Loading…

Whats The Hax?

Daily intelligence on threats, breaches, and defenders

What's New

Top 5 Across All Sources
Latest
Latest newsPrime Day ends soon: We hand-picked the 95+ best deals still live, before they disappearLatest newsPokémon Chaos Rising Trainer Boxes are sold out for Prime Day, but the booster bundles are still 17% offLatest news5 of the best MSI gaming laptop deals live now for Amazon Prime DayLatest newsI found better gaming deals at Best Buy than Amazon's Prime Day saleBleepingComputerNew macOS malware embeds fake errors to confuse AI analysis toolsLatest newsGot a spare PC? How to open-source your smart home - for freeJohn HammondDisable SmartScreen FastLatest newsI won't fly anywhere without this tiny Bluetooth dongle - it's 21% off right nowLatest newsAmazfit vs. Garmin: I tested two flagship smartwatches - is one worth the $250 premium?Latest newsThe Garmin Fenix 8 Pro smartwatch is a top-selling Prime Day deal - here's why I recommend itLatest newsChrome's next update will kill your adblocker - and make the web less safeLatest newsHeyPolo vs. Life360: I tried both location-sharing apps, and there's a clear winnerBleepingComputerPirloTV sports piracy network disrupted as 44 domains seizedLatest newsThis sunrise alarm clock improved my sleep routine, and it's 20% off right nowLatest newsI found the best Amazon Prime Day SSD and storage deals - Samsung, Kingston, and moreLatest newsI found best Prime Day TV deals actually worth your time: Samsung, Sony, and moreLatest newsThe best Sam's Club deals competing with Prime Day 2026 (including a $15 membership)Latest newsThe best Prime Day robot vacuum deals I'd buy (after testing dozens of them)Black HatBlack Hat Intercepted | Lexie Thach, Ex Machina Parlor + Naval Information Warfare Center PacificCyber Defense MagazineThe Moment Of Reliance: The Question Safety Governance Cannot Currently AnswerLatest newsPrime Day ends soon: We hand-picked the 95+ best deals still live, before they disappearLatest newsPokémon Chaos Rising Trainer Boxes are sold out for Prime Day, but the booster bundles are still 17% offLatest news5 of the best MSI gaming laptop deals live now for Amazon Prime DayLatest newsI found better gaming deals at Best Buy than Amazon's Prime Day saleBleepingComputerNew macOS malware embeds fake errors to confuse AI analysis toolsLatest newsGot a spare PC? How to open-source your smart home - for freeJohn HammondDisable SmartScreen FastLatest newsI won't fly anywhere without this tiny Bluetooth dongle - it's 21% off right nowLatest newsAmazfit vs. Garmin: I tested two flagship smartwatches - is one worth the $250 premium?Latest newsThe Garmin Fenix 8 Pro smartwatch is a top-selling Prime Day deal - here's why I recommend itLatest newsChrome's next update will kill your adblocker - and make the web less safeLatest newsHeyPolo vs. Life360: I tried both location-sharing apps, and there's a clear winnerBleepingComputerPirloTV sports piracy network disrupted as 44 domains seizedLatest newsThis sunrise alarm clock improved my sleep routine, and it's 20% off right nowLatest newsI found the best Amazon Prime Day SSD and storage deals - Samsung, Kingston, and moreLatest newsI found best Prime Day TV deals actually worth your time: Samsung, Sony, and moreLatest newsThe best Sam's Club deals competing with Prime Day 2026 (including a $15 membership)Latest newsThe best Prime Day robot vacuum deals I'd buy (after testing dozens of them)Black HatBlack Hat Intercepted | Lexie Thach, Ex Machina Parlor + Naval Information Warfare Center PacificCyber Defense MagazineThe Moment Of Reliance: The Question Safety Governance Cannot Currently Answer

By Source

Feeds organized so you can skim by site.

Density Sort
LN
Latest news
1h ago · 20 items
Prime Day ends soon: We hand-picked the 95+ best deals still live, before they disappear 1h ago LIVE: Amazon Prime Day 2026 deals are going strong. Follow our live blog for real-time tracking on editor-approved products like 4K TVs, M5 MacBooks, Samsung devices, SSDs, and more. Pokémon Chaos Rising Trainer Boxes are sold out for Prime Day, but the booster bundles are still 17% off 1h ago This Pokémon Boost Bundle includes 6 booster packs and is a perfect gift for the collector in your life. 5 of the best MSI gaming laptop deals live now for Amazon Prime Day 1h ago We've reviewed dozens of MSI's laptops over the last few years - here are the top five deals worth calling out for Prime Day. I found better gaming deals at Best Buy than Amazon's Prime Day sale 1h ago Disappointed in Amazon's selection of gaming deals ahead of the Prime Day 2026 sale? Best Buy has you covered. Got a spare PC? How to open-source your smart home - for free 1h ago Home Assistant OS can serve as a user-friendly control hub for your smart devices. Here's how to get started. I won't fly anywhere without this tiny Bluetooth dongle - it's 21% off right now 1h ago The AirFly Pro 2 is one of my must-have travel essentials, and it's on sale for Amazon Prime Day. Amazfit vs. Garmin: I tested two flagship smartwatches - is one worth the $250 premium? 1h ago How does the latest Amazfit Cheetah 2 Ultra stack up against the Garmin Fenix 8? Here's what I discovered after living with both for a month. The Garmin Fenix 8 Pro smartwatch is a top-selling Prime Day deal - here's why I recommend it 1h ago The Garmin Fenix 8 Pro is a luxury smartwatch with rugged features. ZDNET readers can't get enough of it on the first day of Prime Day. Chrome's next update will kill your adblocker - and make the web less safe 1h ago Under-the-hood changes in Google's browser - aimed at improving privacy, security, and performance - will reduce the control you have over your browsing experience. HeyPolo vs. Life360: I tried both location-sharing apps, and there's a clear winner 1h ago Surfshark's HeyPolo is taking on the popular Life360. Here's how this latest contender in the location-sharing space compares.
20 loaded
BL
BleepingComputer
1h ago · 15 items
New macOS malware embeds fake errors to confuse AI analysis tools 1h ago A newly discovered macOS malware dubbed PirloTV sports piracy network disrupted as 44 domains seized 1h ago A major sports piracy ring linked to the illegal PirloTV streaming platform has been disrupted in an action that targeted 44 domains. Bluekit phishing kit adopts browser-in-the-middle for login theft 2h ago The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and by adding browser-in-the-middle capabilities for improved data theft. The Four Elevations of Effective Fraud Prevention 3h ago Fraudsters don't attack just one transaction. They target accounts, platforms, and entire ecosystems. IPQS explains the four elevations of fraud prevention and why broader visibility improves fraud detection. Webinar: Why account takeovers remain one of the hardest threats to stop 4h ago Account takeover attacks continue to challenge security teams because attackers often operate through legitimate accounts and trusted services. This webinar explores how behavioral AI can help organizations identify compromised accounts fas... Google releases new privacy controls for activity history, personalization 17h ago Google is rolling out new privacy controls for Search services and Google Play, giving you more control over saved history and personalized recommendations. DraftKings hacker 'Snoopy' sentenced to 18 months in prison 19h ago A 21-year-old using the alias Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access 19h ago New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices. Malicious Edge extension abuses Native Messaging as bridge to malware 20h ago A malicious Microsoft Edge extension dubbed 'Edgecution' has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor. CISA warns of max severity Ubiquiti flaws exploited in attacks 1d ago The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity UniFi OS and Lantronix serial-to-ethernet servers.
15 loaded
JH
John Hammond
1h ago · 15 items
Disable SmartScreen Fast 1h ago Github got Hacked by CATS 1d ago This Dark Web Linux Backdoor Erases Its Own Footprints 1d ago ContinuumCon 2026 Redux! 5d ago ContinuumCon 2026 - Day 3 10d ago ContinuumCon 2026 - Day 2 11d ago ContinuumCon 2026 - Day 1 12d ago Payload Podcast 008 - Ryan Hausknecht 13d ago JHT Course Launch! Windows Maldev 6 19d ago BIG SHOW TODAY & AI vibes 21d ago
15 loaded
BH
Black Hat
2h ago · 15 items
Black Hat Intercepted | Lexie Thach, Ex Machina Parlor + Naval Information Warfare Center Pacific 2h ago Black Hat Europe 2025 | Stress-Testing SAST And LLMs On Modern Web Backends 19h ago Black Hat Europe 2025 | Page Phantoms: Zero-IO, In-Memory Tampering Of The Linux Page Cache 20h ago Black Hat Europe 2025 | SCOMmand And Conquer - Attacking System Center Operations Manager 1d ago Black Hat USA 2026 | Welcome Video 2d ago Black Hat Europe 2025 | China's Nexus APT Exploiting Ivanti Endpoint Manager Mobile 2d ago Black Hat Europe 2025 | RMPocalypse: A Catch-22 Breaking AMDs Confidential Computing 2d ago Black Hat Intercepted | James Holland, Palo Alto Networks 3d ago Black Hat Europe 2025 | Taking Over Your Amazon Account With A Kindle 3d ago Black Hat Europe 2025 | Ghosts in the Stream: Exposing Lives and Devices Behind Encrypted Doors 3d ago
15 loaded
CD
Cyber Defense Magazine
2h ago · 10 items
The Moment Of Reliance: The Question Safety Governance Cannot Currently Answer 2h ago The New Face Of Fraud: Why AI Is Making Older Adults The Primary Target 4h ago NSA Urges Cyberthreat Timeline Has Compressed From Years to Months 5h ago Governance Is Failing: Why Converged Digital Risk Is Outpacing Every Control We Have 1d ago Invisible By Design: Making Quantum-Safe Encryption The Easy Path 1d ago Magecart Evolves and Attackers Weaponize Ethereum Blockchain for Digital Skimming 1d ago Innovator Spotlight: NAKIVO 1d ago Cybersecurity Outsourcing. Beyond Cost 2d ago Inside The Rising Cyber Risk To Insurers: Why Insurance Companies Are Now Prime Targets 2d ago Supply Chain Compromise: Nintendo Vendor Breach Exposes Internal Data 2d ago
CS
Cisco Security Advisory
2h ago · 20 items
Cisco Finesse Remote File Inclusion Vulnerability 2h ago A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability ... Cisco Advance Notification for Publication of July 1, 2026, Security Advisories 1d ago On July 1, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Catalyst Center Secure En... Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities 3d ago Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a c... Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities 6d ago Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected devi... Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability 8d ago A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands.... Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability 8d ago A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input v... Cisco Webex App Open Redirect Vulnerability 8d ago A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer ... Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 8d ago A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an un... Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 8d ago May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability was disclosed in February 2026. This ... Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability 9d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists...
20 loaded
TH
The Hacker News
2h ago · 20 items
Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability 2h ago ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories 4h ago Surviving the Mythos Era: Richard Bejtlich on the Case for NDR 5h ago New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis 7h ago New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns 8h ago Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access 11h ago CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited 23h ago Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered 1d ago Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks 1d ago Dawn of the Apex Agentic Adversary 1d ago
20 loaded
HN
Help Net Security
3h ago · 10 items
Stealthy new backdoor surfaces in attacks on multiple sectors 3h ago A relatively new backdoor called Mistic appears to be linked to Woodgnat and has been used in attacks targeting multiple sectors. Checksum API Agent generates and maintains stateful API tests 3h ago Checksum API Agent generates and maintains journey-based API tests, helping teams keep pace with rapid development. Reco Agent Security helps organizations govern AI agents and reduce exposure 3h ago Reco Agent Security helps organizations discover, monitor, and reduce AI agent risks across connected applications. Mitiga unveils Agentic Runtime Security for cloud, SaaS, identity, and AI protection 3h ago Mitiga launches Agentic Runtime Security to detect, disrupt, and stop attacks across cloud, SaaS, identity, and AI. ControlMonkey connects backup visibility with cloud recovery readiness 3h ago ControlMonkey adds Data Backup Correlation to link backup posture with cloud recovery readiness and resilience insights. Veritone introduces Assess to streamline evidence analysis and compliance reviews 4h ago Veritone Assess helps public sector organizations uncover discrepancies, policy violations, evidentiary gaps, and leads in complex data. runZero 5.0 unifies exposure management to accelerate risk reduction 4h ago runZero 5.0 unifies exposure management, helping security teams identify, prioritize, remediate, and verify risks faster. BlackLine enhances Agentic Financial Operations Platform with CFO-focused AI oversight tools 5h ago BlackLine expands its Agentic Financial Operations Platform with AI governance, observability, auditability, and CFO oversight. Hacker gets 18 months for attack that compromised 60,000 betting accounts 6h ago A hacker known as “Snoopy” was sentenced to 18 months in prison for his role in the compromise of about 60,000 DraftKings accounts. SpyCloud automates threat investigations with new Research Agent 7h ago SpyCloud launches Research Agent, an AI-powered investigation assistant that automates cybercrime analysis and intelligence.
MS
MSRC Security Update Guide
3h ago · 20 items
CVE-2026-41086 Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability 3h ago CVE-2026-45637 Microsoft DWM Core Library Elevation of Privilege Vulnerability 3h ago CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing 9h ago CVE-2026-11816 Path Traversal in keras-team/keras 9h ago CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access 9h ago CVE-2026-46285 mtd: docg3: fix use-after-free in docg3_release() 1d ago CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability 2d ago CVE-2026-45504 Microsoft Exchange Server Elevation of Privilege Vulnerability 2d ago CVE-2026-33840 Win32k Elevation of Privilege Vulnerability 2d ago CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response 5d ago
20 loaded
SE
SecurityWeek
4h ago · 10 items
Runlayer Raises $30 Million in Series A Funding 4h ago Cal Water Finds No Evidence of OT Activity After Hackers Claimed They Could Disrupt Water Supply 5h ago Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning 5h ago GitLab Patches Code Execution, Information Disclosure Vulnerabilities 6h ago 25-Year-Old Vulnerability Patched in Curl 7h ago NIST Opens Updated IoT Security Guidance to Public Review 8h ago Chrome 149 Update Resolves 18 Severe Vulnerabilities 9h ago Cisco SD-WAN Zero-Day Exploited Months Before Patching 11h ago When Information Becomes the Attack Surface – Understanding AI Agent Traps 23h ago Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware 1d ago
SE
Securelist
7h ago · 30 items
Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools 7h ago Kaspersky researchers analyze the threat landscape for SMBs in 2026: the rise of attacks involving fake AI tools, phishing schemes, and data sold on the dark web. StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader 1d ago Kaspersky researchers analyze a new global campaign dubbed StrikeShark that delivers Cobalt Strike Beacon via custom SharkLoader malware. A VBScript campaign distributed through WhatsApp deploying RMM software 3d ago A Kaspersky researcher analyzes a global malicious campaign that distributes VBS scripts via WhatsApp delivering a UEMS RMM agent through a multi-stage infection chain. Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk 9d ago Since late 2025, malware has been spreading rapidly through the Steam Workshop. In most cases, we caught old, familiar threats such as DarkKomet, the Lumma and Vidar infostealers. Argamal: Malware hidden in hentai games 22d ago Kaspersky researchers analyze new Argamal RAT distributed via infected hentai games and allowing the attacker to control the target machine. Wardriving assessment across Mexico: Preparing for the 2026 World Cup 23d ago In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure risks. Containers on fire: from container escapes to supply chain attacks 24d ago We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromise, and supply chain attacks. What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant 27d ago What are the main risks for container environments: vulnerabilities, supply chain attacks, configuration errors; how to improve container security and how Kaspersky Container Security with the KIRA AI assistant can help. Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years 28d ago Our experts continue to track attacks targeting consumers of pirated content, both books and movies. 2026 saw the discovery of new target sites with tens of millions of visitors, while the miner based on SilentCryptoMiner gained a RAT modul... Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload 34d ago The experienced Cloud Atlas group remains active, continuing to target government sectors and diplomatic entities in Russia and Belarus, employing both new and established techniques.
30 loaded
DA
darkreading
7h ago · 20 items
Europe Evolves Into Ransomware's Favorite Region 7h ago Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure 19h ago 2026 FIFA World Cup Faces Surge in Cyber Threats 20h ago Do CISOs Need a Code of Ethics? 22h ago More Malicious OpenClaw Skills Threaten AI Supply Chain 1d ago Apple's MacOS Gap Lets Users Disable Security Tools 1d ago Scope of Salesforce Attacks Expands as Icarus Leaks Data 1d ago 'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows 1d ago SocGholish Takedown Highlights Malicious TDS Threats 2d ago FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist 2d ago
20 loaded
SL
Security Latest
7h ago · 20 items
British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted 7h ago Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed 1d ago OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos 3d ago World Cup Scams Are Getting Harder to Spot 3d ago A Critical Deadline Is Approaching for Windows and Linux Security 4d ago Hackers Claim to Leak Stolen Madison Square Garden Data 5d ago How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members 6d ago How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras 7d ago The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed 7d ago Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society 8d ago
20 loaded
CY
CyberScoop
8h ago · 101 items
Why patch directives only go so far 8h ago Malicious hackers exploit Cisco zero-day for highest access level at communications service provider 22h ago In a first, a court takedown goes after two cybercrime tools at once 1d ago Open-source security is posing challenges governments can’t easily solve 1d ago Justice Department seizes infrastructure used by cyber scam and criminal marketplace 1d ago Algerian man charged with running two cybercrime marketplaces 2d ago Court rules SAVE database illegal, orders it dismantled 2d ago Trump executive orders speed up post-quantum migration, boost industry 2d ago Intel agencies: Frontier AI models will reshape cybersecurity faster than expected 3d ago Authorities disrupt Evil Corp’s SocGholish botnet 6d ago Cybersecurity firms, researchers and officials took down 106 servers and remediated nearly 15,000 sites that were infected with the malware.
101 loaded
RF
Recorded Future
17h ago · 20 items
Evaluating Mexico’s New Cybersecurity Plan 17h ago Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan. Discover how Mexico is addressing critical threats like ransomware, organized crime, and AI-driven attacks while preparing its digital infrastructure for the 2026 FIFA W... FortiBleed Campaign Exposing Credentials for 73,932 FortiGate Systems 1d ago A dataset containing valid administrative and VPN credentials for tens of thousands of Fortinet FortiGate firewalls, Recorded Future recommends organizations patch their systems immediately. The Purchase Scam Tactic Headed for the World Cup | Recorded Future 2d ago A purchase scam tactic hijacks organic search through compromised sites, and it’s built to scale into 2026 FIFA World Cup fraud. How it works and how to respond. State Digital Surveillance Risk Landscape 8d ago Explore the state digital surveillance risk landscape. Learn how governments use spyware, AI, and network interception to monitor travelers and how to mitigate these risks. The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine 9d ago Learn how Recorded Future’s proprietary collection engine empowers organizations to move beyond reactive security. Discover the power of our four unique intelligence source types—technical, underground, community, and open-source—working to... Recorded Future Launches Impact and Metrics Dashboard 14d ago See the business value of your intelligence program in one live, continuously updated dashboard, built for the conversations that matter most with the executives who own budget and strategy. Cyber-Enabled Maritime Sanctions Evasion 14d ago Discover how Iranian and Russian shadow fleets use a vast network of fake maritime websites and fraudulent documents to evade international sanctions 2026 FIFA World Cup: What Public Safety Officials Need to Know 15d ago Prepare for the 2026 FIFA World Cup with expert analysis of the physical and cyber threat landscape. Discover key mitigation strategies for host city officials to ensure public safety China's Noncombatant Evacuation Operations: 2005–2025 15d ago Explore the Insikt Group study on 37 Chinese noncombatant evacuation operations (NEOs) from 2005–2025, revealing how China leverages SOEs and civilian resources for its overseas interests Russia’s Defense-Based Economy Risks Forcing Putin to Fight Wars 16d ago Western sanctions have tied Russia's elite patronage to the defense sector. Learn why this creates a domestic imperative for Putin to pursue perpetual war
20 loaded
SA
Security - Ars Technica
20h ago · 20 items
One-two punch delivered in global operation disrupts cybercrime "assembly line" 20h ago White House drastically shortens deadline for dropping quantum-vulnerable crypto 1d ago Following user outcry, AMD reinstates memory encryption in consumer CPUs 2d ago Microsoft discovers new lightweight backdoor that steals cryptocurrency 6d ago Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds 6d ago Massive breach spills credentials for thousands of sensitive networks 7d ago "Dangerous" AI models are coming no matter what 7d ago Windows and Linux users: The deadline to update Secure Boot keys is near 8d ago Critical Copilot vulnerability allowed hackers to steal 2FA code from users 9d ago Users cry foul after AMD stripped memory crypto from its consumer CPUs 9d ago
20 loaded
DB
David Bombal
21h ago · 15 items
Europe’s 800 Exaflop SUPERCOMPUTERS 21h ago They Created a Supercomputer in a Rack? 2d ago Build a Complete Free CCNA Home Lab in 2026 With No Gear 4d ago Broken access control demo 4d ago Will this replace PoE (Power over Ethernet)? 6d ago Never look into a fiber cable! 6d ago What is Clam AV (free & open source )? 7d ago Learn Linux in 180s - history command 8d ago What is an IDOR? Google and Uber got hacked this way. 9d ago Shadow AI: What every network engineer must know 11d ago
15 loaded
MS
Microsoft Security Blog
23h ago · 10 items
CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms 23h ago Discover how Microsoft aligns with the next phase of CNAPP—helping organizations correlate signals, prioritize risk, and reduce cloud exposure across modern application environments. StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them 1d ago On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that formed the backbone of the StealC and Amadey infrastructure. This blog is a technical breakdown of StealC and Amadey. Guarding AI memory 2d ago What happens when threat actors target what AI remembers? Microsoft breaks down the risks and the defenses. One intrusion, two cyberattackers: Uncovering parallel threat activity 3d ago Microsoft DART uncovers dual threat actors in a single intrusion, revealing how blended tactics conceal attacks and complicate detection. Learn more. AutoJack: How a single page can RCE the host running your AI agent 6d ago AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter hand... New Forrester Total Economic Impact™ study projects a 124% ROI from unifying with Microsoft Security 6d ago New Forrester Total Economic Impact™ report shows Microsoft Security consolidation delivers ROI, lowers risk, and prepares organizations to secure AI. From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet 7d ago A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend against supply chain attacks using Microsoft Defender and actionable threat intelligence. Crypto Clipper uses Tor and worm-like propagation for persistence and control 7d ago Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, Tor-based communications, and worm-like propagation. Beyond stealing cryptocurrency transactions, the malware establ... Beyond the benchmark: Advancing security at AI speed 7d ago Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into real-world workflows across Windows, Azure, and identity systems. ​​Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave™ report 7d ago Microsoft has been named a leader for the third consecutive time in The Forrester Wave™: Extended Detection and Response Platforms, Q2 2026.
TC
The Cyber Mentor
1d ago · 15 items
Real Folks of Cyber | Pearce Barry | DITL 1d ago Soft Skills for the Job Market: Resume Writing 6d ago TCM Security Summer Sale is Here! 9d ago LIVE: 🕵️ CTF Prize Draw | Cybersecurity 14d ago Secrets to PNPT Debrief Success 16d ago TCM Security CTF Walkthrough 20d ago Top 5 Active Directory Pentesting Tools 22d ago Real Folks of Cyber | Dan Berger | Day in the Life 28d ago Soft Skills for the Job Market: Communication 34d ago LIVE: 🕵️ HTB Sherlocks! | Cybersecurity | Blue Team 42d ago
15 loaded
WE
WeLiveSecurity
1d ago · 20 items
ESET takes part in Operation Endgame to disrupt Amadey and Stealc 1d ago Killing me gently: Inside Gentlemen’s EDR killer framework 7d ago Protecting legacy OT systems against modern cyberthreats 8d ago FishMonger’s arsenal upgraded: SprySOCKS for Windows 9d ago EvilTokens: A phishing attack that doesn’t steal your password 10d ago OceanLotus: From external espionage to domestic targeting 14d ago Unpacking SMB cyber-readiness – and what makes or breaks it 15d ago Cybercriminals: the 'auditors' you never hired 16d ago Lessons for life: Why children’s data is a long-term identity risk 22d ago This month in security with Tony Anscombe – May 2026 edition 27d ago
20 loaded
HS
Heimdal Security Blog
1d ago · 15 items
Breaking the MSP Echo Chamber: The Power of Community 1d ago MSPs spend too much time talking to other MSPs and not enough time talking to the people they’re supposed to serve. That’s Paul Croker’s view of some of the channel’s biggest growth problems. While most industry events bring technology prof... How attackers built a RAT on a Windows machine using its own .NET compiler 3d ago In May 2026 an attacker compromised a UK medical practice endpoint without delivering a single malicious file. They used PowerShell and the .NET compiler built into Windows to build a Remcos remote access trojan on the machine itself, so si... Attacker enables RDP, creates admin, erases evidence in ten seconds 3d ago At 06:34am on 2 June 2026, an attacker logged on to a customer’s network. In a single automated burst, they switched on remote desktop and created a rogue administrator account. And deleted the evidence behind them. The intrusion reached 34... The State of AI Risk Management in 2026 9d ago There is no excerpt because this is a protected post. Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It 10d ago New Heimdal research shows AI adoption is moving faster than security controls, exposing a confidence gap between executives and IT teams. Your Next Insider Threat May Be an AI Coworker 13d ago Heimdal sysadmin Alex Panait spent weeks testing Claude Cowork inside the company. His verdict was blunt. It felt like onboarding a junior employee with no manager, no scoped access, and no clear accountability when something goes wrong. Ex... The OSI Model and Its Two Missing Layers 13d ago Two missing layers of the OSI Model can blow up your cyber defense strategy anytime. Jayal Yadal explain what they are. Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification 17d ago Heimdal has achieved ISAE 3000 SOC 2 Type II certification for the sixth consecutive year, reflecting the company's continued focus on operational security, accountability, and data protection. AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift 44d ago Morten Kjaersgaard expects fewer than 500 of three million monthly alerts to need a human analyst in the year ahead. The role is being rebuilt around cases that warrant judgement. Top 10 Cybersecurity Companies in Europe 50d ago Over the last 10-15 years, the cybersecurity scene has gotten increasingly complex, as organizations adopt new technology and hackers evolve more innovative ways to target them. At the same time, data protection and compliance have become m...
15 loaded
BF
Blog – Forter
1d ago · 10 items
New at Forter: AI Agents Built to Amplify Your Team 1d ago Can AI Agents Find, Trust, and Choose Your Brand? 2d ago IMPACT Roadshow Recap: Getting Ready for Agentic Commerce 15d ago Agent-Ready: How to Prepare Your Site for AI-Driven Commerce 21d ago Japan’s 3DS Mandate: One Year In 41d ago One-Click Refunds Are Not as Hard as You Think 50d ago Toys“R”Us Japan Implements Forter’s Fraud Management and Payment Optimization Solutions 57d ago More of What Matters: Forter’s April Product Release 58d ago If AI Agents Can’t Find You, Do You Even Exist? 58d ago Return Policy Abuse Is Theft. It’s Time to Treat It That Way. 71d ago
KO
Krebs on Security
2d ago · 10 items
Scattered Spider Hackers Plead Guilty on Day 1 of Trial 2d ago Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The ... ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm 6d ago For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers ... Who Runs the Ransomware Group ‘The Gentlemen?’ 15d ago A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of... A Record-Breaking Patch Tuesday for June 2026 15d ago Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bug... Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts 23d ago The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how ... Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks 31d ago Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the Euro... Lawmakers Demand Answers as CISA Tries to Contain Data Leak 34d ago Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a v... Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada 34d ago Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed deni... CISA Admin Leaked AWS GovCloud Keys on Github 37d ago Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of inte... Patch Tuesday, May 2026 Edition 43d ago Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this m...
TI
Cloudflare patches Copy-Fail across every server in two days 2d ago New Cisco RCE was fixed 2d ago CVE-2026-25860 turn XSS to RCE 2d ago Exploiting Auth0 Defaults in XSS Attacks - elttam 3d ago Scanning malicious websites with 'infinite' number of VPN tunnels (Part 1) 4d ago Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530 5d ago OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099) 6d ago Squidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration 6d ago CVE-2026-5667: Unauthenticated Remote Control of Mitsubishi MAC-577IF-2E WiFi Adapters via Probe Request Reconnaissance 6d ago Would you like some malware served at the very top of DuckDuckGo? 7d ago
255 loaded
TM
From Langflow to Monero: Inside CVE-2026-33017 Cryptominer 2d ago PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM 7d ago Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign 8d ago Governing Claude Enterprise in Environments Where Inline Controls Can't Go 13d ago GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026 15d ago Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open 17d ago Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet 24d ago Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet 30d ago Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware 34d ago Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud 37d ago
20 loaded
HA
Hak5
3d ago · 15 items
Miasma Worm Source Code Leaked + What NPM v12 Means for Developers | Threat Wire 3d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 3d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 3d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 7d ago Shark Jacked my LAN 🦈 8d ago Developers React to the 105-Second Github Chain Reaction | Threat Wire 13d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 14d ago Introducing Shark Jack Display 🦈 17d ago The GitHub Leak Situation Just Got Worse | Threat Wire 28d ago The Worm That Deletes Your Entire Computer | Threat Wire 34d ago
15 loaded
NA
NahamSec
3d ago · 15 items
This Hacker Got Paid $50,000+ to Break Frontier AI Models 3d ago This hacker made $500,000+ hacking google in just a few months. #hacking #bugbounty #cybersecurity 7d ago How I Made $30,000 Hacking Broken Access Control 10d ago $30K from one bug class: broken access control. Here's how 3 "lows" chain into account takeover 10d ago Content creations was both a blessing and a curse. #bugbounty 17d ago This Hacker Made $7,000 Hacking AI With One Email 17d ago How I Found My First $3,000 AI Vulnerability 24d ago This GitHub README Hijacks Your AI and Spreads Like a Virus 38d ago New video: hacking AI coding assistants and IDEs. #bugbounty #ai 38d ago The Bug Bounty Roadmap I'd Follow If I Started Over (With AI) 45d ago
15 loaded
PN
Proofpoint News Feed
3d ago · 10 items
Proofpoint Joins the OpenAI Daybreak Cyber Partner Program to Advance Responsible AI-Powered Cyber Defense 3d ago Proofpoint has been selected to participate in OpenAI Daybreak, which helps trusted cybersecurity companies integrate AI into defensive security operations. Through the OpenAI Daybreak Cyber OpenAI Lets Cyber Vendors Embed GPT-5.5 in Defenses 3d ago Suspected North Korean actors use fake ‘coding assignments’ to steal crypto 16d ago China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa 21d ago Proofpoint Introduces Active Exploits Protection to Help Organizations Prioritize Vulnerability Patching for Real-World Attacks in the AI Era 29d ago New solution reduces exposure to actively exploited vulnerabilities in minutes by turning intelligence into immediate protection across primary attack paths Disrupts AI-powered exploit- Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks 34d ago Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude 35d ago New product integrations bring data protection, insider risk detection, and governance into Claude Enterprise and Claude Platform activity Organizations gain unified visibility across Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America 43d ago New MSP Platform business unit, AI-powered all-in-one Microsoft 365 protection, and Marketplace partnership with Pax8 strengthen Proofpoint’s commitment to channel and small and mid-size The spy who logged me in. 47d ago ⁠Mark Kelly⁠, Staff Threat Researcher at ⁠Proofpoint⁠, is discussing their work on "I’d come running back to EU again: TA416 resumes European government espionage campaigns." China-linked threat group TA416 has resumed large-scale phishing ... Proofpoint Establishes Innovation Precedent for Source-Agnostic Modern Enterprise Investigations 50d ago Proofpoint Prism Investigator positioned as first fully autonomous Agentic AI solution to significantly streamline investigations for highly regulated and highly
IP
IppSec
5d ago · 15 items
HackTheBox - Nanocorp 5d ago HackTheBox - VariaType 12d ago HackTheBox - Facts 19d ago HackTheBox - Interpreter 26d ago HackTheBox - MonitorsFour 33d ago HackTheBox - Pterodactyl 40d ago HackTheBox - Overwatch 47d ago HackTheBox - Sorcery 61d ago HackTheBox - AirTouch 68d ago HackThebox - Eighteen 75d ago
15 loaded
NE
NetworkChuck
5d ago · 15 items
shadow AI is terrifying 5d ago Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026 6d ago HTTPS Doesn't Hide This From Your ISP!! 6d ago Cisco Just Showed the Future of Networking 7d ago Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026 9d ago I was wrong about VPNs 10d ago Certification Questions | LIVE AMA | Summer of CCNA 20d ago Hermes has a Home Assistant skill and it's unreal! 21d ago FREE coffee at Cisco Live (I'm giving it away) 22d ago Codex Lives In PowerShell Now 23d ago
15 loaded
AL
Alerts
7d ago · 44 items
CISA Adds One Known Exploited Vulnerability to Catalog 7d ago CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure 7d ago CISA Adds One Known Exploited Vulnerability to Catalog 9d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog 10d ago CISA Adds One Known Exploited Vulnerability to Catalog 13d ago CISA Adds One Known Exploited Vulnerability to Catalog 14d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog 16d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog 17d ago CISA Adds One Known Exploited Vulnerability to Catalog 20d ago CISA Adds One Known Exploited Vulnerability to Catalog 22d ago CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation.
44 loaded
AC
All CISA Advisories
7d ago · 125 items
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT 7d ago CISA Adds One Known Exploited Vulnerability to Catalog 7d ago Schneider Electric EasyLogic T150 and Saitel DP 7d ago AVer PTC cameras 7d ago Rockwell Automation FactoryTalk Historian Site Edition 7d ago AzeoTech DAQFactory 7d ago Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products 7d ago Mitsubishi Electric MELSEC iQ-F Series 7d ago Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module 7d ago CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure 7d ago
125 loaded
TL
The Last Watchdog
7d ago · 26 items
News alert: SpyCloud report finds phishing surge exposing employee data at Fortune 100 companies 7d ago AUSTIN, Tex., June 17, 2026, CyberNewswireŌĆōSpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enter... News alert: Heimdal study finds executives are more confident than frontline IT teams on AI risk 7d ago LONDON, June 17, 2026, CyberNewswire–Heimdal today published The State of AI Risk Management in 2026, a survey of 1,000 IT professionals across the United Kingdom and the United States. The report's headline finding is a divide inside the... News alert: Aembit secures Copilot Studio agents with identity-based access controls and audit trails 8d ago LAS VEGAS, June 16, 2026, CyberNewswire–Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft's enterprise AI agent platform. The integration, unveiled at Identivers... News alert: GitGuardian adds endpoint protection as developer laptops become credential troves 8d ago NEW YORK, June 16, 2026, CyberNewswire–GitGuardian announced today that it is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NHI) security platform coverage to developer workstations. After 12 mon... News alert: Varist announces AI-scale malware detection for healthcare and medical imaging 9d ago REYKJAVIK, Iceland, June 16, 2026 — Varist today introduced its DICOM Detection Engine™, a specialized system designed to safeguard electronic health records (EHR) and picture archiving and communication systems (PACS) from all known ma... News alert: Cloud security report finds fragmented tools widening the cloud complexity gap 14d ago News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces 22d ago FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential 23d ago News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit 27d ago GUEST ESSAY: AI pipelines are shattering network security — most companies haven’t even noticed yet 29d ago
26 loaded
M3
Microsoft 365 Blog
9d ago · 10 items
Copilot Cowork is now generally available 9d ago Copilot Cowork is now generally available worldwide, bringing secure, AI-powered automation for complex enterprise tasks in Microsoft 365. Introducing Microsoft Scout: Your always-on personal agent 22d ago Microsoft introduces a new, always-on personal agent, Microsoft Scout, integrated across the Microsoft 365 apps you use every day. Announcing the new Work IQ APIs 23d ago Build enterprise agents with Work IQ APIs for Microsoft 365—bringing business context, tools, and secure, scalable intelligence into every workflow. Introducing Microsoft 365 Business with Copilot: The new standard for small business 27d ago Meet Microsoft 365 Business with Copilot—the AI-powered solution transforming how small businesses work, collaborate, and compete. Introducing a new design for Microsoft 365 Copilot 28d ago Copilot’s redesigned experience delivers faster performance, adaptive tools, and clearer AI-powered workflows to help you easily move from intention to outcome. New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences 30d ago Explore what's new in Copilot Studio, May 2026: computer-using agents are now available, plus redesigned workflows and Work IQ extensibility. New and improved: Agent governance, intelligent workflows, and connected app experiences 44d ago See what's new in Copilot Studio, April 2026: updates to workflows, more control over agent operations, and an expanded agent usage estimator. Copilot Cowork: From conversation to action across skills, integrations, and devices 51d ago Today, we’re announcing additional capabilities in Cowork to expand on what it can make possible for you. Microsoft 365 Copilot, human agency, and the opportunity for every organization 51d ago Empower your organization with Microsoft 365 Copilot—AI that bridges human potential and business outcomes for the future of work. Microsoft Agent 365, now generally available, expands capabilities and integrations 55d ago ​We’re announcing the general availability of Agent 365, plus previews of new capabilities to discover and manage shadow AI agents. Learn more.
CY
cybersecurity
13d ago · 1867 items
Any solutions we can use? 13d ago Possible targeted attack 14d ago RoguePlanet: Windows Zero-Day That Weaponizes Defender's Own Quarantine Pipeline 14d ago Facebook messenger to text 14d ago Managing Solution Agents 14d ago Nottingham University data breach affects over 450,000 students 14d ago SWGs that support 3rd party external DNS resolver 14d ago Sub:jugation - Hijacking Cloud Identities by Recycling Namespaces in Global OIDC Issuers 14d ago Chrome extensions with 10M+ installations are actively vulnerable to UXSS & UXSG 14d ago Cybersecurity researchers aren't happy about the guardrails on Anthropic's Fable | TechCrunch 14d ago
1867 loaded
HS
hacking: security in practice
14d ago · 241 items
DIY pwnagotchi-like device on esp32 14d ago Flipper Blackhat + Bjorn 14d ago Do you think AI is making hacking easier or harder 14d ago What can i do left? PSN 14d ago Proxmark5 campaign ending in less than 18 hours. 14d ago How to bypass speed queen coin slot for washer and dryer 14d ago Self-hosting stuff for when things get ugly 14d ago Malware Includes Taboo In Text To Prevent LLM Analysis 14d ago added Mac support for my corporate hacking game, demo on Steam 14d ago Catfished 15d ago
241 loaded
RE
Reverse Engineering
14d ago · 181 items
Reverse engineered BLE protocol of a $7 generic Chinese smart ring from Temu, and built an iOS app around it 14d ago [Reverse-Engineering] Skeet CS:GO source code (Gamesense) 14d ago [Reverse-Engineering] Skeet CS:GO source code (Gamesense) 14d ago Giulio Zausa's MMO-CHIP Makes Reverse Engineering Old Silicon Chips a Multiplayer Game 14d ago I built 99 adversarially malformed PE files to test tool robustness - here’s what happened 14d ago Drive Firmware Security - Phison S11 14d ago IDA 9.4 Beta | Hex-Rays Docs 14d ago Trane Tracer HVAC cybersecurity issues 15d ago 🚀 Release PyMemoryEditor v2.0 — read, write and scan the memory of any running process, in pure Python (Windows, Linux & macOS) 15d ago I reverse engineered Lofree Hypace mouse firmware flashing protocol to bypass their official web based configuration on MacOS. 15d ago
181 loaded
FB
US charges suspected Russian hacker with facilitating cyber campaign 14d ago Hawkish GOP lawmaker Don Bacon says he was hacked by Russia 14d ago Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025 14d ago GreatXML: GreatXML bitlocker bypass vulnerability 14d ago GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan 14d ago I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue 14d ago [Op Report] From SSA Phish to AdaptixC2: A Multi-RAT Intrusion 14d ago GhostTrace – CLI forensic scanner for Windows: 22 modules, MITRE ATT&CK mapped, read-only by default 14d ago Miasma-style supply chain attacks 14d ago On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet 14d ago
603 loaded
MA
Malware Analysis & Reports
14d ago · 115 items
I built 99 adversarially malformed PE files to test tool robustness - here’s what happened 14d ago ClickFix attack in the wild — fake Cloudflare CAPTCHA delivering obfuscated PowerShell dropper 15d ago WordPress malware in official WooCommerce theme (Kiosko): hidden admin users and corrupted sitemap 15d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace 15d ago Fake Interview deploys stealthy cross platform (macOS/Windows) through npm package install in take home assessment 16d ago 73 Microsoft GitHub repositories impacted by Miasma malware 17d ago Unauthorized Onlyfans Payment 17d ago Building A Malware Lab From Scratch Part 2! 19d ago Detecting npm Native Addon Malware: node-gyp Abuse 19d ago Microsoft Warns of GPU Cryptojacking Campaign Spread Through AI Chatbot Links 20d ago
115 loaded
WE
WeLiveSecurity
14d ago · 36 items
OceanLotus: From external espionage to domestic targeting 14d ago Unpacking SMB cyber-readiness – and what makes or breaks it 15d ago Cybercriminals: the 'auditors' you never hired 16d ago Lessons for life: Why children’s data is a long-term identity risk 22d ago This month in security with Tony Anscombe – May 2026 edition 27d ago ESET APT Activity Report Q4 2025–Q1 2026 28d ago What to consider before asking an AI chatbot for health advice 29d ago BTMOB: A stealthy RAT burrowing deep into Android devices 30d ago Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise 34d ago Webworm: New burrowing techniques 36d ago
36 loaded
SM
Microsoft Build 2026: Building agentic apps with Microsoft Fabric and Microsoft Databases 23d ago Microsoft Build 2026 highlights advancements in app development with Microsoft Fabric and Microsoft Databases, emphasizing a unified data and AI platform. Azure IaaS: Defense in depth built on secure-by-design principles 52d ago Explore how Azure IaaS uses defense in depth and secure-by-design principles to deliver layered, scalable cloud security across compute, network, and data. Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM 55d ago Learn how Microsoft Azure Integrated HSM delivers hardware‑enforced key protection in the cloud, combining FIPS Level 3 assurances with transparency and open‑source collaboration. Azure IaaS: Keep critical applications running with built-in resiliency at scale 85d ago Learn how Azure IaaS helps organizations start from a resilient platform foundation with availability, continuity, and recovery capabilities. Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure 113d ago Learn how Azure IaaS helps you modernize infrastructure, improve performance and resilience, optimize costs, and prepare for AI workloads. Read more. Azure reliability, resiliency, and recoverability: Build continuity by design 128d ago Learn how Azure reliability, resiliency, and recovery capabilities work together to improve cloud continuity. Read more.
SK
STÖK
32d ago · 15 items
☔️🌅 32d ago Life in the Nordics 🌲 | Foraging Blueberries, Mushrooms & Nosework Training with Our Dogs 305d ago Winter vanlife = good times 907d ago What an experience! Getting a Christmas tree from our own piece of land. #movingupnorth! 913d ago Had to much GLÖGG and lost my camera during - 13371122 - Intigriti + Visma 920d ago IS THIS THE END? 980d ago Escaping the grind and decompiling python 3.9 pyc files to find vulnerabilites 1134d ago How to turn bugs into a "passive" income stream! ft Detectify's Almroot 1375d ago HOW DID THIS HAPPEN!? (13370822 LHE VLOG) 1388d ago Q: How to write a BUG BOUNTY report that actually gets paid? 1505d ago
15 loaded
DE
DEFCONConference
57d ago · 15 items
DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West 57d ago DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon 126d ago DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth 126d ago DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine 126d ago DEF CON 33 Recon Village - How to Become One of Them: Deep Cover Ops - Sean Jones, Kaloyan Ivanov 176d ago DEF CON 33 Recon Village - Inside the Shadows Tracking RaaS Groups, Cyber Threats - John Dilgen 176d ago DEF CON 33 Recon Village - Autonomous Video Hunter AI Agents for Real Time OSINT - Kevin Dela Rosa 176d ago DEF CON 33 Recon Village - A Playbook for Integration Servers - Ryan Bonner, Guðmundur Karlsson 176d ago DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov 176d ago DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino 176d ago
15 loaded
CC
CISA Cybersecurity Advisories
65d ago · 3 items
Defending Against China-Nexus Covert Networks of Compromised Devices 65d ago Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure 80d ago U.S. organizations should review the TTPs and IOCs in this advisory for indications of current or historical activity on their networks, and apply the Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure 201d ago The authoring organizations encourage critical infrastructure organizations to implement the recommendations in this advisory to reduce the likelihood and
BA
Business Fraud at Network Scale: What the $3.5B Medicare Hospice Crisis Reveals About Know Your Business 69d ago What is Customer Due Diligence (CDD) 93d ago Why Legacy Identity Verification Can’t Stop AI-Enabled Fraud 96d ago AML, KYC and Identity Verification in Australia 105d ago When Fraud Becomes Background Noise: The Industrialization of Digital Deception 171d ago The Efficiency Era of KYC: Reverification and Reusable Identity Take Center Stage 171d ago The End of Static KYB: Business Identity in Constant Motion 171d ago Know Your Agent: The Next Chapter in Digital Trust 171d ago When Rules Move Faster Than Readiness: Regulatory Adaptability as a Competitive Advantage 171d ago Digital Identity Trends 2026: AI Fraud, Compliance, and Orchestration 190d ago
13 loaded
FP
AI in Tax Season: Risks, Scams, and How to Protect Your Data 112d ago Tax Season Scams to Watch For This Year 119d ago Beware of Misleading Tax Advice on Social Media 287d ago Each year the IRS educates taxpayers on the most trending fraud schemes that could deceive individuals and businesses during tax season. In late 2024, The IRS took to warning the public against misleading “tips” or... Scammers Up Their Game With AI 288d ago Learn how to spot the threats and protect yourself from scammers using AI for phishing and deepfakes with smart security practices. The Essential Guide to Safeguarding Your Online Passwords 366d ago Protect your personal and business data with strong passwords, two-factor authentication, and smart cybersecurity practices. Beware: Tax Season is Scam Season 477d ago Tax season is also prime time for tax scams. To safeguard your personal information, consider these key points: Communication methods The IRS initiates contact primarily through mail, not email or phone calls. Be cautious of... Stop Scams: Fraud Prevention Starts with Your Employees 490d ago You can be as proactive and protective as possible when it comes to cyber security for your business, but there’s one vulnerability you cannot eliminate: human error. In fact, statistics estimate that as much as... ‘Tis the Season for Holiday Shopping Scams 563d ago The holidays are typically the time of year for gifting presents to friends and family or donations to charity. Unfortunately, not-so-jolly fraudsters take advantage of this generosity. Protect yourself by watching for these common scams:..... IRS Issues “Dirty Dozen” Fraud Warnings 748d ago Each year, the IRS releases a “Dirty Dozen” series to highlight the most common fraud schemes taxpayers should be aware of. IRS Identity Theft Season Begins Now 877d ago Each year thieves try to steal billions in federal withholdings by stealing your identity. As the IRS focuses more attention on this quickly growing problem, now is the time of year to be extra vigilant....
LI
LiveOverflow
112d ago · 15 items
Security-driven Rapid Release - Pwn2Own Documentary (Part 4) 112d ago Firefox JIT Bug - Pwn2Own Documentary (Part 3) 115d ago The First Exploit - Pwn2Own Documentary (Part 2) 119d ago The World's Hardest Hacking Competition - Pwn2Own Documentary (Part 1) 122d ago From Zero to Zero Day (and beyond) - Life of a Hacker: Jonathan Jacobi 442d ago The German Hacking Championship 468d ago Do you know this common Go vulnerability? 482d ago Google's Mobile VRP Behind the Scenes with Kristoffer Blasiak (Hextree Podcast Ep.1) 617d ago My theory on how the webp 0day was discovered #short 633d ago My theory on how the webp 0day was discovered (BLASTPASS) 634d ago
15 loaded
HA
HackerSploit
442d ago · 15 items
How FIN6 Exfiltrates Files Over FTP 442d ago Emulating FIN6 - Active Directory Enumeration Made EASY 493d ago The SECRET to Embedding Metasploit Payloads in VBA Macros 498d ago Offensive VBA 0x4 - Reverse Shell Macro with Powercat 506d ago Offensive VBA 0x3 - Developing PowerShell Droppers 512d ago Offensive VBA 0x2 - Program & Command Execution 517d ago Offensive VBA 0x1 - Your First Macro 519d ago Emulating FIN6 - Gaining Initial Access (Office Word Macro) 524d ago FIN6 Adversary Emulation Plan (TTPs & Tooling) 528d ago Developing An Adversary Emulation Plan 528d ago
15 loaded
TH
Threatpost
1394d ago · 10 items
Student Loan Breach Exposes 2.5M Records 1394d ago 2.5 million people were affected, in a breach that could spell more trouble down the line. Watering Hole Attacks Push ScanBox Keylogger 1395d ago Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms 1396d ago Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Ransomware Attacks are on the Rise 1399d ago Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. Cybercriminals Are Selling Access to Chinese Surveillance Cameras 1399d ago Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. Twitter Whistleblower Complaint: The TL;DR Version 1401d ago Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. Firewall Bug Under Active Attack Triggers CISA Warning 1402d ago CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. Fake Reservation Links Prey on Weary Travelers 1403d ago Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. iPhone Users Urged to Update to Patch 2 Zero-Days 1406d ago Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. Google Patches Chrome’s Fifth Zero-Day of the Year 1407d ago An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

No matching sources found.