microsoft Edge had a password blunder, and it raises a bigger browser trust problem 3h ago Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network 3h ago Microsoft is pulling the plug on SMS codes, wants you to switch to passkeys 4h ago GitHub breach highlights developer tools as part of attack surface 5h ago Why do some malware use unique user-agent strings? 6h ago Encrypted emails bypassing email security tool 6h ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era 7h ago
20 loaded
HS
hacking: security in practice
1h ago · 20 items
20 loaded
DB
David Bombal
2h ago · 15 items
15 loaded
LN
Latest news
2h ago · 20 items
Linus Torvalds admits he has a 'love-hate relationship with AI' 2h ago Linux's creator sees AI as a double-edged sword for programmers. You can get $1,500 off Samsung's 85-inch Frame Pro TV - but hurry 3h ago For today only, when you order directly from Samsung, you can save $1,500 on the 85-inch Frame Pro TV. These 8 Kindle models just lost support, but that doesn't make them obsolete 4h ago Amazon just ended support for these Kindle ereaders and Fire tablets, making them unable to access the Kindle Store. How AI can trick you into making fake payments - 5 red flags 4h ago New Visa research calls AI-accelerated scams 'the fastest growing source of consumer harm.' Here's what you need to watch out for. 5 Memorial Day deals that are worth your time (including a Costco membership discount) 6h ago Memorial Day sales are here. I'm a shopping editor, and these are my favorite offers I've seen so far. Google says AI agents spending your money is a 'more fun' way to shop 6h ago Google's new Universal Cart consolidates products from multiple retailers into one place. Ubuntu Core 26 offers an immutable Linux you can trust through 2041 7h ago If your company wants to sell IoT or edge gear in the EU, Canonical's minimal, immutable distro is worth a serious look. 51% of professionals say AI workslop lowers their productivity - stop it in 2 steps 7h ago Professionals are concerned about the low quality of AI output. Preventing workslop requires two crucial steps. I wore Google's Android XR glasses again - and my limit-testing should scare Meta and Apple 8h ago My latest demos of the Android XR reference glasses and Project Aura show even more promise for Google's wearable lineup. 11 cheap gadgets we've found to be highly useful (and they're on sale) 8h ago Memorial Day weekend sales are here, but I'd buy these inexpensive gadgets any time of year. Here's why.
20 loaded
SA
Security - Ars Technica
2h ago · 20 items
Google publishes exploit code threatening millions of Chromium users 2h ago In stunning display of stupid, secret CISA credentials found in public GitHub repo 1d ago Bug bounty businesses bombarded with AI slop 2d ago Zero-day exploit completely defeats default Windows 11 BitLocker protections 6d ago Linux bitten by second severe vulnerability in as many weeks 8d ago Chaos erupts as cyberattack disrupts learning platform Canvas amid finals 12d ago Mozilla says 271 vulnerabilities found by Mythos have "almost no false positives" 13d ago Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack 15d ago Ubuntu infrastructure has been down for more than a day 19d ago GPT-5.5 matches heavily hyped Mythos Preview in new cybersecurity tests 19d ago
20 loaded
MS
Microsoft Security Blog
4h ago · 10 items
Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft 4h ago Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials across GitHub, AWS, Kubernetes, Vault, npm, a... Securing the gaming culture of cultures 6h ago Read about the unique challenges and rewards of securing gaming platforms and how to better protect gaming communities. Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow 7h ago The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrieving records from you... Exposing Fox Tempest: A malware-signing service operation 1d ago Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code, including ransomwa... How Storm-2949 turned a compromised identity into a cloud-wide breach 1d ago Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident shows how threat actors can exploit trusted systems to operate undetected. How to better protect your growing business in an AI-powered world 2d ago Read how built-in security helps keep small and medium businesses running, protect customer trust, and support growth in a new Microsoft whitepaper. Defense in depth for autonomous AI agents 6d ago As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. Kazuar: Anatomy of a nation-state botnet 6d ago Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations. Over time, Kazuar has expanded f... When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps 6d ago Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations lead to RCE and data leaks. Accelerating detection engineering using AI-assisted synthetic attack logs generation 7d ago What if you could generate realistic attack telemetry on demand? Explore research methods that translate attacker behaviors (TTPs) into synthetic logs that can trigger detections at scale and without sensitive data.
TH
The Hacker News
5h ago · 20 items
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development 5h ago Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks 7h ago Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API 9h ago Agent AI is Coming. Are You Ready? 10h ago GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos 10h ago Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem 11h ago Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit 13h ago Grafana GitHub Breach Exposes Source Code via TanStack npm Attack 16h ago Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps 1d ago DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability 1d ago
20 loaded
NE
NetworkChuck
5h ago · 15 items
15 loaded
CS
Cisco Security Advisory
6h ago · 20 items
Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability 6h ago A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP p... Cisco Secure Workload Unauthorized API Access Vulnerability 6h ago A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insuff... Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability 6h ago A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insu... Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability 6h ago A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Ci... Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense 1d ago On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential Compromise of Cisco Devices related to Cisco Secure Firewall Adaptiv... Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 6d ago May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability was disclosed in February 2026. This ... Cisco Catalyst SD-WAN Manager Vulnerabilities 6d ago Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more informat... Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory 6d ago Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the ... Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities 14d ago Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to execute arbitrary code on or conduct server-side request forgery (SSRF) attacks through an affected device. For more information about these vulnerabilities... Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability 14d ago A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a...
20 loaded
SE
SecurityWeek
6h ago · 10 items
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era 7h ago [ Removed by Reddit ] 7h ago CVE-2026-34472: Pre-auth credential exposure and auth bypass in ZTE H188A V6 routers 8h ago GitHub hit by a compromised VSCode extension 10h ago When Filenames Become Attack Surfaces: Weaponizing NASA's CFITSIO Extended Filename Syntax 13h ago We audited 12K n8n templates: most have critical vulnerabilities 16h ago Veilgate - Deception proxy 17h ago Sleeping Agent: Silent persistent C2 through Web Push 1d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security 1d ago How Storm-2949 turned a compromised identity into a cloud-wide breach 1d ago
20 loaded
HN
Help Net Security
7h ago · 10 items
Webworm APT targets European government organizations with new backdoors 7h ago ESET researchers uncover a Webworm APT threat campaign targeting Europe through trusted online services and tools. Verizon DBIR: Vulnerability exploitation is the dominant initial access vector 7h ago Verizon 2026 DBIR surfaced crucial findings and confirmed already observed trends, such as the rise of third-party involvement in breaches. NanoCo lands $12 million seed funding, launches enterprise assistant built on NanoClaw 8h ago NanoCo seed funding hits $12M as the company launches an enterprise AI assistant built on its open source NanoClaw framework. FBI: $388 million lost in crypto ATM scams in 2026 10h ago The FBI warned about rising crypto ATM scams after IC3 received 13,400 complaints linked to losses exceeding $388 million. ArmorCode gives security teams AI workers for exposure and remediation 10h ago ArmorCode announced Anya Agents, an AI framework for automating and scaling enterprise security workflows across organizations. Novata uses AI to map risk across portfolios and supply chains 11h ago Novata announced Risk Atlas, an AI-powered tool that helps identify and prioritize risk across global portfolios and supply chains. TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension 11h ago GitHub confirmed that attackers breached its private code repositories after an employee installed a malicious VS Code extension. Trust3 AI focuses on AI agent risks with MCP Security layer 11h ago Trust3 AI launched MCP Security to protect enterprise AI agents and secure connections to business systems and data workflows use. Encryption Consulting launches CertSecure Manager v3.3 with zero-touch certificate renewals 12h ago Encryption Consulting launched CertSecure Manager v3.3 with zero-touch certificate renewals and support for 11 CAs to reduce risk. Darwinium updates mobile SDKs to detect remote access scam activity 13h ago Darwinium SDK updates offer complete visibility into in-session manipulation and new device evasion techniques.
MS
MSRC Security Update Guide
8h ago · 20 items
CVE-2026-40367 Microsoft Word Remote Code Execution Vulnerability 8h ago CVE-2026-40367 Microsoft Word Remote Code Execution Vulnerability 8h ago CVE-2026-46483 Vim: Command injection in tar#Vimuntar via missing shellescape {special} flag 13h ago CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command 13h ago CVE-2026-43491 net: qrtr: ns: Limit the maximum server registration per node 14h ago CVE-2026-43493 crypto: pcrypt - Fix handling of MAY_BACKLOG requests 14h ago CVE-2026-43492 lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() 14h ago CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability 1d ago CVE-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address 1d ago CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()" 1d ago
20 loaded
AL
Alerts
10h ago · 20 items
20 loaded
AC
All CISA Advisories
10h ago · 20 items
20 loaded
SE
Securelist
13h ago · 10 items
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102) 13h ago We explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102). IT threat evolution in Q1 2026. Mobile statistics 2d ago This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of SparkCat and Triada. IT threat evolution in Q1 2026. Non-mobile statistics 2d ago The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during Q1 2026. Kimsuky targets organizations with PebbleDash-based tools 6d ago Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware cluster. State of ransomware in 2026 8d ago Kaspersky researchers are sharing insights into the main ransomware trends for 2026: EDR killers on the rise, switching from data encryption to data leaks, and more. CVE-2025-68670: discovering an RCE vulnerability in xrdp 12d ago During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project maintainers promptly patched the vulnerability. Exploits and vulnerabilities in Q1 2026 13d ago This report provides statistical data on published vulnerabilities and exploits we researched during Q1 2026. It also includes summary data on the use of C2 frameworks in APT attacks. OceanLotus suspected of using PyPI to deliver ZiChatBot malware 14d ago Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware dubbed ZiChatBot. We attribute this activity to OceanLotus APT. Websites with an undefined trust level: avoiding the trap 14d ago We explain what suspicious websites are and how to distinguish a safe site from a fraudulent one. A new category in Kaspersky solutions: we’re sharing global statistics on untrusted site detection. “Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security 16d ago Kaspersky expert breaks down a new phishing scheme that uses the Amazon SES cloud email service. Let’s look at some examples to see how you can tell a phishing email from a real one.
CY
CyberScoop
22h ago · 36 items
CISA credential leak raises alarms, and Capitol Hill demands answers 22h ago Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches 1d ago Mini Shai-Hulud returns, compromising hundreds of npm packages 1d ago Microsoft disrupts cybercrime service that abused software verification systems en masse 1d ago AI might cut false positives, but it won’t stop the slop 2d ago Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa 2d ago The Canvas breach proved that prevention is no longer enough 2d ago Former CISA nominee Sean Plankey named US CEO of defense startup 2d ago Colorado governor commutes prison sentence for election denier Tina Peters 4d ago Here’s how the FTC plans to enforce the Take It Down Act 5d ago
36 loaded
BH
Black Hat
1d ago · 15 items
15 loaded
WE
WeLiveSecurity
1d ago · 20 items
20 loaded
RF
Recorded Future
1d ago · 20 items
At Mythos Speed: A Defender's Playbook for the AI Vulnerability Surge in 2026 1d ago Frontier AI models like Mythos are making vulnerability discovery fast and cheap. Here's how defenders use threat intelligence and agentic processing to prioritize and act at the same speed. April 2026 CVE Landscape 5d ago In April 2026, Insikt Group® identified 37 high-impact vulnerabilities that should be prioritized for remediation, 35 of which had a Very Critical Recorded Future Risk Score. This represents a 19% increase from last month. NIST NVD Enrichment Policy Change: Prioritizing Vulnerabilities with Attacker Behavior Signals 6d ago NVD enrichment now covers only 15–20% of CVEs. Learn how Recorded Future Vulnerability Intelligence prioritizes risk using real attacker behavior signals. Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defense 6d ago The real question in modern cyber defense isn't who has more technology. It's who uses their resources more efficiently. Here's how AI fused with threat intelligence tips that balance. Working in London at the World’s Largest Intelligence Company 12d ago See what it is like to work at the Recorded Future London office. Quantum Risk Explained 13d ago Learn how the "Harvest Now, Decrypt Later" (HNDL) risk exposes long-lived sensitive data today, regardless of when Cryptographically Relevant Quantum Computers (CRQCs) arrive. Recorded Future Named a Leader in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies. And there’s more. 14d ago Recorded Future shares exciting developments since being named a leader. Threat Activity Enablers: The Backbone of Today’s Threat Landscape 14d ago Behind every ransomware demand, botnet, or threat activity group is a server sitting in a data center. Hacking Embodied AI 15d ago Embodied AI, intelligent systems in physical forms such as humanoid and quadruped robots, is moving from spectacle to staffing plans. The Iran War: What You Need to Know 19d ago Insikt Group tracks the cyber, physical, and geopolitical components of the US-Israeli strikes on Iran — with continuously updated threat analysis and scenarios.
20 loaded
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud 1d ago Agentic Governance: Why It Matters Now 2d ago AI agents now act inside the trust boundary with real credentials, and agentic governance is what keeps them from quietly breaking things at machine speed. Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft 7d ago Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America 9d ago Supporting the National Cyber Strategy: How TrendAI™ Helps 14d ago InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise 15d ago Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities 16d ago Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia 20d ago Kuse Web App Abused to Host Phishing Document 21d ago Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the users’ trust in Kuse to carry out a phishing attack. Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories 29d ago
20 loaded
KO
Krebs on Security
2d ago · 10 items
CISA Admin Leaked AWS GovCloud Keys on Github 2d ago Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of inte... Patch Tuesday, May 2026 Edition 8d ago Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this m... Canvas Breach Disrupts Schools & Colleges Nationwide 12d ago An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the servi... Anti-DDoS Firm Heaped Attacks on Brazilian ISPs 20d ago A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazi... ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty 29d ago A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phish... Patch Tuesday, April 2026 Edition 36d ago Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dub... Russia Hacked Routers to Steal Microsoft Office Tokens 43d ago Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backe... Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab 44d ago An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gang... ‘CanisterWorm’ Springs Wiper Attack Targeting Iran 58d ago A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or ha... Feds Disrupt IoT Botnets Behind Huge DDoS Attacks 61d ago The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as ro...
MA
Malware Analysis & Reports
2d ago · 20 items
20 loaded
JH
John Hammond
2d ago · 15 items
15 loaded
DA
darkreading
2d ago · 45 items
The Boring Stuff is Dangerous Now 2d ago Can Laws Stop Deepfakes? South Korea Aims to Find Out 2d ago Congress Puts Heat on Instructure After Canvas Outage 5d ago Cyber Pioneers Ponder Past as Prologue 5d ago Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems 5d ago SecurityScorecard Snags Driftnet to Level Up Threat Intelligence 6d ago Maximum Severity Cisco SD-WAN Bug Exploited in the Wild 6d ago 'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine 6d ago AI Drives Cybersecurity Investments, Widening 'Valley of Death' 6d ago Foxconn Attack Highlights Manufacturing's Cyber Crisis 6d ago
45 loaded
NA
NahamSec
2d ago · 15 items
15 loaded
HA
Hak5
3d ago · 15 items
15 loaded
CD
Cyber Defense Magazine
3d ago · 35 items
Why Is Cybersecurity Now A Business Priority, Not Just An IT Function? 3d ago The Security Mistakes Being Repeated With Ai 4d ago The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract 5d ago Innovator Spotlight: Klever Compliance 6d ago Innovator Spotlight: Radware 6d ago Innovator Spotlight: JScrambler 6d ago Innovators Spotlight: OPSWAT 7d ago The Board Is Asking The Wrong Security Question 7d ago Synthetic Identity Fraud Requires An Equal Focus On Biometrics And Document Verification 8d ago Innovator Spotlight: Iru 9d ago
35 loaded
IP
IppSec
4d ago · 15 items
15 loaded
BF
Blog – Forter
6d ago · 10 items
TC
The Cyber Mentor
6d ago · 15 items
15 loaded
PN
Proofpoint News Feed
8d ago · 10 items
Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America 8d ago New MSP Platform business unit, AI-powered all-in-one Microsoft 365 protection, and Marketplace partnership with Pax8 strengthen Proofpoint’s commitment to channel and small and mid-size The spy who logged me in. 11d ago ⁠Mark Kelly⁠, Staff Threat Researcher at ⁠Proofpoint⁠, is discussing their work on "I’d come running back to EU again: TA416 resumes European government espionage campaigns." China-linked threat group TA416 has resumed large-scale phishing ... Proofpoint Establishes Innovation Precedent for Source-Agnostic Modern Enterprise Investigations 14d ago Proofpoint Prism Investigator positioned as first fully autonomous Agentic AI solution to significantly streamline investigations for highly regulated and highly AI and the New Threat Landscape | Sumit Dhawan with NightDragon | RSAC 2026 15d ago The Most Powerful Women Of The Channel 2026: Power 100 16d ago The Power 100 is culled from the ranks of CRN’s 2026 Women of the Channel and spotlights the female executives at vendors and distributors whose insight and influence help drive channel success. AI Security Gaps Create New MSSP Opportunity: Proofpoint 20d ago Claude Mythos Fears Startle Japan's Financial Services Sector 21d ago AI-Era Threats Spread Beyond Email Into SaaS, Collaboration Apps, and AI Assistants 22d ago Proofpoint Research Reveals Half of Global Organizations Experienced AI Incidents Despite Having AI Security Controls in Place 22d ago Inaugural global study finds more than half of organizations are not fully confident their AI security controls would detect compromised AI Clear market trend for software providers to help with AI: Proofpoint CEO 27d ago Sumit Dhawan, Proofpoint CEO, joins 'Closing Bell' to discuss ServiceNow's quarterly earnings results, if Anthropic's Mythos makes incumbent players more important and much more.
HS
Heimdal Security Blog
8d ago · 15 items
AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift 8d ago Morten Kjaersgaard expects fewer than 500 of three million monthly alerts to need a human analyst in the year ahead. The role is being rebuilt around cases that warrant judgement. Top 10 Cybersecurity Companies in Europe 15d ago Over the last 10-15 years, the cybersecurity scene has gotten increasingly complex, as organizations adopt new technology and hackers evolve more innovative ways to target them. At the same time, data protection and compliance have become m... Heimdal Expands AI Strategy with AI Wingman and Third-Party AI Containment 29d ago Heimdal today unveiled the next phase of its AI strategy, expanding AI Wingman with three new layers - Assist, Triage and SOC - alongside the introduction of Third-Party AI Containment. You Only Know What You’ve Got When Its Gone 54d ago Prepare for the expected. Rehearse an action plan in case of technology failure or cyberattacks. We all know they can happen. Nordic MSPs Can Now Access Heimdal’s Unified Security and Compliance Platform Through Elovade 63d ago Heimdal has appointed Elovade as its official distributor in the Nordic region. The move gives MSPs and resellers across Sweden, Norway, Denmark, Iceland, and Finland direct access to Heimdal's consolidated cybersecurity platform through a ... OpenClaw Incidents Show Why AI Adoption Pressure Puts Companies at Risk 76d ago The OpenClaw security failures show how hasty AI adoption can expose businesses and supply chains to major cyber risk. Heimdal Claims Industry First With a Cyber Essentials Control Mapping for PEDM to Help Organisations Prove Least Privilege 100d ago Heimdal is the first vendor to publish a dedicated Cyber Essentials control mapping for PEDM, setting out how privilege management supports Cyber Essentials requirements and what evidence can be produced to support assessment and assurance. Five Predictions for Cyber Security Trends in 2026 105d ago Morten Kjaersgaard, Heimdal’s Founder, and Adam Pilton, a former cybercrime investigator, predict five cyber security trends for 2026. Heimdal Achieves OPSWAT Gold Certification for Anti-Malware 125d ago Heimdal today announced that its Next-Gen Antivirus (NGAV) with Extended Threat Protection (XTP) has achieved OPSWAT Gold Certification for Anti-Malware, validating its compatibility and effectiveness within OPSWAT’s industry-leading Access... How to Avoid Holiday Shopping Scams (From a Former Cyber Detective) 160d ago Worried about holiday scams? Ex-cybercrime detective Adam Pilton breaks down the biggest threats and how to shop safely this festive season.
15 loaded
M3
Microsoft 365 Blog
9d ago · 10 items
New and improved: Agent governance, intelligent workflows, and connected app experiences 9d ago See what's new in Copilot Studio, April 2026: updates to workflows, more control over agent operations, and an expanded agent usage estimator. Copilot Cowork: From conversation to action across skills, integrations, and devices 15d ago Today, we’re announcing additional capabilities in Cowork to expand on what it can make possible for you. Microsoft 365 Copilot, human agency, and the opportunity for every organization 15d ago Empower your organization with Microsoft 365 Copilot—AI that bridges human potential and business outcomes for the future of work. Microsoft Agent 365, now generally available, expands capabilities and integrations 19d ago ​We’re announcing the general availability of Agent 365, plus previews of new capabilities to discover and manage shadow AI agents. Learn more. Copilot’s agentic capabilities in Word, Excel, and PowerPoint are generally available 27d ago Copilot's newest features are now generally available as the default experience across all Microsoft 365 subscriptions. Bring your everyday business apps into the flow of work with agents in Microsoft 365 Copilot 37d ago Discover how apps integrate with AI agents to power Copilot experiences, streamline workflows, and turn business context into action. New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration 49d ago Explore what's new in Copilot Studio: Multi-agent systems now generally available, plus updates to the Prompt Editor and governance controls. Copilot Cowork: Now available in Frontier 51d ago Today, Copilot Cowork—designed for long-running, multi-step work in Microsoft 365—is available via the Frontier program. Copilot Cowork: A new way of getting work done 72d ago Copilot Cowork turns intent into action across Microsoft 365—automating tasks, coordinating workflows, and keeping you in control. See how. Powering Frontier Transformation with Copilot and agents 72d ago Wave 3 of Microsoft 365 Copilot introduces Copilot Cowork, multi‑model intelligence, and enterprise‑ready AI—built to get real work done.
TL
The Last Watchdog
15d ago · 10 items
News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market 15d ago CAMBRIDGE, Mass., May 5, 2026, CyberNewswireŌĆöLuxSci, a leading provider of HIPAA compliant secure healthcare communications, today announced the launch of LuxSci Secure High Volume Email for mid-sized healthcare organizations, the industr... SHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agents 20d ago As if keeping track of machine identities wasnŌĆÖt hard enough. AI agents are now arriving by the thousands ŌĆö and most enterprises are just handing them borrowed credentials and hoping for the best. Meanwhile, the cryptographic infrastruc... GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control 22d ago Every major building in America has three things: a physical address, a legal owner, and an unmonitored attack surface. Related: Sam Altman's quest to usurp the browswer That surface extends from the ground up through every floor, every fac... FIRESIDE CHAT: Leaked secrets are now the go-to attack vector — and AI is accelerating exposures 23d ago A consequential shift is underway in how enterprise breaches begin. The leaked credential ‚Äî once treated as a hygiene problem ‚Äî has become the primary on-ramp. Related: No easy fixes for AI risk Last August‚Äôs Salesloft campaign was th... News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category 28d ago NEW YORK, Apr. 21, 2026, CyberNewswire—BreachLock, a global leader in offensive security, today announced it has been named a representative vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation. This recognition mar... Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one 30d ago Public key infrastructure -- the authentication and encryption framework that has held digital commerce together through every chaotic leap forward in technology -- is facing a double whammy. Related: Achieveing AI security won't be easy Au... News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security 35d ago SUNNYVALE, Calif., Apr. 15, 2026 ŌĆō NTT Research, Inc., a division of NTT (TYO:9432), today announced the launch of Scale Academy, a startup incubator responsible for bringing to market products and services based upon technologies studied... GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags 36d ago For years, quantum risk was easy for most institutions to treat as premature: real in theory, urgent someday, but not yet an operational problem. That is no longer tenable. Related: AI spawns semantic attacks Two developments this month bro... News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk 40d ago AUSTIN, Texas, Apr. 9, 2026, CyberNewswire—Mallory is launching a AI-native threat intelligence platform, purpose-built to answer the questions CISOs and their teams are asking every day: •What are the real threat vectors for our organi... FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense 43d ago As if securing the enterprise against a tidal wave of AI tools wasn't hard enough, it turns out the geopolitical instability of the moment is making things worse. That wasn't the headline at RSAC 2026 last week -- agentic AI dominated the a...
WE
WeLiveSecurity
15d ago · 20 items
20 loaded
Azure IaaS: Defense in depth built on secure-by-design principles 16d ago Explore how Azure IaaS uses defense in depth and secure-by-design principles to deliver layered, scalable cloud security across compute, network, and data. Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM 20d ago Learn how Microsoft Azure Integrated HSM delivers hardware‑enforced key protection in the cloud, combining FIPS Level 3 assurances with transparency and open‑source collaboration. Azure IaaS: Keep critical applications running with built-in resiliency at scale 49d ago Learn how Azure IaaS helps organizations start from a resilient platform foundation with availability, continuity, and recovery capabilities. Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure 77d ago Learn how Azure IaaS helps you modernize infrastructure, improve performance and resilience, optimize costs, and prepare for AI workloads. Read more. Azure reliability, resiliency, and recoverability: Build continuity by design 92d ago Learn how Azure reliability, resiliency, and recovery capabilities work together to improve cloud continuity. Read more. Microsoft strengthens sovereign cloud capabilities with new services 196d ago Discover new Microsoft digital sovereignty capabilities and upcoming features across AI, security, and productivity, to address sovereign cloud needs. Enhancing software supply chain security with Microsoft’s Signing Transparency 198d ago Microsoft Signing Transparency delivers verifiable code integrity and tamper-evident software releases for stronger supply chain security. Oracle Database@Azure offers new features, regions, and programs to unlock data and AI innovation 218d ago Migrate Oracle solutions to the cloud with a trusted, enterprise-ready platform from Microsoft and Oracle. Learn more. Building secure, scalable AI in the cloud with Microsoft Azure 323d ago Forrester Research shows how Azure helps enterprises scale generative AI securely, unlocking real business value. Learn more. Enhance AI security with Azure Prompt Shields and Azure AI Content Safety 349d ago Learn how Prompt Shields and Azure AI Content Safety can help guard against direct and indirect threats to your LLM-based solution.
DE
DEFCONConference
21d ago · 15 items
15 loaded
CC
CISA Cybersecurity Advisories
29d ago · 10 items
Defending Against China-Nexus Covert Networks of Compromised Devices 29d ago Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure 44d ago U.S. organizations should review the TTPs and IOCs in this advisory for indications of current or historical activity on their networks, and apply the Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure 166d ago The authoring organizations encourage critical infrastructure organizations to implement the recommendations in this advisory to reduce the likelihood and CISA Shares Lessons Learned from an Incident Response Engagement 240d ago Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System 268d ago The authoring agencies strongly urge network defenders to hunt for malicious activity and to apply the mitigations in this CSA to reduce the threat of Chinese CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization 295d ago #StopRansomware: Interlock 303d ago Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider 342d ago CISA urges software vendors, downstream customers, and end users to immediately implement the Mitigations listed in this advisory based on confirmed compromise Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations 365d ago Russian GRU Targeting Western Logistics Entities and Technology Companies 373d ago Executives and network defenders should recognize the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and IOCs
13 loaded
LI
LiveOverflow
77d ago · 15 items
15 loaded
SK
STÖK
269d ago · 15 items
15 loaded
HA
HackerSploit
406d ago · 15 items
15 loaded
TH
Threatpost
1358d ago · 10 items
Student Loan Breach Exposes 2.5M Records 1358d ago 2.5 million people were affected, in a breach that could spell more trouble down the line. Watering Hole Attacks Push ScanBox Keylogger 1359d ago Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms 1360d ago Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Ransomware Attacks are on the Rise 1363d ago Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. Cybercriminals Are Selling Access to Chinese Surveillance Cameras 1364d ago Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. Twitter Whistleblower Complaint: The TL;DR Version 1365d ago Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. Firewall Bug Under Active Attack Triggers CISA Warning 1366d ago CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. Fake Reservation Links Prey on Weary Travelers 1367d ago Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. iPhone Users Urged to Update to Patch 2 Zero-Days 1370d ago Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. Google Patches Chrome’s Fifth Zero-Day of the Year 1371d ago An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

No matching sources found.