US unseals indictment against alleged operators of Russian bulletproof hosting service
Finland issues wanted notice for hacker behind massive psychotherapy data breach
NATO logistics, Ukrainian troops are top subjects of Russian camera hacks, advisory says
Hackers steal Lidl customer data from external service provider
EU leaders eye social media ban for children under age 13
What's New
Top 5 Across All Sources-
US unseals indictment against alleged operators of Russian bulletproof hosting service
The Record from Recorded Future News · 1h ago -
I tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for me
Latest news · 1h ago -
Microsoft Patches a Record 570 Security Flaws
Krebs on Security · 1h ago -
Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
SecurityWeek · 1h ago -
Microsoft releases Windows 10 KB5099539 extended security update
BleepingComputer · 1h ago
Gigafeed (4876 entries)
US unseals indictment against alleged operators of Russian bulletproof hosting service The Record from Recorded Future News · 1h ago I tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for me Latest news · 1h ago Microsoft Patches a Record 570 Security Flaws Krebs on Security · 1h ago Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days SecurityWeek · 1h ago Microsoft releases Windows 10 KB5099539 extended security update BleepingComputer · 1h ago The only Apple Watch strap you'll ever need is down to its lowest price yet Latest news · 1h ago Synopsys Finds No Evidence of Data Breach Amid Bosch Hack Claims SecurityWeek · 1h ago SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data The Hacker News · 1h ago Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days BleepingComputer · 2h ago Backdoored TortoiseSVN Installer John Hammond · 2h ago How to download iPadOS 27 right now - and which models support it Latest news · 2h ago Every iPhone model that supports iOS 27 (and which older ones don't) Latest news · 2h ago Is Cat7 a SCAM? David Bombal · 2h ago Windows 11 KB5101650 & KB5099414 cumulative updates released BleepingComputer · 2h ago SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410) Help Net Security · 2h ago The Gray Area in Your Checkout Is Costing You More Than You Think Blog – Forter · 2h ago Finland issues wanted notice for hacker behind massive psychotherapy data breach The Record from Recorded Future News · 2h ago Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads The Hacker News · 2h ago How to download iOS 27 right now (and which iPhone models support it) Latest news · 2h ago Google is training AI on even more of your data now, unless you opt out - here's how Latest news · 2h ago 5 smart home gadgets I actually recommend, after years of testing Latest news · 3h ago Adobe Patches Critical ColdFusion Vulnerabilities SecurityWeek · 3h ago LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts The Hacker News · 3h ago What to Expect at Black Hat USA 2026 Black Hat · 3h ago Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown BleepingComputer · 4h ago Google Search will let you instantly generate AI images for free - here's how Latest news · 4h ago I'm a serial Linux distro hopper - these 7 signs mean it's time to switch Latest news · 4h ago LastPass, Bitwarden users targeted with fake security alerts BleepingComputer · 4h ago What Nacha’s amended rules mean for your ACH fraud monitoring Fraud Prevention – Riskified · 4h ago These 5 gadgets will upgrade your Apple Watch - and I recommend them Latest news · 5h ago You Don't Have to Run an Exploit to Know If You're Vulnerable BleepingComputer · 6h ago CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-48561 Microsoft Copilot Remote Code Execution Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-42982 Windows Secure Kernel Mode Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-47296 Microsoft SQL Server Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-34349 Windows Media Information Disclosure Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-34346 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-42900 Microsoft Windows App Store Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-42975 Windows Bluetooth Port Driver Remote Code Execution MSRC Security Update Guide · 6h ago CVE-2026-47300 ASP.NET Core Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-47302 .NET Denial of Service Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-47303 ASP.NET Core Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-42990 SQL Server ODBC driver Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-48572 Windows App Package Installer Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-48571 Windows App Package Installer Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-49162 Microsoft Brokering File System Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-49164 Windows Active Directory Domain Services Remote Code Execution Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-49165 Microsoft Windows App Store Information Disclosure Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-49166 Windows Print Configuration Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-49167 Windows Kernel Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago CVE-2026-49168 Storage Spaces Direct Elevation of Privilege Vulnerability MSRC Security Update Guide · 6h ago 7 Severe Vulnerabilities Patched in VMware Avi Load Balancer SecurityWeek · 6h ago NATO logistics, Ukrainian troops are top subjects of Russian camera hacks, advisory says The Record from Recorded Future News · 6h ago RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata The Hacker News · 6h ago New macOS malware steals passwords by posing as Apple’s crash-reporting tool Help Net Security · 6h ago How to install the MacOS 27 public beta on your Mac today - it's live now Latest news · 6h ago Download: The ultimate guide to network operations management Help Net Security · 7h ago Unpatched Claude for Chrome Flaw Lets Extensions Read Gmail, Calendar SecurityWeek · 7h ago Windows Search just got a faster, cleaner overhaul - how to try it today Latest news · 7h ago Microsoft Entra ID gets passkeys default authentication starting September BleepingComputer · 7h ago New phishing kits target Microsoft 365 accounts, evade MFA BleepingComputer · 7h ago 11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot The Hacker News · 7h ago “Context bombs” can frustrate AI-driven attacks, researchers found Help Net Security · 7h ago 12 YouTube default settings to change right now for a more enjoyable experience Latest news · 7h ago Don't let an AI chatbot pick your password, ever Latest news · 7h ago Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks The Hacker News · 8h ago SAP warns of critical flaws in NetWeaver and Commerce Cloud BleepingComputer · 8h ago How Pentera Turns AI Security Workflows into Validation Engines The Hacker News · 8h ago OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials The Hacker News · 8h ago SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud SecurityWeek · 8h ago SEO is not dead: 5 ways to win more citations from AI search Latest news · 9h ago US, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure Routers SecurityWeek · 9h ago Microsoft starts testing cleaner Windows Search without ads BleepingComputer · 9h ago Google adds FIDO2 keys and phone passkeys to Windows login via GCPW Help Net Security · 9h ago No one knows how many old shims can still bypass UEFI Secure Boot Help Net Security · 9h ago US sanctions VPN, malware providers for enabling ransomware attacks BleepingComputer · 10h ago Valarian Raises $50 Million for Sovereign Infrastructure Control Layer SecurityWeek · 10h ago UK charges five persons linked to fraud platform behind more than a million scam calls Help Net Security · 10h ago Multiple Jscrambler Packages Impacted by Supply Chain Attack SecurityWeek · 11h ago Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read The Hacker News · 11h ago Microsoft Entra ID authentication overhaul to start in September 2026 Help Net Security · 11h ago U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support The Hacker News · 12h ago 148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet The Hacker News · 13h ago I tried Google Maps' new 3D Immersive View for Android Auto, and it fixed my biggest navigation problems Latest news · 13h ago Pentagon Suspends CMMC Phase 2 as It Rethinks Contractor Cybersecurity Rules SecurityWeek · 13h ago New tutorials on underground hacking forums have roughly doubled Help Net Security · 13h ago Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity The Hacker News · 13h ago The best defense against AI attacks turns out to be a skeptical human Help Net Security · 14h ago The FBI Warned About Fake Permit Fees. The Harder Question Is Where the Money Goes. | Recorded Future Recorded Future · 20h ago Hackers steal Lidl customer data from external service provider The Record from Recorded Future News · 21h ago Defending SaaS-based applications against ShinyHunters OAuth abuse Microsoft Security Blog · 22h ago The US government warns that Russia state hackers are coming after your router Security - Ars Technica · 23h ago I tested COSMIC's new Frosted Glass effect, and it's way better than MacOS' Liquid Glass Latest news · 23h ago EU leaders eye social media ban for children under age 13 The Record from Recorded Future News · 23h ago Japan's largest taxi operator shuts systems after cyberattack BleepingComputer · 23h ago Cisco's Agents Reason Like a CCIE David Bombal · 1d ago Hackers backdoor Jscrambler npm package with infostealer malware BleepingComputer · 1d ago New CrashStealer malware poses as Apple crash reporting tool BleepingComputer · 1d ago Is that QR code a trap? How to spot quishing scams before it's too late Latest news · 1d ago CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks The Hacker News · 1d ago Windows questions? How Copilot can analyze your PC settings now Latest news · 1d ago Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found The Hacker News · 1d ago Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID Microsoft Security Blog · 1d ago How I tag my files to avoid endless searching and disorganized folders Latest news · 1d ago CISA warns of actively exploited RCE flaws in Joomla extensions BleepingComputer · 1d ago Now, defenders are embracing the prompt injection, too Security - Ars Technica · 1d ago ⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More The Hacker News · 1d ago Lessons Learned from CISA’s Recent GitHub Leak Krebs on Security · 1d ago Lidl discloses online shop breach after service provider hack BleepingComputer · 1d ago Breach at the Beach: Play the Ultimate Entra ID CTF BleepingComputer · 1d ago Black Hat Europe 2025 | Compromising The AI Agent Ecosystem Via Its "Universal Connector" Black Hat · 1d ago New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email The Hacker News · 1d ago UK charges suspects linked to Russian Coms call spoofing platform BleepingComputer · 1d ago Payload Podcast 009 - Steven Flores John Hammond · 1d ago Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft The Hacker News · 1d ago This Hacker Made $8,000 Hacking a Major Retailer's AI Chatbot Over DNS (Live Demo!) NahamSec · 1d ago Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling The Hacker News · 1d ago Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots The Hacker News · 1d ago EU sanctions Russian GRU military hackers over cyberattacks BleepingComputer · 1d ago Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory The Hacker News · 1d ago A Leak of San Francisco Police Drone Footage Exposes the New Reality of Urban Surveillance Security Latest · 1d ago US and allies warn of Russian critical infrastructure attacks BleepingComputer · 1d ago OpenAI temporarily relaxes GPT-5.6 Sol usage limits BleepingComputer · 1d ago Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time BleepingComputer · 2d ago Black Hat Europe 2025 | Millions of Intranet Devices Are Facing Silent Takeover (On-Demand Only) Black Hat · 2d ago RedHook Android malware now uses Wireless ADB for shell access BleepingComputer · 2d ago Install GrapheneOS Before Your Phone Becomes the Checkpoint David Bombal · 2d ago Scanning malicious websites with arbitrary number of VPN tunnels (Part 2) Technical Information Security Content & Discussion · 3d ago Black Hat Europe 2025 | Bootstrapping Trust: From Isolated Build Machines to Enclaved CI Pipelines Black Hat · 3d ago HackTheBox - CCTV IppSec · 3d ago Australia warns of global campaign targeting vulnerable CMS platforms BleepingComputer · 3d ago AI Found a Root Bug in Linux That Everyone Missed for 15 Years Security Latest · 3d ago 'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets BleepingComputer · 3d ago NEW AI Hacking Challenges with Andrew Bellini! John Hammond · 3d ago New U-Boot flaws could enable stealthy firmware attacks BleepingComputer · 3d ago Ryuk ransomware member pleads guilty in the US, faces 15 years in prison BleepingComputer · 4d ago Police suspects Dutch hackers were involved in Odido breach BleepingComputer · 4d ago Progress urges ShareFile admins to shut down servers over “credible” threat BleepingComputer · 4d ago Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative Microsoft Security Blog · 4d ago Soft Skills for the Job Market: Applying for Jobs The Cyber Mentor · 4d ago Hackers exploit critical auth bypass in Gitea Docker image BleepingComputer · 4d ago Money launderer accused of stealing seized crypto while in prison BleepingComputer · 4d ago Fake Microsoft Installer John Hammond · 4d ago Black Hat Europe 2025 | Pwning .NET Framework Applications Through HTTP Client Proxies And WSDL Black Hat · 4d ago The Replicant in Your Directory: AI Agents and the Identity Security Gap BleepingComputer · 4d ago Top 6 Managed Detection and Response Providers Heimdal Security Blog · 4d ago Can AI-generated adversaries break TTP-based attribution? (arXiv 2026) Technical Information Security Content & Discussion · 4d ago Zimbra urges customers to patch critical web client XSS flaw BleepingComputer · 4d ago Towards CSI: What's the best harness? (arXiv 2026) Technical Information Security Content & Discussion · 4d ago Former ransomware negotiator gets 4 years for BlackCat attacks BleepingComputer · 4d ago Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail CyberScoop · 4d ago June 2026 CVE Landscape Recorded Future · 4d ago LIVE AMA | Summer of CCNA | 07/09/2026 NetworkChuck · 4d ago OpenMandriva Linux says contributor tried to sabotage the project BleepingComputer · 4d ago Patch for Windows Defender 0-day could allow attackers to fill hard disk Security - Ars Technica · 4d ago Injective SDK on npm infected with cryptocurrency wallet stealer BleepingComputer · 4d ago Black Hat Intercepted | Olivia Gallucci, Security Engineer at Datadog Black Hat · 5d ago See you at Black Hat USA 2026! John Hammond · 5d ago Interpol cybercrime crackdown nets 5,800 arrests across 97 countries CyberScoop · 5d ago New Helix vishing group emerges in SharePoint data theft attacks BleepingComputer · 5d ago Microsoft expects more Windows security updates from AI-discovered flaws BleepingComputer · 5d ago GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware Microsoft Security Blog · 5d ago Black Hat Europe 2025 | Ghost In The Stack: Evolving Call Stack Spoofing In A Post-CET Era Black Hat · 5d ago New Forg365 phishing platform uses AI to target Microsoft 365 accounts BleepingComputer · 5d ago 764 splinter group leader sentenced to 40 years in jail CyberScoop · 5d ago Suspected Russian Threat Actor Impersonates Legitimate Crypto Wallets to Deploy Remote Utilities Technical Information Security Content & Discussion · 5d ago The Hidden Security Risks of Reduced Summer IT Coverage BleepingComputer · 5d ago A Majority of European Lawmakers Voted Against Letting Big Tech Read Our Messages. They’re Going to Anyway Security Latest · 5d ago Microsoft to retire the OWA Light client in Exchange Server BleepingComputer · 5d ago Madison Square Garden Kept a List of Gay Celebrities Security Latest · 5d ago Police arrests 5,800 suspects in global anti-fraud crackdown BleepingComputer · 5d ago AssuranceAmerica data breach exposes records of 6.9 million drivers BleepingComputer · 5d ago Microsoft patches RoguePlanet Defender zero-day vulnerability BleepingComputer · 5d ago RiskX interview video featuring Colin Mahony and Mastercard's Aditi Sawhney Recorded Future · 5d ago Mount Royal University confirms breach as hackers claim attack BleepingComputer · 5d ago Your Payment Routing Rules Are Making Decisions Without You Blog – Forter · 5d ago Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials BleepingComputer · 6d ago Google pays $250K for Linux vulnerability allowing guest VM escapes Security - Ars Technica · 6d ago Black Hat Europe 2025 | ORMageddon: Leaking More Than You Joined For Black Hat · 6d ago Hackers exploit Roundcube flaw to spy on academic researchers BleepingComputer · 6d ago French nonprofit starts global intelligence and research hub for AI cyber threats CyberScoop · 6d ago 1 in 2 devices sold in Africa exfiltrate data to China Technical Information Security Content & Discussion · 6d ago Inside an AI coal mine security camera network powered by plaintext passwords Technical Information Security Content & Discussion · 6d ago LIVE: 1 Million Subscribers | DEF CON/Summer Camp Giveaway The Cyber Mentor · 6d ago Protecting Microsoft at AI speed: How SFI proactively hardens our cloud Microsoft Security Blog · 6d ago Entra passkey enrollment vishing targets Microsoft 365 users BleepingComputer · 6d ago Drift Corpus: binary diffs of 240+ 2026 Windows kernel patches Technical Information Security Content & Discussion · 6d ago TeamPCP Attention John Hammond · 6d ago Cisco Advance Notification for Publication of July 15, 2026, Security Advisories Cisco Security Advisory · 6d ago Black Hat Europe 2025 | Breaking AI Inference Systems: Lessons From Pwn2Own Berlin Black Hat · 6d ago 3 Ways AI Powers Service Desk Attacks and How to Prevent Them BleepingComputer · 6d ago Felons, Fraudsters Flog Offensive Cybersecurity Startup Krebs on Security · 6d ago DuckDuckGo browser now blocks YouTube video ads BleepingComputer · 6d ago Telco giant KDDI says data breach affects over 12 million people BleepingComputer · 6d ago OnlyFans Models Are Accidentally Making Hacked Government Websites Disappear Security Latest · 6d ago What Happens if China Hacks the US Water Supply? I Went to a Secret War Game to Find Out Security Latest · 6d ago CISA orders feds to prioritize patching Langflow auth bypass flaw BleepingComputer · 6d ago Cyber-Aware Customers Are Raising the Bar for MSPs and Other Vendors Heimdal Security Blog · 6d ago Found fast, fixed slow: The gap the AI clearinghouse must close CyberScoop · 6d ago ESET Threat Report H1 2026 WeLiveSecurity · 6d ago Ubiquiti warns of new max severity UniFi OS vulnerability BleepingComputer · 6d ago CISA orders feds to patch max severity ColdFusion flaw by Friday BleepingComputer · 6d ago Hackers can use 9 of the most popular AI tools to assemble massive botnets Security - Ars Technica · 6d ago Bad Epoll: The bug missed by Mythos Technical Information Security Content & Discussion · 6d ago Five Eyes Alert: The AI Deception Has Already Begun | Threat Wire Hak5 · 6d ago The Threat Isn’t the Frontier Model Recorded Future · 6d ago Accenture confirms breach after hacker offers stolen data for sale BleepingComputer · 6d ago Spain arrests suspected hacker linked to Russian hacktivist campaign CyberScoop · 6d ago Deepfake CSAM lawsuit against xAI, Grok expands CyberScoop · 6d ago Chinese hackers develop LONGLEASH malware to expand ORB network BleepingComputer · 7d ago Hidden backdoor in Tenda router firmware grants admin access BleepingComputer · 7d ago Black Hat Intercepted | Anurag Swarnim Yadav, Co-Founder & CTO of QubitAC Black Hat · 7d ago Spain arrests suspected member of pro-Russian hacktivist groups BleepingComputer · 7d ago GitLost: a public GitHub issue can steer an org's Agentic Workflow into leaking private repo contents, and a one-word prefix ("Additionally") bypassed the threat-detection guardrail Technical Information Security Content & Discussion · 7d ago Black Hat Europe 2025 | Nation-Scale SecOps: How CERT PL Scans Poland Black Hat · 7d ago The GitHub Actions Attack Pattern Your CI Security Scanners Miss BleepingComputer · 7d ago Webinar tomorrow: Why modern email attacks require a new approach to defense BleepingComputer · 7d ago New Januscape Linux flaw allows VM escape on Intel, AMD devices BleepingComputer · 7d ago Threat landscape for industrial automation systems. Q1 2026 Securelist · 7d ago Microsoft to enable Windows settings backup by default for orgs BleepingComputer · 7d ago Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities CyberScoop · 7d ago BeyondTrust warns of critical flaws in remote access software BleepingComputer · 7d ago Microsoft testing new Cloud Rebuild Windows 11 recovery feature BleepingComputer · 7d ago Phishing poses as big-brand job interview to steal Google accounts BleepingComputer · 7d ago Fake IT support calls on Microsoft Teams push EtherRAT malware BleepingComputer · 7d ago Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities Cisco Security Advisory · 8d ago Vietnam arrests suspects behind HiAnime anime piracy service BleepingComputer · 8d ago Unveiled: Cisco Deep Reasoning David Bombal · 8d ago US Army websites defaced with pro-Kurdish sentiments, insults to Trump CyberScoop · 8d ago 5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management Microsoft Security Blog · 8d ago Sysdig clocks first documented case of agentic ransomware CyberScoop · 8d ago Open Source Malware John Hammond · 8d ago Black Hat Europe 2025 | Not Just Victims: The Hidden Villains Inside Infostealer Logs Black Hat · 8d ago New OST2 class: "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" Technical Information Security Content & Discussion · 8d ago Software Is Now Written at the Speed of Thought. Security Isn't. BleepingComputer · 8d ago Max severity Adobe ColdFusion flaw now exploited in attacks BleepingComputer · 8d ago I Made an AI Agent That Reverses CVEs While I Sleep NahamSec · 8d ago Cisco Catalyst Center Arbitrary File Read Vulnerability Cisco Security Advisory · 8d ago ICE’s Internal Watchdog Is Now Investigating Online Critics Security Latest · 8d ago Playing Around With ADIDNS RPC Internals Technical Information Security Content & Discussion · 8d ago When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website Securelist · 8d ago Finding vulnerabilities was never the hard part CyberScoop · 8d ago Windows Service - Playbook & Detection Strategies Technical Information Security Content & Discussion · 8d ago THE MOD WORKS! lets improve it John Hammond · 8d ago Why Apple Hide My Email FAILS David Bombal · 9d ago Black Hat Europe 2025 | Taking Control Over Legacy And ERTMS/ETCS Railroad Signaling Systems Black Hat · 9d ago Flipper Zero firmware development continues with community help BleepingComputer · 9d ago New to Linux? This is the best place to start! David Bombal · 9d ago the vibe continues John Hammond · 9d ago Black Hat Europe 2025 | Slashing QUIC's Performance With A Hash DoS Black Hat · 10d ago HackTheBox - DevArea IppSec · 10d ago JadePuffer ransomware used AI agent to automate entire attack BleepingComputer · 10d ago Security Roundup: Apple’s Hide My Email Service Fails to Hide Your Email Security Latest · 10d ago let's vibe John Hammond · 10d ago WARNING: AI tracks your face David Bombal · 11d ago NetNut proxy network disrupted, 2 million infected devices cut off BleepingComputer · 11d ago How to scale your patches without scaling your team (the patch wave) Heimdal Security Blog · 11d ago Black Hat Europe 2025 | Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents Black Hat · 11d ago ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit BleepingComputer · 11d ago Cyber readiness for SMBs: Getting the basics right WeLiveSecurity · 11d ago AI didn’t break patching. It showed us patching was already broken. Heimdal Security Blog · 11d ago Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign Securelist · 11d ago EU Politicians Investigated Pegasus Spyware. Then It Ended Up on One of Their Phones Security Latest · 11d ago Someone infected a spyware probe overseer with spyware CyberScoop · 11d ago Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says BleepingComputer · 11d ago Claude Fable relaunch disappoints users with nerfed performance BleepingComputer · 11d ago ClamAV Vulnerabilities Affecting Cisco Products: July 2026 Cisco Security Advisory · 11d ago Fable 5 is back.....run these prompts before July 12th NetworkChuck · 11d ago Newly discovered PamStealer isn't your typical macOS malware Security - Ars Technica · 12d ago FBI Seizes NetNut Proxy Platform, Popa Botnet Krebs on Security · 12d ago It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza) - watchTowr Labs Technical Information Security Content & Discussion · 12d ago FIFA was saved this time Technical Information Security Content & Discussion · 12d ago Improving security posture across the Microsoft partner ecosystem Microsoft Security Blog · 12d ago Alleged longstanding member of Scattered Spider extradited to US CyberScoop · 12d ago Google loses final appeal to overturn €4.1 billion EU fine BleepingComputer · 12d ago Celebrating 1 Million Subscribers on July 8th! The Cyber Mentor · 12d ago ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds BleepingComputer · 12d ago Microsoft fixes bug that removed Copilot buttons in Outlook BleepingComputer · 12d ago Cisco finally confirms attackers exploiting Unified CM flaw BleepingComputer · 12d ago CISA: Microsoft SharePoint RCE flaw now actively exploited BleepingComputer · 12d ago Opera rolls out Paste Protect feature to fight ClickFix attacks BleepingComputer · 12d ago Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects Securelist · 12d ago Alleged Scattered Spider hacker extradited to the United States BleepingComputer · 12d ago /r/netsec's Q3 2026 Information Security Hiring Thread Technical Information Security Content & Discussion · 12d ago News alert: Link11 launches faster DDoS mitigation to counter AI-driven, adaptive network attacks The Last Watchdog · 12d ago Medtronic notifies customers impacted by ShinyHunters data breach BleepingComputer · 12d ago FortiBleed credential-theft campaign linked to Lynx ransomware BleepingComputer · 12d ago Kubota says hackers had month-long access to network systems BleepingComputer · 12d ago ChocoPoc malware delivered via trojanized exploits on GitHub BleepingComputer · 13d ago New ChocoPoC malware targets researchers via trojanized PoC exploits BleepingComputer · 13d ago Researchers spot exploitation of another critical Oracle defect CyberScoop · 13d ago DHS confirms hackers breached HSIN info-sharing platform BleepingComputer · 13d ago Webinar: Why traditional email security is no longer enough BleepingComputer · 13d ago Hackers target Microsoft 365 accounts with 81 million login attempts BleepingComputer · 13d ago NASA inspector general suggests Boeing's Starliner will now be a decade late Security - Ars Technica · 13d ago Cisco Advance Notification for Publication of July 1, 2026, Security Advisories Cisco Security Advisory · 13d ago Microsoft named a leader in the Frost Radar for cloud and application runtime security Microsoft Security Blog · 13d ago New Cargo Theft Surge: From Lobster Heists To Bourbon Warehouse Scams Proofpoint News Feed · 13d ago Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability Cisco Security Advisory · 13d ago Privilege escalation to root in Lima QEMU guests via a world-writable agent socket (CVE-2026-53657) Technical Information Security Content & Discussion · 13d ago Turning Indicators into Intelligence in OpenCTI with Criminal IP BleepingComputer · 13d ago Beyond Usernames John Hammond · 13d ago US lifting export control restrictions on Anthropic’s Mythos, Fable CyberScoop · 13d ago r/netsec monthly discussion & tool thread Technical Information Security Content & Discussion · 13d ago Over 900 Oracle E-Business instances exposed to ongoing attacks BleepingComputer · 13d ago The Chaya_006 Alert: OT Edge Devices Under Fire Cyber Defense Magazine · 13d ago Microsoft fixes GIF functionality in the Windows Emoji Panel BleepingComputer · 13d ago The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign Securelist · 13d ago Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival Security Latest · 13d ago This phishing kit looks more like BEC-as-a-service CyberScoop · 13d ago Amazon fined $2.25M for withholding evidence from fraud victims BleepingComputer · 13d ago Heimdal Launches MSP Onboarding Wizard to Help Partners Onboard Microsoft CSP Customers in 2 Minutes Heimdal Security Blog · 13d ago Adobe patches seven max severity ColdFusion, Campaign flaws BleepingComputer · 13d ago OpenClaw: risks for the users and how to mitigate them Securelist · 13d ago Anthropic to restore Claude Fable access on Wednesday BleepingComputer · 13d ago Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool Recorded Future · 13d ago Anthropic rolls out Sonnet 5 with near-Opus 4.8 performance at a lower price BleepingComputer · 13d ago New BioShocking attack manipulates AI browser into data theft BleepingComputer · 13d ago Citrix patches a new NetScaler flaw with echoes of CitrixBleed CyberScoop · 13d ago Microsoft accelerates quantum-safe roadmap as risks grow BleepingComputer · 13d ago Malicious PyPI packages give hackers control of Telegram bot servers BleepingComputer · 13d ago Trump budget boss Russell Vought open to re-staffing CISA CyberScoop · 13d ago New attack provides one more reason why AI browsers are a bad idea Security - Ars Technica · 14d ago Is DEFCON for you? David Bombal · 14d ago CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) - watchTowr Labs Technical Information Security Content & Discussion · 14d ago Accelerating the quantum-safe timeline Microsoft Security Blog · 14d ago News alert: Reflectiz partners with Taboola to host webinar on AI-driven marketing security risks The Last Watchdog · 14d ago News alert: OpenMatter launches platform to verify AI activity across enterprise systems The Last Watchdog · 14d ago Beyond CTF Labs John Hammond · 14d ago What’s new in Microsoft Security: June 2026 Microsoft Security Blog · 14d ago Fake Perplexity extension on Chrome Web Store tracked searches BleepingComputer · 14d ago Defending the Authentication Flow: Device Code Phishing with Selena Larson Proofpoint News Feed · 14d ago Nissan Americas Hit in Global Oracle PeopleSoft Data Breach Cyber Defense Magazine · 14d ago DHS to unveil replacement council for critical infrastructure cybersecurity CyberScoop · 14d ago This month in security with Tony Anscombe – June 2026 edition WeLiveSecurity · 14d ago Lessons from the Underground: How to Combat Business Email Compromise BleepingComputer · 14d ago Insurance giant Aflac discloses data breach after subsidiary hack BleepingComputer · 14d ago Mircosoft adds smarter bot protection to Teams meetings BleepingComputer · 14d ago Microsoft adds smarter bot protection to Teams meetings BleepingComputer · 14d ago Auditing OpenReception: 16 CVEs in an end-to-end encrypted appointment booking platform (unauthenticated admin creation, account takeover, E2E bypass) Technical Information Security Content & Discussion · 14d ago ToddyCat: your hidden email assistant. Part 2 Securelist · 14d ago Kali Linux 2026.2 released with 9 new tools, NetHunter updates BleepingComputer · 14d ago Blackfield ransomware asks Nidec Corporation for $2 million ransom BleepingComputer · 14d ago How ransomware syndicates weaponize corporate-style organization CyberScoop · 14d ago CISA: Windows BlueHammer flaw now exploited by ransomware gangs BleepingComputer · 14d ago US offers $10 million for info on group behind Signal and WhatsApp hacking spree Security - Ars Technica · 14d ago Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs Security Latest · 14d ago Warner bill would create federally vetted list for secure, trustworthy AI agents CyberScoop · 14d ago Nissan discloses employee data breach linked to Oracle zero-day attacks BleepingComputer · 14d ago NAIC says public data stolen in ShinyHunters' PeopleSoft breach BleepingComputer · 14d ago Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs Technical Information Security Content & Discussion · 15d ago WhatsApp rolls out usernames to help users hide their phone number BleepingComputer · 15d ago Supreme Court approves mail-in ballots that arrive after Election Day CyberScoop · 15d ago Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling CyberScoop · 15d ago Microsoft extends Windows Server 2022 hotpatching until October 2027 BleepingComputer · 15d ago ConsentFix Exposed John Hammond · 15d ago U.S. offers $10 million for hackers targeting WhatsApp, Signal users BleepingComputer · 15d ago Agentic AI Has an Identity Problem and Attackers Know It BleepingComputer · 15d ago Critical SimpleHelp flaw exploited to deploy new stealer malware BleepingComputer · 15d ago Hackers now exploit critical Oracle E-Business flaw in attacks BleepingComputer · 15d ago Webinar: Why business email compromise attacks keep succeeding BleepingComputer · 15d ago CISA Warns Attackers Are Targeting Critical Internal Business Platforms Cyber Defense Magazine · 15d ago US seizes hundreds of FIFA World Cup illegal streaming domains BleepingComputer · 15d ago The Gentlemen are knocking: сustom backdoors and evolving tactics Securelist · 15d ago Top Google Security Staff Warn Search Data Could Be Hacked if EU Rules Change Security Latest · 15d ago What the post-quantum executive order really demands of CISOs CyberScoop · 15d ago Inside the inbox: Why cybercriminals want to break into your email account WeLiveSecurity · 15d ago TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry Trend Micro Research, News, Perspectives · 15d ago Return On Risk: The New Measure Of Cyber Resilience Cyber Defense Magazine · 16d ago Data breach exposes up to 14.2 million email logins at six ISPs BleepingComputer · 16d ago 2026 home lab setup to test malicious links safely for FREE (step by step) David Bombal · 16d ago Path to StateRAMP Cyber Defense Magazine · 16d ago I tried a Local AI model (Qwen 3.6 27b) for security research and it works surprisingly well. Technical Information Security Content & Discussion · 16d ago Dissecting Apple's Sparse Image Format (ASIF) Technical Information Security Content & Discussion · 16d ago A peek into Reddit's anti-spam internals Technical Information Security Content & Discussion · 17d ago Rethinking Identity Security In The Age Of AI Driven Fraud Cyber Defense Magazine · 17d ago HackTheBox - WingData IppSec · 17d ago Clean GitHub repo tricks AI coding agents into running malware BleepingComputer · 17d ago New Age Insider Risk Cyber Defense Magazine · 17d ago Security News This Week: LastPass Users Had Their Data Stolen—Again Security Latest · 17d ago FBI: Russian hackers now target Signal backup recovery keys BleepingComputer · 17d ago CISA sets urgent deadline to fix Cisco flaw exploited in attacks BleepingComputer · 18d ago ATF cancels controversial commercial geolocation contract CyberScoop · 18d ago Polymarket customers lose $3 million in supply-chain attack BleepingComputer · 18d ago Cybersecurity firms targeted by fraudulent OpenAI organization invites BleepingComputer · 18d ago The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials Security Latest · 18d ago Facebook Phishing Fails John Hammond · 18d ago Real Folks of Cyber | Pearce Barry | Day in the Life The Cyber Mentor · 18d ago How Dynamic Defense shuts an attacker out without shutting down the business Heimdal Security Blog · 18d ago Openclaw And The Agentic AI Inflection Point: From “Cool Demo” To Governed Infrastructure Cyber Defense Magazine · 18d ago Your First GRC Agent: A Red Teamer's Walkthrough BleepingComputer · 18d ago Which is Ethernet? What's the difference? David Bombal · 18d ago Reasonable Reliance: The Test Duty-Holders Are Quietly Being Held To Cyber Defense Magazine · 18d ago Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk Securelist · 18d ago Name That Toon Contest darkreading · 18d ago Static security has run out of road. The case for Dynamic Defense Heimdal Security Blog · 18d ago SMB cyber readiness: the road to resilience starts here WeLiveSecurity · 18d ago Anthropic is testing desktop-like Claude Cowork for mobile BleepingComputer · 18d ago Poland busts SIM-swapping gang tied to millions in crypto theft BleepingComputer · 18d ago Getting Started with the TCM Security Academy The Cyber Mentor · 19d ago FCC passes new cybersecurity rules for emergency systems, undersea cables CyberScoop · 19d ago Order-tracking app Shop abused to push callback phishing attacks BleepingComputer · 19d ago Microsoft quietly extends free Windows 10 ESU support to October 2027 BleepingComputer · 19d ago New macOS malware embeds fake errors to confuse AI analysis tools BleepingComputer · 19d ago Federal court rules Trump election-focused executive order illegal CyberScoop · 19d ago Disable SmartScreen Fast John Hammond · 19d ago PirloTV sports piracy network disrupted as 44 domains seized BleepingComputer · 19d ago CVE-2025-52465 geoserver arbitrary file write vulnerability Technical Information Security Content & Discussion · 19d ago The Moment Of Reliance: The Question Safety Governance Cannot Currently Answer Cyber Defense Magazine · 19d ago Bluekit phishing kit adopts browser-in-the-middle for login theft BleepingComputer · 19d ago Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract CyberScoop · 19d ago Cisco Finesse Remote File Inclusion Vulnerability Cisco Security Advisory · 19d ago Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack CyberScoop · 19d ago The Four Elevations of Effective Fraud Prevention BleepingComputer · 19d ago The New Face Of Fraud: Why AI Is Making Older Adults The Primary Target Cyber Defense Magazine · 19d ago Copilot in Excel: Built for the era of Frontier Finance Microsoft 365 Blog · 19d ago Webinar: Why account takeovers remain one of the hardest threats to stop BleepingComputer · 19d ago NSA Urges Cyberthreat Timeline Has Compressed From Years to Months Cyber Defense Magazine · 19d ago CargoWise WebTracker - The keys were in the cargo Technical Information Security Content & Discussion · 19d ago Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools Securelist · 19d ago British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted Security Latest · 19d ago Europe Evolves Into Ransomware's Favorite Region darkreading · 19d ago Why patch directives only go so far CyberScoop · 19d ago Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances WeLiveSecurity · 19d ago Where Expertise Meets Algorithm: The Insikt Group® Intelligence Edge Recorded Future · 19d ago Evaluating Mexico’s New Cybersecurity Plan Recorded Future · 19d ago Google releases new privacy controls for activity history, personalization BleepingComputer · 19d ago DraftKings hacker 'Snoopy' sentenced to 18 months in prison BleepingComputer · 19d ago Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access BleepingComputer · 19d ago Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure darkreading · 19d ago One-two punch delivered in global operation disrupts cybercrime "assembly line" Security - Ars Technica · 19d ago Malicious Edge extension abuses Native Messaging as bridge to malware BleepingComputer · 19d ago 2026 FIFA World Cup Faces Surge in Cyber Threats darkreading · 19d ago Europe’s 800 Exaflop SUPERCOMPUTERS David Bombal · 20d ago Do CISOs Need a Code of Ethics? darkreading · 20d ago Malicious hackers exploit Cisco zero-day for highest access level at communications service provider CyberScoop · 20d ago More Malicious OpenClaw Skills Threaten AI Supply Chain darkreading · 20d ago Exploiting vulnerabilities in Johnson & Johnson web apps Technical Information Security Content & Discussion · 20d ago Governance Is Failing: Why Converged Digital Risk Is Outpacing Every Control We Have Cyber Defense Magazine · 20d ago CISA warns of max severity Ubiquiti flaws exploited in attacks BleepingComputer · 20d ago Amadey, StealC malware operations disrupted in Operation Endgame action BleepingComputer · 20d ago Securing the service desk: Why social engineering attacks keep succeeding BleepingComputer · 20d ago Invisible By Design: Making Quantum-Safe Encryption The Easy Path Cyber Defense Magazine · 20d ago ESET takes part in Operation Endgame to disrupt Amadey and Stealc WeLiveSecurity · 20d ago In a first, a court takedown goes after two cybercrime tools at once CyberScoop · 20d ago Magecart Evolves and Attackers Weaponize Ethereum Blockchain for Digital Skimming Cyber Defense Magazine · 20d ago Apple's MacOS Gap Lets Users Disable Security Tools darkreading · 20d ago Breaking the MSP Echo Chamber: The Power of Community Heimdal Security Blog · 20d ago Stealthy Mistic backdoor linked to ransomware access broker KongTuke BleepingComputer · 20d ago Open-source security is posing challenges governments can’t easily solve CyberScoop · 20d ago New at Forter: AI Agents Built to Amplify Your Team Blog – Forter · 20d ago FortiBleed Campaign Exposing Credentials for 73,932 FortiGate Systems Recorded Future · 20d ago White House drastically shortens deadline for dropping quantum-vulnerable crypto Security - Ars Technica · 20d ago Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks BleepingComputer · 20d ago Tata Electronics confirms cyberattack as hackers leak data BleepingComputer · 20d ago Scope of Salesforce Attacks Expands as Icarus Leaks Data darkreading · 20d ago Windows 11 KB5095093 update rolls out new Point-in-Time restore feature BleepingComputer · 20d ago Healthtech firm Xolis suffers data breach impacting 1.4 million people BleepingComputer · 21d ago Innovator Spotlight: NAKIVO Cyber Defense Magazine · 21d ago Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed Security Latest · 21d ago 'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows darkreading · 21d ago Justice Department seizes infrastructure used by cyber scam and criminal marketplace CyberScoop · 21d ago New macOS ClickFix attack silently mounts DMGs to push infostealer BleepingComputer · 21d ago Cybersecurity Outsourcing. Beyond Cost Cyber Defense Magazine · 21d ago Scattered Spider Hackers Plead Guilty on Day 1 of Trial Krebs on Security · 21d ago Scattered Spider members plead guilty to hacking Transport for London BleepingComputer · 21d ago Algerian man charged with running two cybercrime marketplaces CyberScoop · 21d ago The Exploit Doesn't Exist. You Can Still Prove It Works Against You BleepingComputer · 21d ago LastPass confirms data breach in Klue supply chain attack BleepingComputer · 21d ago SocGholish Takedown Highlights Malicious TDS Threats darkreading · 21d ago Can AI Agents Find, Trust, and Choose Your Brand? Blog – Forter · 21d ago Inside The Rising Cyber Risk To Insurers: Why Insurance Companies Are Now Prime Targets Cyber Defense Magazine · 21d ago FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist darkreading · 21d ago Webinar: Why email security teams are drowning in alerts BleepingComputer · 21d ago Supply Chain Compromise: Nintendo Vendor Breach Exposes Internal Data Cyber Defense Magazine · 21d ago Cloudflare patches Copy-Fail across every server in two days Technical Information Security Content & Discussion · 21d ago New Cisco RCE was fixed Technical Information Security Content & Discussion · 21d ago The Purchase Scam Tactic Headed for the World Cup | Recorded Future Recorded Future · 21d ago From Langflow to Monero: Inside CVE-2026-33017 Cryptominer Trend Micro Research, News, Perspectives · 21d ago WhatsApp phishing attack uses fake business docs to hack PCs BleepingComputer · 21d ago Court rules SAVE database illegal, orders it dismantled CyberScoop · 21d ago JaredFromSubway MEV bot hacked in $15 million crypto theft BleepingComputer · 21d ago DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories darkreading · 21d ago FFmpeg fixes PixelSmash flaw in widely used video decoder BleepingComputer · 21d ago Data Breach with Eastman Kodak Company Cyber Defense Magazine · 21d ago FortiBleed campaign used custom FortiGate sniffer to steal credentials BleepingComputer · 22d ago They Created a Supercomputer in a Rack? David Bombal · 22d ago Trump executive orders speed up post-quantum migration, boost industry CyberScoop · 22d ago Following user outcry, AMD reinstates memory encryption in consumer CPUs Security - Ars Technica · 22d ago CVE-2026-25860 turn XSS to RCE Technical Information Security Content & Discussion · 22d ago Microsoft says Windows 11 26H2 is coming soon, details upgrade process BleepingComputer · 22d ago Microsoft fixes AutoGen Studio flaw that enabled code execution BleepingComputer · 22d ago OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos Security Latest · 22d ago Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign darkreading · 22d ago Intel agencies: Frontier AI models will reshape cybersecurity faster than expected CyberScoop · 22d ago Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities Cisco Security Advisory · 22d ago How attackers built a RAT on a Windows machine using its own .NET compiler Heimdal Security Blog · 22d ago He Thought He Was Secure; His Phone Number Was Stolen Anyway darkreading · 22d ago A Glimpse into the “Search Your Target” Market for Stolen Credentials BleepingComputer · 22d ago Miasma Worm Source Code Leaked + What NPM v12 Means for Developers | Threat Wire Hak5 · 22d ago The World Cup Is Here… And So Are The Cyber Risks Cyber Defense Magazine · 22d ago Cloud Managed Services For Modern Cybersecurity To Secure Cloud Cyber Defense Magazine · 22d ago This Hacker Got Paid $50,000+ to Break Frontier AI Models NahamSec · 22d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 22d ago Proofpoint Joins the OpenAI Daybreak Cyber Partner Program to Advance Responsible AI-Powered Cyber Defense Proofpoint News Feed · 22d ago World Cup Scams Are Getting Harder to Spot Security Latest · 22d ago OpenAI Lets Cyber Vendors Embed GPT-5.5 in Defenses Proofpoint News Feed · 22d ago Attacker enables RDP, creates admin, erases evidence in ten seconds Heimdal Security Blog · 22d ago Exploiting Auth0 Defaults in XSS Attacks - elttam Technical Information Security Content & Discussion · 22d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 22d ago Scanning malicious websites with 'infinite' number of VPN tunnels (Part 1) Technical Information Security Content & Discussion · 23d ago AryStinger botnet infected thousands of D-Link routers worldwide BleepingComputer · 23d ago Build a Complete Free CCNA Home Lab in 2026 With No Gear David Bombal · 23d ago Exploring The 2025 Cyber Threat Landscape: Analysis From The IT And Food And Agriculture Sectors Cyber Defense Magazine · 23d ago A Critical Deadline Is Approaching for Windows and Linux Security Security Latest · 23d ago Broken access control demo David Bombal · 24d ago New Prinz Eugen ransomware prioritizes recent files for encryption BleepingComputer · 24d ago HackTheBox - Nanocorp IppSec · 24d ago Microsoft links Mastra AI supply chain attack to North Korean hackers BleepingComputer · 24d ago The Shadow AI Paradox: Governing Innovation At Machine Speed Cyber Defense Magazine · 24d ago Hackers Claim to Leak Stolen Madison Square Garden Data Security Latest · 24d ago Innovator Spotlight: Ensemble Cyber Defense Magazine · 24d ago Innovator Spotlight: Centrii Cyber Defense Magazine · 24d ago Klue OAuth breach victim list grows as Icarus hackers claim attack BleepingComputer · 24d ago shadow AI is terrifying NetworkChuck · 24d ago Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin BleepingComputer · 24d ago Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530 Technical Information Security Content & Discussion · 25d ago NSPM-12: The New Baseline for National Security Cybersecurity Cyber Defense Magazine · 25d ago Texas govt data breach exposes over 3 million driver’s licenses BleepingComputer · 25d ago Soft Skills for the Job Market: Resume Writing The Cyber Mentor · 25d ago Will this replace PoE (Power over Ethernet)? David Bombal · 25d ago OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099) Technical Information Security Content & Discussion · 25d ago Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way BleepingComputer · 25d ago Stressors, AI Forcing Changes to Cybersecurity Teams darkreading · 25d ago Webinar: How attackers bypass MFA and how defenders can respond BleepingComputer · 25d ago Microsoft: June 2026 Windows updates break Recycle Bin prompts BleepingComputer · 25d ago CISA: Splunk Enterprise flaw actively exploited, patch by Sunday BleepingComputer · 25d ago Squidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration Technical Information Security Content & Discussion · 25d ago NY man charged after harassing college student with AI-generated nudes BleepingComputer · 25d ago CISA warns Fortinet users to secure devices after FortiBleed leak BleepingComputer · 25d ago Microsoft discovers new lightweight backdoor that steals cryptocurrency Security - Ars Technica · 25d ago Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026 NetworkChuck · 25d ago Gentlemen ransomware uses multiple EDR killers to disable defenses BleepingComputer · 25d ago Authorities disrupt Evil Corp’s SocGholish botnet CyberScoop · 25d ago Congress tees up No FAKES Act, aiming at AI-generated deepfakes CyberScoop · 25d ago Novo Nordisk Breach Highlights Software Development Pipeline Risk darkreading · 26d ago Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds Security - Ars Technica · 26d ago HTTPS Doesn't Hide This From Your ISP!! NetworkChuck · 26d ago Operation Escaneo Signals Shift in LatAm Threat Landscape darkreading · 26d ago Nintendo confirms data stolen in WebMD subsidiary cyberattack BleepingComputer · 26d ago FIFA Bug Exposes World Cup Streams to Remote Takeover darkreading · 26d ago CVE-2026-5667: Unauthenticated Remote Control of Mitsubishi MAC-577IF-2E WiFi Adapters via Probe Request Reconnaissance Technical Information Security Content & Discussion · 26d ago ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm Krebs on Security · 26d ago Salesforce Data Thefts Continue via Klue App Compromise darkreading · 26d ago USB worm spreads crypto-stealing malware via Windows shortcut files BleepingComputer · 26d ago Cisco Just Showed the Future of Networking NetworkChuck · 26d ago How software development’s speed obsession enabled TeamPCP’s chaos crusade CyberScoop · 26d ago Accenture shells out $4.18B on three companies in big industrial cybersecurity push CyberScoop · 26d ago Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks BleepingComputer · 26d ago 5 reasons Microsoft 365 backup isn’t enough for business data protection BleepingComputer · 26d ago Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp BleepingComputer · 26d ago Five Compliance Realities Federal Contractors Can’t Ignore Cyber Defense Magazine · 26d ago Get Out of Security Debt by Tackling the Exposure Problem darkreading · 26d ago ShapedPlugin update flow hacked to infect WordPress sites BleepingComputer · 26d ago Apple fixes Beats Studio Buds flaw that let hackers spy on conversations BleepingComputer · 26d ago Telegram admits it couldn't police exam-leak channels, India tells court BleepingComputer · 26d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 26d ago CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure Alerts · 26d ago Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT All CISA Advisories · 26d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 26d ago Schneider Electric EasyLogic T150 and Saitel DP All CISA Advisories · 26d ago AVer PTC cameras All CISA Advisories · 26d ago Rockwell Automation FactoryTalk Historian Site Edition All CISA Advisories · 26d ago AzeoTech DAQFactory All CISA Advisories · 26d ago Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products All CISA Advisories · 26d ago Mitsubishi Electric MELSEC iQ-F Series All CISA Advisories · 26d ago Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module All CISA Advisories · 26d ago CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure All CISA Advisories · 26d ago F5 issues out-of-band patches for critical NGINX vulnerabilities BleepingComputer · 26d ago Would you like some malware served at the very top of DuckDuckGo? Technical Information Security Content & Discussion · 26d ago Microsoft fixes Windows Server 2016 security update failures BleepingComputer · 26d ago Killing me gently: Inside Gentlemen’s EDR killer framework WeLiveSecurity · 26d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 26d ago EU Gets a Head Start in Developing 6G Network Security darkreading · 26d ago Leak confirms OpenAI is testing a ChatGPT for Science subscription BleepingComputer · 26d ago PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM Trend Micro Research, News, Perspectives · 26d ago Google to use UK and EU user IP addresses for ad personalization BleepingComputer · 26d ago Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update Technical Information Security Content & Discussion · 26d ago Massive breach spills credentials for thousands of sensitive networks Security - Ars Technica · 27d ago This hacker made $500,000+ hacking google in just a few months. #hacking #bugbounty #cybersecurity NahamSec · 27d ago News alert: SpyCloud report finds phishing surge exposing employee data at Fortune 100 companies The Last Watchdog · 27d ago "Dangerous" AI models are coming no matter what Security - Ars Technica · 27d ago News alert: Heimdal study finds executives are more confident than frontline IT teams on AI risk The Last Watchdog · 27d ago Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability Cisco Security Advisory · 27d ago Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability Cisco Security Advisory · 27d ago Cisco Webex App Open Redirect Vulnerability Cisco Security Advisory · 27d ago Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April CyberScoop · 27d ago FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices. BleepingComputer · 27d ago Why Account Takeovers Are Rising and How to Stop Them BleepingComputer · 27d ago India's Telegram ban hit the UAE too. Here's how to get around it BleepingComputer · 27d ago Cyber Security Market Insights & Trends Driving The Next Wave Of Protection Cyber Defense Magazine · 27d ago Microsoft confirms Office apps launch issues after June updates BleepingComputer · 27d ago Windows and Linux users: The deadline to update Secure Boot keys is near Security - Ars Technica · 27d ago CISA orders feds to patch max severity Joomla plugin flaw by Friday BleepingComputer · 27d ago QoS Policies to Restrict EDR Traffic and Detection Strategies Technical Information Security Content & Discussion · 27d ago Protecting legacy OT systems against modern cyberthreats WeLiveSecurity · 27d ago Microsoft working on Defender patch for RoguePlanet zero-day BleepingComputer · 27d ago Kodak confirms data breach claimed by ShinyHunters extortion gang BleepingComputer · 27d ago Getting a CVE Without Shipping Slop Technical Information Security Content & Discussion · 27d ago PrizeBuzz phishing network analysis Technical Information Security Content & Discussion · 27d ago State Digital Surveillance Risk Landscape Recorded Future · 27d ago Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign Trend Micro Research, News, Perspectives · 27d ago Shark Jacked my LAN 🦈 Hak5 · 27d ago Malicious JetBrains Marketplace plugins steal AI API keys from developers BleepingComputer · 27d ago Lawmakers leery about Trump administration’s Anthropic order CyberScoop · 27d ago News alert: Aembit secures Copilot Studio agents with identity-based access controls and audit trails The Last Watchdog · 27d ago AI’s constant patching treadmill can be a security problem CyberScoop · 27d ago 27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth Bypass Technical Information Security Content & Discussion · 27d ago AI is Not Solving Cybersecurity Burnout Yet, New ISSA and Omdia Research Warns Cyber Defense Magazine · 28d ago New Rokarolla Android malware targets 217 banking, crypto apps BleepingComputer · 28d ago News alert: GitGuardian adds endpoint protection as developer laptops become credential troves The Last Watchdog · 28d ago Steam Workshop abused to spread malware via Wallpaper Engine app BleepingComputer · 28d ago Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability Cisco Security Advisory · 28d ago Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability Cisco Security Advisory · 28d ago TCM Security Summer Sale is Here! The Cyber Mentor · 28d ago A case for how to shape ‘ingredient lists’ for AI models CyberScoop · 28d ago Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026 NetworkChuck · 28d ago Copilot Cowork is now generally available Microsoft 365 Blog · 28d ago UK to require ID or face scan before you can make social media accounts BleepingComputer · 28d ago GhostTree Attack Abused Recursive Windows Junctions to Hide Malware BleepingComputer · 28d ago FTC warns of record $3.5 billion losses to imposter scams in 2025 BleepingComputer · 28d ago Crypto’s Biggest Unresolved Risk Is Not Theft Of Assets, It’s The Collapse Of Identity Certainty In Financial Transactions Cyber Defense Magazine · 28d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 28d ago Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP All CISA Advisories · 28d ago Rockwell Automation RSLinx All CISA Advisories · 28d ago Rockwell Automation FLEX I/O EtherNet/IP Adapters All CISA Advisories · 28d ago Rockwell Automation FactoryTalk Analytics PavilionX All CISA Advisories · 28d ago Rockwell Automation CompactLogix All CISA Advisories · 28d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 28d ago Critical Copilot vulnerability allowed hackers to steal 2FA code from users Security - Ars Technica · 28d ago CISA warns of another cPanel plugin flaw exploited in attacks BleepingComputer · 28d ago News alert: Varist announces AI-scale malware detection for healthcare and medical imaging The Last Watchdog · 28d ago Ransomware gang abuses Microsoft Teams relays to hide malicious traffic BleepingComputer · 28d ago Critical Fortinet FortiSandbox flaws now exploited in attacks BleepingComputer · 28d ago Windows version of SprySOCKS Linux malware used to attack govt orgs BleepingComputer · 28d ago FishMonger’s arsenal upgraded: SprySOCKS for Windows WeLiveSecurity · 28d ago The State of AI Risk Management in 2026 Heimdal Security Blog · 28d ago iRhythm discloses data breach, says hackers stole patient info BleepingComputer · 28d ago The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine Recorded Future · 28d ago Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability Cisco Security Advisory · 28d ago DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act BleepingComputer · 28d ago Empty-ciphertext panic in aws-encryption-provider (CVD with AWS) Technical Information Security Content & Discussion · 28d ago Google exposes China espionage group that’s been lurking in networks undetected since 2023 CyberScoop · 28d ago SimpleHelp bug lets hackers create rogue remote support accounts BleepingComputer · 29d ago Users cry foul after AMD stripped memory crypto from its consumer CPUs Security - Ars Technica · 29d ago Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE Technical Information Security Content & Discussion · 29d ago OptinMonster WordPress plugin hacked in CDN supply-chain attack BleepingComputer · 29d ago Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks BleepingComputer · 29d ago I was wrong about VPNs NetworkChuck · 29d ago Council of Europe investigates ShinyHunters data breach claims BleepingComputer · 29d ago Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat CyberScoop · 29d ago FBI: Fraudsters use couriers to steal money in crypto scams BleepingComputer · 29d ago Vibe coders are gonna vibe code: How CISOs are tackling code sprawl BleepingComputer · 29d ago Chinese hackers breach REDCap servers, steal medical research BleepingComputer · 29d ago SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon Technical Information Security Content & Discussion · 29d ago Could GPU-Accelerated EDR Improve The Future Of Endpoint Detection? Cyber Defense Magazine · 29d ago New attack turned Microsoft 365 Copilot into 1-click data theft tool BleepingComputer · 29d ago Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It Heimdal Security Blog · 29d ago Infinite Campus data breach affects 137,000 school staff accounts BleepingComputer · 29d ago How I Made $30,000 Hacking Broken Access Control NahamSec · 29d ago $30K from one bug class: broken access control. Here's how 3 "lows" chain into account takeover NahamSec · 29d ago Webinar: How behavioral AI stops phishing and account takeovers BleepingComputer · 29d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 29d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 29d ago EvilTokens: A phishing attack that doesn’t steal your password WeLiveSecurity · 29d ago FBI disrupts massive AI-powered phishing service using a million URLs BleepingComputer · 30d ago CMMC Is Exposing A Major Gap In The Defense Supply Chain Cyber Defense Magazine · 30d ago Researcher accidentally gained access to a threat actor-controlled phishing website Technical Information Security Content & Discussion · 30d ago PromptSnatcher: AdBlocker stealing Ai Chats - 90k installs Technical Information Security Content & Discussion · 30d ago Ex-school district employee jailed for hacks on former employer BleepingComputer · 30d ago MeshCentral: From XSS to RCE Technical Information Security Content & Discussion · 30d ago Anthropic disables new models after government calls them a national security concern CyberScoop · 31d ago HackTheBox - VariaType IppSec · 31d ago Chinese hackers hijack auth flow, spy on isolated network for a decade BleepingComputer · 31d ago Zero Trust For AI In Defense Networks Cyber Defense Magazine · 31d ago US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos BleepingComputer · 31d ago Getting the PID from random numbers in PHP Technical Information Security Content & Discussion · 31d ago The Axios npm compromise was visible in registry metadata before anyone ran npm install Technical Information Security Content & Discussion · 31d ago FBI takes down massive China-based cybercrime network that caused $1.9B in losses CyberScoop · 31d ago Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) - watchTowr Labs Technical Information Security Content & Discussion · 31d ago Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability Cisco Security Advisory · 31d ago ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed darkreading · 31d ago Maine disables data breach notification portal after fake disclosures BleepingComputer · 32d ago PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data Security - Ars Technica · 32d ago US, France, and Italian authorities shut down massive deepfake porn site CyberScoop · 32d ago phpBB forum fixes auth bypass bug lurking for a decade BleepingComputer · 32d ago Ukrainian national pleads guilty to role in Conti ransomware operation BleepingComputer · 32d ago Conti ransomware group member pleads guilty, faces up to 20 years in prison CyberScoop · 32d ago Over 400 Arch Linux packages compromised to push rootkit, infostealer BleepingComputer · 32d ago ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw CyberScoop · 32d ago Free Compromise Detection for GitHub Repos - Tracebit Community Edition Technical Information Security Content & Discussion · 32d ago Your Next Insider Threat May Be an AI Coworker Heimdal Security Blog · 32d ago Major AI Clients Shipping With Broken OAuth Implementations (JUNE 2026 UPDATE) Technical Information Security Content & Discussion · 32d ago Old Passwords Die Hard: Abusing CREDHIST for offline credential recovery Technical Information Security Content & Discussion · 32d ago Early Warning Signs of Supply-Chain Attacks Live in the Dark Web BleepingComputer · 32d ago Claude Fable 5 Doesn't Change the Mythos Security Story darkreading · 32d ago Why Most Cyber Resilience Programs Fail Before The First Incident Cyber Defense Magazine · 32d ago The OSI Model and Its Two Missing Layers Heimdal Security Blog · 32d ago Developers React to the 105-Second Github Chain Reaction | Threat Wire Hak5 · 32d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 32d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 32d ago CyberCorps is adapting to AI. The budget isn’t keeping up. CyberScoop · 32d ago Microsoft fixes Windows update failures linked to WUSA installer BleepingComputer · 32d ago Pharma giant Novo Nordisk discloses breach of clinical trials data BleepingComputer · 32d ago CISA orders feds to patch actively exploited Ivanti flaw by Sunday BleepingComputer · 32d ago Over 73,000 French govt employees affected in Tchap messenger breach BleepingComputer · 32d ago Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751) - watchTowr Labs Technical Information Security Content & Discussion · 32d ago Phishing Attack Volume Down 20%, But Risk Still Rising darkreading · 32d ago Governing Claude Enterprise in Environments Where Inline Controls Can't Go Trend Micro Research, News, Perspectives · 32d ago Japanese energy firm loses drive with data of 10.9 million clients BleepingComputer · 32d ago Maine breach portal abused to publish fake data breach disclosures BleepingComputer · 32d ago Oracle mitigates PeopleSoft zero-day exploited in data theft attacks BleepingComputer · 33d ago Detecting AI-specific threats in Claude Enterprise from the Compliance API: a prefilter + LLM-as-judge pipeline with Sigma rules Technical Information Security Content & Discussion · 33d ago Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure darkreading · 33d ago Any solutions we can use? cybersecurity · 33d ago Russian national charged in connection with Void Blizzard espionage campaign CyberScoop · 33d ago DIY pwnagotchi-like device on esp32 hacking: security in practice · 33d ago Reverse engineered BLE protocol of a $7 generic Chinese smart ring from Temu, and built an iOS app around it Reverse Engineering · 33d ago Possible targeted attack cybersecurity · 33d ago RoguePlanet: Windows Zero-Day That Weaponizes Defender's Own Quarantine Pipeline cybersecurity · 33d ago [Reverse-Engineering] Skeet CS:GO source code (Gamesense) Reverse Engineering · 33d ago [Reverse-Engineering] Skeet CS:GO source code (Gamesense) Reverse Engineering · 33d ago Facebook messenger to text cybersecurity · 33d ago Claude Fable 5: mid-tier results on coding tasks Technical Information Security Content & Discussion · 33d ago Authorities dismantle 'AudiA6' ransomware crypto-laundering service BleepingComputer · 33d ago US charges suspected Russian hacker with facilitating cyber campaign For [Blue|Purple] Teams in Cyber Defence · 33d ago Flipper Blackhat + Bjorn hacking: security in practice · 33d ago Segmentation Works for OT If Operators Are Paying Attention darkreading · 33d ago Managing Solution Agents cybersecurity · 33d ago Nottingham University data breach affects over 450,000 students cybersecurity · 33d ago SWGs that support 3rd party external DNS resolver cybersecurity · 33d ago Sub:jugation - Hijacking Cloud Identities by Recycling Namespaces in Global OIDC Issuers cybersecurity · 33d ago Giulio Zausa's MMO-CHIP Makes Reverse Engineering Old Silicon Chips a Multiplayer Game Reverse Engineering · 33d ago Why AI-driven threats are exposing the limits of MSP security stacks BleepingComputer · 33d ago Chrome extensions with 10M+ installations are actively vulnerable to UXSS & UXSG cybersecurity · 33d ago Hawkish GOP lawmaker Don Bacon says he was hacked by Russia For [Blue|Purple] Teams in Cyber Defence · 33d ago Cybersecurity researchers aren't happy about the guardrails on Anthropic's Fable | TechCrunch cybersecurity · 33d ago Do you think AI is making hacking easier or harder hacking: security in practice · 33d ago Breaking Free Of The Cyber Insurance Market’s Moment Of Frustration Cyber Defense Magazine · 33d ago Coupang hit with record $409 million data breach fine in Korea BleepingComputer · 33d ago CISA tells govt agencies to patch critical exploited flaws in 3 days BleepingComputer · 33d ago Phishing awareness training resulting in ignoring company comms? cybersecurity · 33d ago How are you analyzing Android malware nowadays? cybersecurity · 33d ago Fable 5 and the analyst-AI threat model: what a Mythos-class model changes for security work Technical Information Security Content & Discussion · 33d ago Hackers Exploit Langflow Vulnerability for Remote Code Execution cybersecurity · 33d ago Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research cybersecurity · 33d ago NEED SOME GUIDANCE cybersecurity · 33d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 33d ago Yarbo Android/iOS Mobile Application and Cloud Infrastructure All CISA Advisories · 33d ago Naxclow IoT Platform All CISA Advisories · 33d ago Brickcom Cameras All CISA Advisories · 33d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 33d ago I built 99 adversarially malformed PE files to test tool robustness - here’s what happened Malware Analysis & Reports · 33d ago I built 99 adversarially malformed PE files to test tool robustness - here’s what happened Reverse Engineering · 33d ago What can i do left? PSN hacking: security in practice · 33d ago Help setting up local encryption on my pc cybersecurity · 33d ago Hacking Google with A.I. for $500,000 Technical Information Security Content & Discussion · 33d ago Agentic AI on Cybersecurity cybersecurity · 33d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 33d ago DoD 0-days Typically Come Down to Authorization Failures cybersecurity · 33d ago HDD cybersecurity · 33d ago Plzz Helpp - Say you're trying to build a toolkit that checks for LLM vulnerability do y'all know any trustable datasets cybersecurity · 33d ago OceanLotus: From external espionage to domestic targeting WeLiveSecurity · 33d ago OceanLotus: From external espionage to domestic targeting WeLiveSecurity · 33d ago Microsoft fixes BitLocker recovery bug on Windows Server 2025 BleepingComputer · 33d ago Prompt injection: attacking the analyst's AI Technical Information Security Content & Discussion · 33d ago How can we test the firmware code/images security? cybersecurity · 33d ago 20 years of Fancy Bear (APT28): How Russian military hackers evolved their tradecraft since 2004 cybersecurity · 33d ago Proxmark5 campaign ending in less than 18 hours. hacking: security in practice · 33d ago Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025 For [Blue|Purple] Teams in Cyber Defence · 33d ago GreatXML: GreatXML bitlocker bypass vulnerability For [Blue|Purple] Teams in Cyber Defence · 33d ago GitHub announces npm security changes to tackle supply-chain attacks cybersecurity · 33d ago GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan For [Blue|Purple] Teams in Cyber Defence · 33d ago The ‘Miasma’ worm source code briefly leaked on GitHub cybersecurity · 33d ago CISA Rewrites Federal Patching Requirements for AI Threat Era cybersecurity · 33d ago What is the difference between Regular TLS and Mutual TLS? cybersecurity · 33d ago Every employee's password was stored in a single Excel file cybersecurity · 33d ago Nottingham University data breach affects over 450,000 students BleepingComputer · 33d ago npm v12 is changing how dependencies are installed to reduce supply-chain risk cybersecurity · 33d ago Max severity Ivanti Sentry vulnerability now exploited in attacks BleepingComputer · 33d ago How to bypass speed queen coin slot for washer and dryer hacking: security in practice · 33d ago LIVE: 🕵️ CTF Prize Draw | Cybersecurity The Cyber Mentor · 33d ago Why is Gartner Magic Quadrant treated like a procurement benchmark in South Asia? cybersecurity · 33d ago Drive Firmware Security - Phison S11 Reverse Engineering · 33d ago I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue For [Blue|Purple] Teams in Cyber Defence · 33d ago [Op Report] From SSA Phish to AdaptixC2: A Multi-RAT Intrusion For [Blue|Purple] Teams in Cyber Defence · 33d ago How good Microsoft Defender for storage? cybersecurity · 33d ago GhostTrace – CLI forensic scanner for Windows: 22 modules, MITRE ATT&CK mapped, read-only by default For [Blue|Purple] Teams in Cyber Defence · 33d ago GreatXML bitlocker bypass vulnerability cybersecurity · 33d ago Struggle cybersecurity · 33d ago Did the work, got the certs, now I'm drowning. Should I keep labbing or go all-in on applications? cybersecurity · 33d ago Chinese, N. Korean Threat Groups Build on Asia-Pacific Success darkreading · 33d ago Recorded Future Launches Impact and Metrics Dashboard Recorded Future · 33d ago Cyber-Enabled Maritime Sanctions Evasion Recorded Future · 33d ago Wiz launches Cloud Security Job Board cybersecurity · 33d ago Physical Project Ideas cybersecurity · 33d ago How can I get into cybersecurity while studying Information Systems Engineering? cybersecurity · 33d ago Miasma-style supply chain attacks For [Blue|Purple] Teams in Cyber Defence · 33d ago Cloud Security job board cybersecurity · 33d ago Continuous learning cybersecurity · 33d ago Self-hosting stuff for when things get ugly hacking: security in practice · 33d ago Path traversal flaw in AI dev platform Langflow exploited in attacks BleepingComputer · 33d ago CISA Rewrites Federal Patching Requirements for AI Threat Era darkreading · 33d ago Angry bug hunter with Microsoft beef drops new Windows 0-day cybersecurity · 33d ago The ‘Miasma’ worm source code briefly leaked on GitHub BleepingComputer · 33d ago OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers CyberScoop · 33d ago Bug Bounty Research Triggers ServiceNow Security Alert darkreading · 34d ago Mid-30s, stuck in web pentesting, and wondering what to do ? cybersecurity · 34d ago GitHub announces npm security changes to tackle supply-chain attacks BleepingComputer · 34d ago AI Risk Worries Insurers & Businesses Alike darkreading · 34d ago Streamline your Nmap triage: Interactive, single-file HTML reports from raw XM cybersecurity · 34d ago Is Microsoft Purview really secure when using Copilot? cybersecurity · 34d ago Pre-auth XXE → HTTP SSRF on ArubaOS 8.13.2 closed as "theoretical / no valid PoC" despite TCP pcap, sshd localhost log, and internal port scan — documenting for community review Technical Information Security Content & Discussion · 34d ago News alert: Cloud security report finds fragmented tools widening the cloud complexity gap The Last Watchdog · 34d ago Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks BleepingComputer · 34d ago Malware Includes Taboo In Text To Prevent LLM Analysis hacking: security in practice · 34d ago On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet For [Blue|Purple] Teams in Cyber Defence · 34d ago Banking app intentionally block some operations when connected to wifi due to "security reason" is this good or stupid feature? cybersecurity · 34d ago added Mac support for my corporate hacking game, demo on Steam hacking: security in practice · 34d ago IDA 9.4 Beta | Hex-Rays Docs Reverse Engineering · 34d ago Nee academic references for Hashcat's 'Next Big Bang' log cybersecurity · 34d ago More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs For [Blue|Purple] Teams in Cyber Defence · 34d ago CISA released BOD 26-04: A new federal government vulnerability management strategy? cybersecurity · 34d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace For [Blue|Purple] Teams in Cyber Defence · 34d ago Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days cybersecurity · 34d ago IMPACT Roadshow Recap: Getting Ready for Agentic Commerce Blog – Forter · 34d ago added Mac support to my corporate hacking sim. Demo now available on Steam cybersecurity · 34d ago Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet darkreading · 34d ago CISA directive orders agencies to prioritize vulnerability patching in a new way CyberScoop · 34d ago We post-trained a model for offensive security instead of teaching it to refuse Technical Information Security Content & Discussion · 34d ago Catfished hacking: security in practice · 34d ago Suche aktuelle IONOS Phishing .eml für eine technische Blog-Analyse (Header & Artefakte) cybersecurity · 34d ago ClickFix attack in the wild — fake Cloudflare CAPTCHA delivering obfuscated PowerShell dropper Malware Analysis & Reports · 34d ago China-linked JDY botnet expands targeting of U.S. military networks BleepingComputer · 34d ago Students' data taken in major University of Nottingham cyber-attack cybersecurity · 34d ago Has unmanaged external file sharing ever burned you? cybersecurity · 34d ago The 5 Best Practices for Secure Identity Verification BleepingComputer · 34d ago Who Runs the Ransomware Group ‘The Gentlemen?’ Krebs on Security · 34d ago Anthropic released Claude Fable 5 yesterday. Public version of Mythos with cyber classifiers cybersecurity · 34d ago Microsoft patches Exchange Server zero-day exploited in attacks BleepingComputer · 34d ago Trane Tracer HVAC cybersecurity issues Reverse Engineering · 34d ago Need feedback on my presentation cybersecurity · 34d ago Compensating controls besides admin credentials being needed to download software on employee endpoints cybersecurity · 34d ago OpenSSL PKCS#7 CVE-2026-45447 cybersecurity · 34d ago Testing offensive AI agents in a cloud lab with deception tech For [Blue|Purple] Teams in Cyber Defence · 34d ago What The Cybersecurity Industry Knows And Will Not Say Cyber Defense Magazine · 34d ago Presentation Question cybersecurity · 34d ago What did they mean by this? One of us? hacking: security in practice · 34d ago How to Stay Ahead of Deepfake Evolution in 2026 cybersecurity · 34d ago How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026 Technical Information Security Content & Discussion · 34d ago FedRAMP Penetration Testing: How to Pass Your ATO Review and Get Cloud Authorized Faster Technical Information Security Content & Discussion · 34d ago Microsoft: Some Windows PCs fail to install latest monthly updates BleepingComputer · 34d ago France’s Government Messaging App Tchap Got Breached cybersecurity · 34d ago Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days BleepingComputer · 34d ago WordPress malware in official WooCommerce theme (Kiosko): hidden admin users and corrupted sitemap Malware Analysis & Reports · 34d ago Unpacking SMB cyber-readiness – and what makes or breaks it WeLiveSecurity · 34d ago Unpacking SMB cyber-readiness – and what makes or breaks it WeLiveSecurity · 34d ago certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA" Technical Information Security Content & Discussion · 34d ago Where's the fix for MiniPlasma? cybersecurity · 34d ago BlackSun - Defender for Endpoint on macOS Technical Information Security Content & Discussion · 34d ago ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances cybersecurity · 34d ago Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges hacking: security in practice · 34d ago GhostTrace – a Windows forensic scanner that finds what "Uninstall" leaves behind (22 modules, read-only, offline) Technical Information Security Content & Discussion · 34d ago Internships cybersecurity · 34d ago Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS cybersecurity · 34d ago Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows cybersecurity · 34d ago Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam Technical Information Security Content & Discussion · 34d ago Ivanti: Max severity Sentry flaw allows code execution as root BleepingComputer · 34d ago Looking for a Reliable Cybersecurity Provider for a School in North Sydney cybersecurity · 34d ago Early Operational Visibility cybersecurity · 34d ago Benchmarking n-day exploit generation [via AI] For [Blue|Purple] Teams in Cyber Defence · 34d ago how are you actually managing ai agents in production? cybersecurity · 34d ago 🚀 Release PyMemoryEditor v2.0 — read, write and scan the memory of any running process, in pure Python (Windows, Linux & macOS) Reverse Engineering · 34d ago Al app builders: How are you handling security questionnaires when selling your product? cybersecurity · 34d ago [ Removed by Reddit ] cybersecurity · 34d ago How are all of doing with THE AI model thats big news currently?? cybersecurity · 34d ago Whoops! I did it again. I patched Windows Kernel at Milan0day 2026 For [Blue|Purple] Teams in Cyber Defence · 34d ago Microsoft Defender now monitors RPC activity For [Blue|Purple] Teams in Cyber Defence · 34d ago Skill to Scan your Codebase cybersecurity · 34d ago RoguePlanet: RoguePlanet Windows Defender Vulnerability For [Blue|Purple] Teams in Cyber Defence · 34d ago Miasma-style supply chain attacks cybersecurity · 34d ago FCaptcha v1.12: Catching AI Agents That Drive Real Browsers cybersecurity · 34d ago Flooding invalid deauth frames still kicks PMF clients, tested on 3 Android phones cybersecurity · 34d ago Anthropic rolls out Claude Fable 5, but it's available for a limited time BleepingComputer · 34d ago More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs cybersecurity · 34d ago More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs Technical Information Security Content & Discussion · 34d ago AI Malware Worm Adapts to New Targets in Real Time, Cybersecurity Experts Say cybersecurity · 34d ago 2026 FIFA World Cup: What Public Safety Officials Need to Know Recorded Future · 34d ago China's Noncombatant Evacuation Operations: 2005–2025 Recorded Future · 34d ago GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026 Trend Micro Research, News, Perspectives · 34d ago Huntress Stack (MS Defender or SentinelOne) cybersecurity · 34d ago META DELETES FACE-RECOGNITION SYSTEM FROM ITS SMART GLASSES APP AFTER WIRED REPORT cybersecurity · 34d ago Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges BleepingComputer · 34d ago OptOutCode – A Privacy4Cars Universal Opt-Out Concept hacking: security in practice · 34d ago I triaged this pattern hundreds of times. Here's the KQL that actually works (with noise reduction built in) For [Blue|Purple] Teams in Cyber Defence · 34d ago A Record-Breaking Patch Tuesday for June 2026 Krebs on Security · 34d ago The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life darkreading · 34d ago FBI is announcing Operation Riptide cybersecurity · 34d ago Blame AI: Patch Tuesday Hits Record 206 CVEs darkreading · 34d ago ServiceNow confirmed some customer instances were breached. cybersecurity · 34d ago ServiceNow discloses security incident exposing customer data BleepingComputer · 34d ago Which are some of the best Cybersecurity / OT Security events that happen in GCC? cybersecurity · 34d ago OpenClaw AI agent found falling for phishing attacks, spills user data BleepingComputer · 34d ago DF/IR Community cybersecurity · 34d ago Chaotic Eclipse's new RoguePlanet cybersecurity · 34d ago Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address darkreading · 34d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace cybersecurity · 34d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace Malware Analysis & Reports · 34d ago Microsoft breaks Patch Tuesday record with 206 vulnerabilities CyberScoop · 35d ago Thoughts on Automated Compliance? cybersecurity · 35d ago SAP fixes critical flaws in NetWeaver and Commerce Cloud BleepingComputer · 35d ago Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories darkreading · 35d ago A fix for the Windows BitLocker bypass vulnerability dubbed "YellowKey" is available cybersecurity · 35d ago Apple’s Siri-AI, or more shouting into the void about “private” agents Technical Information Security Content & Discussion · 35d ago How do you make learning blue team security entertaining ? For [Blue|Purple] Teams in Cyber Defence · 35d ago North Korean Hackers—Posing As Fake IT Workers—Behind Nearly Half Of All Tech Firm Attacks, Report Says cybersecurity · 35d ago Microsoft has released a patch for the bitlocker bypass cybersecurity · 35d ago Microsoft releases Windows 10 KB5094127 extended security update BleepingComputer · 35d ago I reverse engineered Lofree Hypace mouse firmware flashing protocol to bypass their official web based configuration on MacOS. Reverse Engineering · 35d ago Please advices cybersecurity · 35d ago Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws BleepingComputer · 35d ago Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws BleepingComputer · 35d ago soc analyst l1 cybersecurity · 35d ago Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow cybersecurity · 35d ago Looking to move off KnowBe4, what are people actually using these days? cybersecurity · 35d ago Maximizing IOC Impact For [Blue|Purple] Teams in Cyber Defence · 35d ago Windows 11 KB5094126 & KB5093998 cumulative updates released BleepingComputer · 35d ago Too Many Certs, Not Enough Experience — What’s the Best Next Step? cybersecurity · 35d ago Anthropic’s new model is Mythos on a leash CyberScoop · 35d ago Authenticating ARP and NDP cybersecurity · 35d ago Does anyone use rule feeds in 2026? cybersecurity · 35d ago [2606.07158] Synthetic APTs: the Collapse of TTP-Based Attribution For [Blue|Purple] Teams in Cyber Defence · 35d ago CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector CyberScoop · 35d ago Building a tactical Pelican case for my Flipper Zero + AIO setup. Looking for advanced tool and script recommendations! cybersecurity · 35d ago Need a vm for practice cybersecurity · 35d ago XBOW tests Anthropic's Mythos Preview for offensive security BleepingComputer · 35d ago Tips/Tricks to WFH as a SOC Analyst? cybersecurity · 35d ago Cybersecurity statistics of the week (June 1st - June 7th) cybersecurity · 35d ago Hades Cluster PyPI Worm Abuses Python Startup Hooks For [Blue|Purple] Teams in Cyber Defence · 35d ago Where can GRC folks learn practical AppSec / DevSecOps without going full engineer? cybersecurity · 35d ago GitHub disables Microsoft repos pushing password-stealing malware BleepingComputer · 35d ago Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs darkreading · 35d ago I almost got “onboarded” into a malware campaign disguised as a job opportunity. cybersecurity · 35d ago Suspected North Korean actors use fake ‘coding assignments’ to steal crypto Proofpoint News Feed · 35d ago University of Toronto proof-of-concept AI worm spread to 62% of a test network in 7 days using a free open-weight model cybersecurity · 35d ago AI Blocklist - help cybersecurity · 35d ago New Veeam vulnerability exposes backup servers to RCE attacks BleepingComputer · 35d ago Entra Agent ID from a Security Perspective For [Blue|Purple] Teams in Cyber Defence · 35d ago Cisco customers encounter another SD-WAN zero-day under attack CyberScoop · 35d ago Entra Agent ID from a Security Perspective Technical Information Security Content & Discussion · 35d ago Protecting AI workloads on Linux servers cybersecurity · 35d ago Exposing DoNex Ransomware Secrets with Malcore! cybersecurity · 35d ago What are the different Disaster Recovery scenarios your teams have tested on? cybersecurity · 35d ago someone actually leaked the Miasma supply chain attack toolkit source code on github cybersecurity · 35d ago X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection Technical Information Security Content & Discussion · 35d ago Rethinking Access Governance for AI Agents Cyber Defense Magazine · 35d ago Secrets to PNPT Debrief Success The Cyber Mentor · 35d ago Understanding modern Chinese cyber operations means shifting from ‘APT’ to composite responsibility For [Blue|Purple] Teams in Cyber Defence · 35d ago WinGet - Code Execution, Persistence and Detection Strategies cybersecurity · 35d ago WinGet - Code Execution, Persistence and Detection Strategies Technical Information Security Content & Discussion · 35d ago Ransomware attack shuts Illinois high school until Wednesday cybersecurity · 35d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog Alerts · 35d ago Siemens KACO Blueplanet Inverters All CISA Advisories · 35d ago Schneider Electric EcoStruxure Panel Server All CISA Advisories · 35d ago Schneider Electric Modicon Network Managed Switches All CISA Advisories · 35d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog All CISA Advisories · 35d ago Ideas for demo cybersecurity · 35d ago French govt messaging service breached in account hijacking attack BleepingComputer · 35d ago Microsoft account hacked through infostealer. Trying to log in using authenticator, but not successful. Help please? cybersecurity · 35d ago Harnessing Generative AI for Automated Reverse Engineering, Static and Dynamic Analysis, and Risk Scoring of Fraudulent Mobile Applications (APKs) and Malwares. cybersecurity · 35d ago I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue Technical Information Security Content & Discussion · 35d ago Physical attack device cybersecurity · 35d ago Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer cybersecurity · 35d ago Cybercriminals: the 'auditors' you never hired WeLiveSecurity · 35d ago Cybercriminals: the 'auditors' you never hired WeLiveSecurity · 35d ago IT GRC News? cybersecurity · 35d ago CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day BleepingComputer · 35d ago Meta Says Israeli Spyware Firm Targeted WhatsApp Users Again cybersecurity · 35d ago I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information Technical Information Security Content & Discussion · 35d ago What are the best risk-based vulnerability management tools for tracking active exploitation in 2026? For [Blue|Purple] Teams in Cyber Defence · 35d ago Google patches new Chrome zero-day flaw exploited in the wild BleepingComputer · 35d ago QuasarNix: Reverse Shell Detection with Machine Learning For [Blue|Purple] Teams in Cyber Defence · 35d ago Shifting L7 validation to the edge to stop DB resource exhaustion? cybersecurity · 35d ago Google Patches 5th Chrome Zero-Day Exploited in 2026 cybersecurity · 35d ago AI Agents May Always Fall for Prompt Injections Technical Information Security Content & Discussion · 35d ago Shifting Layer 7 Validation to the Edge: Mitigating Application-Layer Resource Exhaustion in Go For [Blue|Purple] Teams in Cyber Defence · 35d ago EC Council CEH exam advice cybersecurity · 35d ago Incident de sécurité sur Tchap : la DINUM sécurise la plateforme et informe les usagers après une intrusion maîtrisée - Security incident on Tchap: DINUM secures the platform and informs users after a controlled intrusion For [Blue|Purple] Teams in Cyber Defence · 35d ago Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 For [Blue|Purple] Teams in Cyber Defence · 35d ago About NPower vs PerScholas cybersecurity · 35d ago Looking for a vulnerability to learn cybersecurity · 35d ago Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency For [Blue|Purple] Teams in Cyber Defence · 35d ago From Brute Force to Malware Execution: Investigating a Multi-Stage Cyberattack in Splunk cybersecurity · 35d ago UK Cybercrime Journal: British Universities Struck by ShinyHunters Before Exam Season For [Blue|Purple] Teams in Cyber Defence · 35d ago Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) For [Blue|Purple] Teams in Cyber Defence · 35d ago Visual Studio Code 1.123: Delayed extension auto-updates For [Blue|Purple] Teams in Cyber Defence · 35d ago Fighting Spyware: An Update From WhatsApp: Today, we’re asking the court to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users. For [Blue|Purple] Teams in Cyber Defence · 35d ago Old WinRAR Flaw Fuels Attacks on Ukraine: Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, For [Blue|Purple] Teams in Cyber Defence · 35d ago Bad USB through charger? cybersecurity · 35d ago Recommendations for Discord community for latest AI security products cybersecurity · 35d ago StumbleTV: Omegle/ChatRoulette but for accidentally exposed webcams hacking: security in practice · 35d ago Vulnerability Summary for the Week of June 1, 2026 cybersecurity · 35d ago Windows Defender Tamper Protection stuck off - no active GPOs, SFC corruption, looking for ideas cybersecurity · 35d ago Russia’s Defense-Based Economy Risks Forcing Putin to Fight Wars Recorded Future · 35d ago I feel like ive lost my passion to tinker after 6 years in the industry, anyone else? cybersecurity · 35d ago I wrote a free, no sign up, defender guide for suspicious USB devices and rogue hardware, with copy-paste detection examples cybersecurity · 35d ago really need help with project ideas for MSc cybersecurity · 35d ago Which Course for an almost-complete noob? (SANS.edu) cybersecurity · 35d ago NFCShare Android malware spreads via fake banking app updates on GitHub BleepingComputer · 35d ago SoFi confirms third-party data breach at Hong Kong subsidiary cybersecurity · 35d ago AI Slop Will Kill Cybersecurity Storytelling If We Let It darkreading · 35d ago SoFi confirms third-party data breach at Hong Kong subsidiary BleepingComputer · 35d ago For the 2nd time in weeks, Microsoft packages laced with credential stealer cybersecurity · 35d ago Iran Signed a Ceasefire — Its Hackers Didn't cybersecurity · 35d ago New Shai-Hulud attack trojanizes 19 science-focused PyPI packages cybersecurity · 35d ago DSPM étude marche cybersecurity · 35d ago CMMC Phase 2 November 2026: two readings of SR.1 — C3PAOs are applying the one that requires a verifiable chain, not just a file cybersecurity · 35d ago New Apple feature automatically changes your compromised passwords BleepingComputer · 35d ago Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks darkreading · 35d ago AppSec / Pentesting job market in Canada for experienced overseas applicants? cybersecurity · 35d ago New Shai-Hulud attack trojanizes 19 science-focused PyPI packages BleepingComputer · 35d ago Stop Treating Low Severity CVEs as Noise. Start Treating Them as Ingredients. cybersecurity · 35d ago Check Point VPN Flaw Exploited Since Early May darkreading · 35d ago Automation Playbooks - which ones would you not want to live without? cybersecurity · 35d ago Is it necessary/important to Hash and salt API Keys for a strictly internal use tool? cybersecurity · 35d ago Need review on the OMS Cybersecurity program from Georgia Tech? cybersecurity · 36d ago If You Use Claude or Gemini, This Microsoft Breach Means Your Data Is at Risk cybersecurity · 36d ago 2026 Verizon DBIR: vulnerability exploitation overtakes stolen credentials as #1 breach entry point for the first time in 19 years cybersecurity · 36d ago Security Notice: Former Helm APT Mirror Domain `baltocdn.com` Statement For [Blue|Purple] Teams in Cyber Defence · 36d ago How do you close an alert cybersecurity · 36d ago Iran Signed a Ceasefire — Its Hackers Didn't darkreading · 36d ago What cybersecurity certifications are great value for money? cybersecurity · 36d ago Boxes for CPENT cybersecurity · 36d ago WhatsApp says it disrupted new NSO spyware phishing attacks BleepingComputer · 36d ago SIEM: is it "SIM" or "SEEM" cybersecurity · 36d ago I’m looking for recommendations for an online Master’s program that is recognized in the Middle East. (Better if certifications are included) cybersecurity · 36d ago Fake Interview deploys stealthy cross platform (macOS/Windows) through npm package install in take home assessment Malware Analysis & Reports · 36d ago How justdeleteme and justgetmydata work? cybersecurity · 36d ago Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint CyberScoop · 36d ago GitHub - Teycir/ApiHunter: Async API security scanner in Rust for CORS, CSP, GraphQL, JWT, OpenAPI, and active API posture checks. hacking: security in practice · 36d ago How CIAM Helps Boost Business Cyber Defense Magazine · 36d ago I need help - PCI DSS 4.0 requirement 11.6.1 cybersecurity · 36d ago How are you learning agent pen testing? cybersecurity · 36d ago Gogs patches critical zero-day enabling remote code execution BleepingComputer · 36d ago HTTP/2 HPACK amplification: detection signatures + the nginx/Apache directives that actually stop it (lab- & vps verified) For [Blue|Purple] Teams in Cyber Defence · 36d ago Cyber security intern cybersecurity · 36d ago [Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme Reverse Engineering · 36d ago [Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme Reverse Engineering · 36d ago Introducing Shark Jack Display 🦈 Hak5 · 36d ago Meta to take legal action against Israeli spyware company NSO cybersecurity · 36d ago Critical UniFi OS bug lets hackers gain root without authentication BleepingComputer · 36d ago Inside SStar Agent, a cross-platform RAT with an unfinished macOS toolkit cybersecurity · 36d ago What's the best way to alert companies of a Glassworm copycat? cybersecurity · 36d ago How To Verify If A Site Is Legit? cybersecurity · 36d ago First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security Reverse Engineering · 36d ago What is Flaresolverr cybersecurity · 36d ago Research: defenders using generative AI to simulate malware variants before they exist in the wild cybersecurity · 36d ago Reducing security operations complexity with Wazuh Cloud BleepingComputer · 36d ago How are regulated orgs actually letting engineers use Claude Code / Copilot? cybersecurity · 36d ago Cyber security expo Manchester cybersecurity · 36d ago Content creations was both a blessing and a curse. #bugbounty NahamSec · 36d ago Remote Hiring Opened the Talent Pool — and the Fraud Surface cybersecurity · 36d ago Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it Technical Information Security Content & Discussion · 36d ago Check Point links VPN zero-day attacks to Qilin ransomware gang BleepingComputer · 36d ago World Cloud Security Day Cyber Defense Magazine · 36d ago This Hacker Made $7,000 Hacking AI With One Email NahamSec · 36d ago EMBA firmware analysis framework v2.0.2 available - Party the big 2k Reverse Engineering · 36d ago Hades Cluster PyPI Worm Abuses Python Startup Hooks cybersecurity · 36d ago What certs should I do during summer of 11th grade? cybersecurity · 36d ago CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) cybersecurity · 36d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 36d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 36d ago Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine cybersecurity · 36d ago Oxford University discloses data breach after careers platform hack cybersecurity · 36d ago Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification Heimdal Security Blog · 36d ago Oxford University discloses data breach after careers platform hack BleepingComputer · 36d ago Vendor ISO 27001 Assessment - Questions Around Control 8.29 Security Testing cybersecurity · 36d ago Got this message from “SimBoss” cybersecurity · 36d ago PKCS12 Golang fork cybersecurity · 36d ago The AI security race needs accountability, not overregulation CyberScoop · 36d ago Malware Insights: Miasma Campaign cybersecurity · 36d ago 73 Microsoft GitHub repositories impacted by Miasma malware Malware Analysis & Reports · 36d ago 73 Microsoft GitHub repositories impacted by Miasma malware cybersecurity · 36d ago [Honeypot Research] Looking for volunteers to test telemetry/logs cybersecurity · 36d ago Heyy ik it sounds dumb but can we just get access to one's gaming acc?🙏 hacking: security in practice · 36d ago What is the condition of Bug Bounty program in the era of AI. cybersecurity · 36d ago Opening a cloned repo is no longer safe cybersecurity · 36d ago Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse cybersecurity · 36d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 36d ago CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers cybersecurity · 36d ago Google Colab CLI opens runtimes to Claude Code and Codex cybersecurity · 36d ago VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks cybersecurity · 36d ago Over 20,000 Instagram accounts stolen in Meta AI support hack BleepingComputer · 36d ago The AI governance gap no one is talking about: deployment-stage accountability cybersecurity · 36d ago Security Review Request — TID Linux Kernel Module For [Blue|Purple] Teams in Cyber Defence · 36d ago Building a safe, effective sandbox to enable Codex on Windows For [Blue|Purple] Teams in Cyber Defence · 36d ago Query-Hub: CQL Hub is an open repository of detection and hunting queries for CrowdStrike NextGen SIEM and Falcon LogScale. For [Blue|Purple] Teams in Cyber Defence · 36d ago About PCIe DMA Cheats: Protocol, IOMMU, Hardware, and Detection For [Blue|Purple] Teams in Cyber Defence · 36d ago BusyWork: Replacing Sleep with Real Work to Break Behavioral Detection For [Blue|Purple] Teams in Cyber Defence · 36d ago Z-Jail: A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine (Truthimatics Public Version) for secure, auditable code execution. For [Blue|Purple] Teams in Cyber Defence · 36d ago Unauthorized Onlyfans Payment Malware Analysis & Reports · 36d ago Free Study Resources for Comptia Cysa+ cybersecurity · 36d ago What's up with powershellforhackers.com? hacking: security in practice · 36d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 36d ago May 2026 CVE Landscape Recorded Future · 36d ago Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open Trend Micro Research, News, Perspectives · 36d ago Hands on with Intelligent Terminal, an AI-powered Windows Terminal BleepingComputer · 36d ago Hi there cybersecurity · 36d ago Final risk-based IT Audit interview round with Director and have no experience. Please help! cybersecurity · 36d ago Needed help cybersecurity · 36d ago HDD Firmware Hacking Part 1 Reverse Engineering · 36d ago [ Removed by Reddit ] cybersecurity · 37d ago UPnPHostFileRead: Arbitrary file read exploit for the Windows UPnP Device Host service. For [Blue|Purple] Teams in Cyber Defence · 37d ago Career advice cybersecurity · 37d ago Do people really click on links from unknown numbers? hacking: security in practice · 37d ago PhD in cyber Security cybersecurity · 37d ago Built a password guessing game. Almost everyone stuck in level 5. cybersecurity · 37d ago OSINT (SOCIAL MEDIA) cybersecurity · 37d ago Beginner KQL project cybersecurity · 37d ago Question about WORM and encryption cybersecurity · 37d ago Update:Certified cyber security cybersecurity · 37d ago Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction Reverse Engineering · 37d ago How to unlock whitelabeled uniview IPcam hacking: security in practice · 37d ago EDRChoker: A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server. For [Blue|Purple] Teams in Cyber Defence · 37d ago Has anyone have any idea what to expect from Information security engineer- Network interview at Glidewell Dental cybersecurity · 37d ago Can converted video files contain malware? hacking: security in practice · 37d ago Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction) cybersecurity · 37d ago Malware that survives reinstalling the BIOS and OS cybersecurity · 37d ago Am I overthinking the x86 compatibility issues? how much friction am I actually facing? cybersecurity · 37d ago Fedora Linux 43 exposes 20-year-old Microsoft Outlook security failure cybersecurity · 37d ago Managing Microsoft Identity Is More Complicated Than It Looks cybersecurity · 37d ago C0XMO botnet spreads via DD-WRT router flaw, kills rival malware BleepingComputer · 37d ago Silent Ransom Group targets law firms with fake IT support calls BleepingComputer · 37d ago Zhiyun Weebil-S Camera Gimbal BLE Protocol Reverse Engineering · 37d ago My work email got subscribed to a bunch of israel newsletters cybersecurity · 37d ago Shadow AI cybersecurity · 37d ago Rate limiting is not enough. What else can I use? cybersecurity · 37d ago CMMC Is Here, But AI Changes The Compliance Conversation Cyber Defense Magazine · 37d ago How To Avoid Potential Malware From Transferring To New Laptop cybersecurity · 37d ago Sysmon RegistryEvent exclude not overriding include rule for Event ID 13 cybersecurity · 37d ago Sysmon RegistryEvent exclude not overriding include rule for Event ID 13 For [Blue|Purple] Teams in Cyber Defence · 37d ago Can't decide. cybersecurity · 37d ago looking for partners cybersecurity · 37d ago My edge is changing into bing when I search something cybersecurity · 37d ago Reverse Engineering the Garmin Running Dynamics BLE protocol Reverse Engineering · 37d ago Cybersecurity reality check cybersecurity · 37d ago [ Removed by Reddit ] cybersecurity · 37d ago EDRChoker: Choking The Telemetry Stream to Bypass Defenses Technical Information Security Content & Discussion · 37d ago Information Management cybersecurity · 37d ago Pwnd Blaster: Hacking your PC using your speaker without ever touching it For [Blue|Purple] Teams in Cyber Defence · 37d ago cygor: An modular asset discovery framework written in python to automate the repeating manual work For [Blue|Purple] Teams in Cyber Defence · 37d ago On May 31, 2026, Meta discovered that there was a vulnerability in an AI-assisted account recovery system for Instagram ("High Touch Support" or "HTS") that was exploited byun authorized third parties to perform password resets on Instagram user accounts. For [Blue|Purple] Teams in Cyber Defence · 37d ago Chinese-Cybercrime-Research: Resources to learn more about Chinese-language cybercrime actors. For [Blue|Purple] Teams in Cyber Defence · 37d ago Inside an Active STX RAT Supply Chain Campaign - A threat actor spent one month building a trojanized software supply chain aimed at a specific type of victim For [Blue|Purple] Teams in Cyber Defence · 37d ago Unmasking Quellostanco: How a Git Commit Exposed a Threat Actor Targeting Egyptian Infrastructure (co-authored) For [Blue|Purple] Teams in Cyber Defence · 37d ago The Privileged Roles Nobody Talks About For [Blue|Purple] Teams in Cyber Defence · 37d ago Auditing GitLab: The CI/CD Kill Chain - GoGatoZ — a purpose-built Go tool for GitLab CI/CD security auditing that can perform and automate the entire CI/CD kill chain... For [Blue|Purple] Teams in Cyber Defence · 37d ago Popping Root on UniFi OS Server: Unauthenticated RCE Chain Detection & Analysis For [Blue|Purple] Teams in Cyber Defence · 37d ago 21 Zero-Days in FFmpeg For [Blue|Purple] Teams in Cyber Defence · 37d ago IronWorm Malware cybersecurity · 37d ago Why do we use UNC for smbclient ? Why don't we use UNC for nc or ssh? cybersecurity · 37d ago Why do we use UCL for smbclient ? Why don't we use UCL for nc or ssh? cybersecurity · 37d ago Everyone's planning post-quantum migration for enterprises. Nobody's talking about your password manager cybersecurity · 37d ago depthfirst's AI agent found 21 FFmpeg zero-days (CVE-2026-39210–39218) for ~$1,000 — oldest bug from 2003. What does this do to the economics of vuln research? For [Blue|Purple] Teams in Cyber Defence · 37d ago PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware Technical Information Security Content & Discussion · 37d ago Is a separate “clean” S3 bucket actually a security boundary for uploaded files? cybersecurity · 37d ago CVE-2026-46640: Developing payloads for Twig sandbox bypass Technical Information Security Content & Discussion · 37d ago CVE-2026-46640: Developing payloads for Twig sandbox bypass cybersecurity · 37d ago CrowdStrike LogScale queries I use to detect LOLBin- built from 10 years of production SOC work For [Blue|Purple] Teams in Cyber Defence · 37d ago PenTest+ Exam cybersecurity · 37d ago Rooted your router lately? hacking: security in practice · 37d ago AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs cybersecurity · 37d ago The Detection & Response Chronicles: Covert Operations Through QEMU For [Blue|Purple] Teams in Cyber Defence · 38d ago The Interesting Case of WSL for Payload Staging For [Blue|Purple] Teams in Cyber Defence · 38d ago The Click that shouldn’t have worked: RCE via clickjacking in Internet Explorer For [Blue|Purple] Teams in Cyber Defence · 38d ago Ongoing Targeted Campaign Against US Law Firms For [Blue|Purple] Teams in Cyber Defence · 38d ago New China-Linked Cluster OP-512 For [Blue|Purple] Teams in Cyber Defence · 38d ago Looking for guidance cybersecurity · 38d ago 5$ to whoever can find the email of my old YouTube channel hacking: security in practice · 38d ago Before you attempt any OffSec certification, read what just happened to me cybersecurity · 38d ago Reporting Metrics for Management cybersecurity · 38d ago got hit with SOC 2, cyber insurance, and a prospect pentest request at the same time cybersecurity · 38d ago This company is scaming people hacking: security in practice · 38d ago Found an old Discord CDN ZIP in Opera downloads and I’m trying to figure out if I should be worried cybersecurity · 38d ago HackTheBox - Facts IppSec · 38d ago Critical Everest Forms Pro flaw exploited to take over WordPress sites BleepingComputer · 38d ago Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload. cybersecurity · 38d ago AI Security Certificates cybersecurity · 38d ago Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload. For [Blue|Purple] Teams in Cyber Defence · 38d ago Guys is bug bounty dead? cybersecurity · 38d ago How are folks making it in bug bounty? cybersecurity · 38d ago How useful is it to require at least one uppercase letter in a password? cybersecurity · 38d ago Cybersecurity Improved Detection But Exposed a New Problem Cyber Defense Magazine · 38d ago Cyber security ! Is no more ? cybersecurity · 38d ago From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services For [Blue|Purple] Teams in Cyber Defence · 38d ago MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain For [Blue|Purple] Teams in Cyber Defence · 38d ago Six Stages Deep and an Endless Loop: Shai-Hulud Is Getting Sophisticated For [Blue|Purple] Teams in Cyber Defence · 38d ago Game Over: WeedHack - The Rise of Minecraft Malware-as-a-Service Campaigns For [Blue|Purple] Teams in Cyber Defence · 38d ago About ETW Internals: Architecture, Hooking, Tampering, and Detection For [Blue|Purple] Teams in Cyber Defence · 38d ago PoisonXドライバを用いた日本組織への攻撃キャンペーン - Attack campaign against Japanese organizations using PoisonX driver For [Blue|Purple] Teams in Cyber Defence · 38d ago Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp For [Blue|Purple] Teams in Cyber Defence · 38d ago Async PICOs and Custom Beacon Wakeups in Cobalt Strike For [Blue|Purple] Teams in Cyber Defence · 38d ago Enter the WasmForge: Compiling Sliver into WebAssembly For [Blue|Purple] Teams in Cyber Defence · 38d ago staged-DLL-Injection-SMB-: Staged DLL injection proof-of-concept built in C using Win32 APIs For [Blue|Purple] Teams in Cyber Defence · 38d ago Trend Micro Deep Security Agent Research: Forcing bmhook/tmhook Reloads to Open a Protection Bypass Window For [Blue|Purple] Teams in Cyber Defence · 38d ago Seven Years on a Public Clipboard: Pasted Secrets, Türkiye's Exposure, and a Stored XSS For [Blue|Purple] Teams in Cyber Defence · 38d ago BOF Cocktails in Cobalt Strike For [Blue|Purple] Teams in Cyber Defence · 38d ago Address Translation For [Blue|Purple] Teams in Cyber Defence · 38d ago CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers cybersecurity · 38d ago Ghosts in the Cloud: Chinese Hackers Hid in Microsoft 365 Networks for 18 Months cybersecurity · 38d ago Antimiasma Worm to discover/mitigate/vaccinate Miasma worm infected repositories cybersecurity · 38d ago Investigation into APT 5 and their inner workings of PLA Troop 61786 For [Blue|Purple] Teams in Cyber Defence · 38d ago How to train employees to feel when something's off? cybersecurity · 38d ago Building A Malware Lab From Scratch Part 2! Malware Analysis & Reports · 38d ago A modular autonomous-agent runtime written in C hacking: security in practice · 38d ago The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy For [Blue|Purple] Teams in Cyber Defence · 38d ago ALERT OVERLOAD cybersecurity · 38d ago CISA and Partners Urge Hardening Automatic Tank Gauge Systems For [Blue|Purple] Teams in Cyber Defence · 38d ago Magecart skimmer turns Stripe into a malware command server For [Blue|Purple] Teams in Cyber Defence · 38d ago Security advisory: Brute force attack on Dashlane user accounts For [Blue|Purple] Teams in Cyber Defence · 38d ago Cisco Security Advisory: Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability For [Blue|Purple] Teams in Cyber Defence · 38d ago A new extortion brand called Pink, tracked as cluster CL-CRI-1147, that leverages vishing for initial access for the purposes of extortion. CL-CRI-1147 is likely a Com-affiliated actor, with techniques similar to Bling Libra (ShinyHunters) and CL-CRI-1116 (Blackfile/Redact). For [Blue|Purple] Teams in Cyber Defence · 38d ago IronWorm: Shai-Hulud's rustier cousin For [Blue|Purple] Teams in Cyber Defence · 38d ago Finally! A modern Android menu template with ImGui + Zygisk + all major hooking libraries (Dobby, KittyMemory, Substrate) Reverse Engineering · 38d ago CTO at NCSC Summary: week ending June 7th cybersecurity · 38d ago Weil reportedly pays up to $20 million after hackers steal client data For [Blue|Purple] Teams in Cyber Defence · 38d ago CTO at NCSC Summary: week ending June 7th For [Blue|Purple] Teams in Cyber Defence · 38d ago A new BitLocker bypass allows access to encrypted drive in the pre-boot environment with all Windows security features enabled cybersecurity · 38d ago defending-code-reference-harness: Claude skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize For [Blue|Purple] Teams in Cyber Defence · 38d ago 1-Click GitHub Token Stealing via a VSCode Bug For [Blue|Purple] Teams in Cyber Defence · 38d ago The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds For [Blue|Purple] Teams in Cyber Defence · 38d ago Microsoft Azure Repositories Compromised (Disabled) as Miasma Worm Targets AI Coding Agents Through GitHub cybersecurity · 38d ago Detecting npm Native Addon Malware: node-gyp Abuse Malware Analysis & Reports · 38d ago AppSec Engineer Interview Stories cybersecurity · 38d ago [OpenSource] Multi-layer sandbox for native code execution on Linux with no external deps. cybersecurity · 38d ago Multi-layer sandbox for native code execution on Linux with no external deps. For [Blue|Purple] Teams in Cyber Defence · 38d ago Is there a safe way to continue using (unsupported) Windows 10? cybersecurity · 38d ago Is Splunk suitable for smaller Enterprises? cybersecurity · 38d ago Has anyone else had MFA prompt fatigue issues with users? cybersecurity · 38d ago Data Scrubbing from Databases cybersecurity · 38d ago Best Certificates? cybersecurity · 38d ago Rant cybersecurity · 38d ago New York passes data center moratorium and consumer protections as environmental, and housing proposals stall cybersecurity · 38d ago Cyber attackers have a new favorite, the browser cybersecurity · 38d ago Looking to get into cybersecurity in web3 cybersecurity · 38d ago Microsoft discovered that Anthropic's Claude Code GitHub Action is vulnerable to prompt injection attacks via issues and Pull Requests cybersecurity · 38d ago Suspicious Polyfill login prompts pop up on Toshiba, Muji websites BleepingComputer · 38d ago Should i use email 2fa or only auth and phone number? cybersecurity · 38d ago Can I break into cybersecurity with a white collar felony? cybersecurity · 38d ago Open Source Intelligence - Building AI Systems That Handle Contradiction at Scale cybersecurity · 38d ago How are people supposed to defend against both supply chain attack and zero-day vulnerabilities at the same time? cybersecurity · 39d ago What kind of topics do you think should be covered more (in conferences, youtube etc) but they arent? cybersecurity · 39d ago Innovator Spotlight: Airrived Cyber Defense Magazine · 39d ago CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers BleepingComputer · 39d ago How Hard is This cybersecurity · 39d ago Reverse Engineering Crazy Taxi, Part 3 Reverse Engineering · 39d ago Ghidra 12.1.2 has been released! Reverse Engineering · 39d ago Installed Fake Codex hidden as a google site cybersecurity · 39d ago Chinese APT deploys new malware to keep access to hacked networks BleepingComputer · 39d ago Virustital scan result help cybersecurity · 39d ago CrowdStrike Turned an AI Wave Into Its Best Quarter Ever cybersecurity · 39d ago Dark web Nemesis Market vendor gets 26 years for selling drugs BleepingComputer · 39d ago ESP32 Bit Pirate - An Hardware Hacking Tool That Speaks Every Protocol - Version 1.6, new Pirate Assistant in the WebUI, USB adapter system - IR SUBGHZ WIFI BT JTAG I2C UART SPI 1WIRE 2WIRE 3WIRE RF24 ETH and more hacking: security in practice · 39d ago Cyber Resilience Act - Position? Pain points? Struggle? Possible solutions? cybersecurity · 39d ago I fell for the cybersecurity degree trap and thought I could beat the job market, I could not. Not sure what to do now cybersecurity · 39d ago Being a Security Engineer? Which AI-powered tools are you using on a daily basis? cybersecurity · 39d ago Over 900 US gas station tank gauge systems exposed to attacks cybersecurity · 39d ago Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person cybersecurity · 39d ago SIEM is broken in the AI agents era cybersecurity · 39d ago TCM Security CTF Walkthrough The Cyber Mentor · 39d ago Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption Technical Information Security Content & Discussion · 39d ago Google Cloud hit by fresh layoffs, security and Mandiant teams among those affected cybersecurity · 39d ago Extending a map tool for Cataclismo Reverse Engineering · 39d ago Over 900 US gas station tank gauge systems exposed to attacks BleepingComputer · 39d ago Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away CyberScoop · 39d ago Keeping Secrets Out of Logs Technical Information Security Content & Discussion · 39d ago Phantom Gyp npm Worm Abuses node-gyp Build Hooks cybersecurity · 39d ago Certified cybersecurity ISC2 cybersecurity · 39d ago Help studying for OSCP cybersecurity · 39d ago The current state of Threat Intelligence Tooling cybersecurity · 39d ago What 2026 DBIR Confirms: Attacks Are Living in the Browser BleepingComputer · 39d ago Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware cybersecurity · 39d ago I've been reverse engineering a lost 2010 horse MMO and I need contributors Reverse Engineering · 39d ago Cloud Security In Practice Cyber Defense Magazine · 39d ago We tested offensive AI agents against deception technology cybersecurity · 39d ago A matter that I have been losing my sleep over cybersecurity · 39d ago Any experience with Rootly or incident.io for cyber incident management? cybersecurity · 39d ago CTIA Study Resources & Preparation Advice? cybersecurity · 39d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 39d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 39d ago Black hat uk vs brucon cybersecurity · 39d ago Unauthenticated RCE as QSECOFR via IBM i Management Central — port 5555, client-controlled verify flag, no credentials required (V7R4 and earlier) Technical Information Security Content & Discussion · 39d ago Cisco warns of unpatched SD-WAN zero-day exploited in attacks cybersecurity · 39d ago NIS2 hits railway hard cybersecurity · 39d ago Introducing Package Proxy: supply-chain safety checks without client-side software For [Blue|Purple] Teams in Cyber Defence · 39d ago I need help guys… :( cybersecurity · 39d ago Question from the Seniors cybersecurity · 39d ago China-Linked Cybercrime Group Expands Attacks Beyond Asia With AI-Assisted Malware cybersecurity · 39d ago AI-Powered Cheats & Stolen Secrets: Teardown of the Yuta/Solara Roblox Stealer For [Blue|Purple] Teams in Cyber Defence · 39d ago Can one reveal the asterisks in an email? hacking: security in practice · 39d ago what certs have u seen in ai security related job posts ? cybersecurity · 39d ago How is the Security Architecture / Strategic IT Security process structured in your organization? cybersecurity · 39d ago Proxmark3 vs Proxmark5 Side by Side hacking: security in practice · 39d ago Should I go for it? hacking: security in practice · 39d ago What's happening in cybersecurity job market in US and Europe these days? cybersecurity · 39d ago Microsoft Warns of GPU Cryptojacking Campaign Spread Through AI Chatbot Links Malware Analysis & Reports · 39d ago Has any of you pivoted from GRC to CTI? cybersecurity · 39d ago Up-date-list of cybercrime types? cybersecurity · 39d ago Cisco warns of unpatched SD-WAN zero-day exploited in attacks BleepingComputer · 39d ago HookNt: A Windows x64 tool to trace NT APIs by injecting an import-free DLL, installing ntdll trampolines, and streaming events over named pipes Reverse Engineering · 39d ago What else should I learn to build a strong cybersecurity foundation? cybersecurity · 39d ago zannotate: Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS) For [Blue|Purple] Teams in Cyber Defence · 39d ago Hackerone interview cybersecurity · 39d ago Ransomware in the AI Era | ft. Behnaz Karimi | Ep. 109 | ScaleToZero Podcast | Cloudanix cybersecurity · 39d ago The Deny ACE That Never Fires: Non-Canonical ACL Order in Active Directory For [Blue|Purple] Teams in Cyber Defence · 39d ago VerdantBamboo: Just Another BRICKSTORM in the Firewall For [Blue|Purple] Teams in Cyber Defence · 39d ago AzureRedOps: Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID For [Blue|Purple] Teams in Cyber Defence · 39d ago MXC Internals: How Microsoft's eXecution Containers Actually Isolate Agent Code For [Blue|Purple] Teams in Cyber Defence · 39d ago IronWorm Supply Chain Malware Hits npm For [Blue|Purple] Teams in Cyber Defence · 39d ago FSB’s matryoshka #3/3 - Gamaredon’s gifts that keeps unpacking - GammaSteel For [Blue|Purple] Teams in Cyber Defence · 39d ago FSB’s matryoshka #2/3 - Gamaredon’s gifts that keeps unpacking - GammaLoad For [Blue|Purple] Teams in Cyber Defence · 39d ago You do surprise me.exe: An unexpected executable in Hola Browser For [Blue|Purple] Teams in Cyber Defence · 39d ago Testing URL Rewriting? cybersecurity · 39d ago Got an internship in IAM with no qualifications and no soft skills cybersecurity · 39d ago Work Hours of DFIR/Cloud Security vs Pentest cybersecurity · 39d ago Narcissistic Tech Leader.... cybersecurity · 39d ago Anyone else's firewall logs just explode after midnight? cybersecurity · 39d ago I'm replacing myself.. at least the boring parts cybersecurity · 39d ago Anyone else dealing with these phantom login attempts from China? cybersecurity · 39d ago Multi-layer sandbox for native code execution on Linux with no external deps. Reverse Engineering · 39d ago Best way to fully clear windows and set everything up securely (pc, accounts etc) cybersecurity · 39d ago IBM, AT&T Accused by Whistleblower of Covering Up Foreign Hacks cybersecurity · 39d ago Soc analyst cybersecurity · 39d ago Do companies actually require cybersecurity insurance cybersecurity · 39d ago Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantage Recorded Future · 39d ago Is it possible to backdate emails, including the intermediate received dates, not just smtp sent date header hacking: security in practice · 39d ago Certification Questions | LIVE AMA | Summer of CCNA NetworkChuck · 39d ago Brave Software releases Origin for a paid, bloat-free browsing experience BleepingComputer · 39d ago Hola Browser for Windows compromised to deliver cryptominer BleepingComputer · 39d ago Credit card theft campaign abuses Stripe to host stolen payment info BleepingComputer · 39d ago Hill Dems hammer GOP for $250M CISA budget cut CyberScoop · 39d ago Uncommon/Unusual CrowdStrike Alerts cybersecurity · 39d ago Cyber analyst: law firm or bank cybersecurity · 40d ago best free av and how do i properly setup passwords? cybersecurity · 40d ago Five 9 Vulnerability cybersecurity · 40d ago Failed to verify LHOST error for long links in metasploit hacking: security in practice · 40d ago CVE Lite CLI closes dependency gap — but won't stop modern threats cybersecurity · 40d ago DentaQuest data breach exposed info of 2.6 million accounts BleepingComputer · 40d ago Scope change cybersecurity · 40d ago We just stopped a social engineering attack on our service desk. Here’s how it played out. cybersecurity · 40d ago System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models Reverse Engineering · 40d ago System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models Technical Information Security Content & Discussion · 40d ago Your AI agent could become your biggest insider threat CyberScoop · 40d ago What is the most underestimated cybersecurity risk right now? cybersecurity · 40d ago Update: Company is paying for any certification, which should I obtain? Except Sans cybersecurity · 40d ago New paper: every AI model has a naturally occurring unforgeable fingerprint in how it ranks tokens, relevant to fake model detection and supply chain verification cybersecurity · 40d ago Anyone else's firewall vendor docs a total nightmare? cybersecurity · 40d ago Your opinions about a learning style cybersecurity · 40d ago UN food agency discloses breach affecting 600,000 Gaza households BleepingComputer · 40d ago Why Real-Time Fraud Prevention Is the Only Way to Stop AI-Driven Attacks cybersecurity · 40d ago New IronWorm malware hits 36 packages in npm supply-chain attack cybersecurity · 40d ago Is Marauder available for ESP32-S3 Mini? hacking: security in practice · 40d ago Anyone else see their firewall logs just explode after a cloud update? cybersecurity · 40d ago Gemini whatsapp hacking: security in practice · 40d ago Are certifications necessary to get a job in cybersecurity? cybersecurity · 40d ago China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa Proofpoint News Feed · 40d ago Part 2: Bulk-Injection / Back-dating Signature Found in Public Tech-Governance Dataset (RDB Constraint Bypass) cybersecurity · 40d ago New IronWorm malware hits 36 packages in npm supply-chain attack BleepingComputer · 40d ago Is retyping and translating textbooks too inefficient for CS/Cybersecurity? cybersecurity · 40d ago Free Microsoft Enterprise Security Assessment: Worth It cybersecurity · 40d ago Empty-ciphertext panic in aws-encryption-provider (CVD with AWS) Technical Information Security Content & Discussion · 40d ago How are organizations preparing for AI-generated phishing attacks? cybersecurity · 40d ago Re:CACHE - Excessive reflection, type confusion, and 0-click SXSS on Next.js Technical Information Security Content & Discussion · 40d ago Inside the race to adapt to an AI-powered security world cybersecurity · 40d ago 127.0.0.1 in eight headers: what attackers hide in X-Forwarded-For cybersecurity · 40d ago Inside the race to adapt to an AI-powered security world CyberScoop · 40d ago Microsoft blames unexpected Windows driver updates on caching issue cybersecurity · 40d ago Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook BleepingComputer · 40d ago Critical Ledger State-Machine Violation Found in Public Tech-Governance Node Dashboard (Debit Card Transaction Injected on 0 Balance) cybersecurity · 40d ago Enter the WasmForge: Compiling Sliver into WebAssembly Technical Information Security Content & Discussion · 40d ago Microsoft blames unexpected Windows driver updates on caching issue BleepingComputer · 40d ago Your CPU model leaks through the browser via WASM timing differences cybersecurity · 40d ago LSASS/Defender/CTFMON analysis For [Blue|Purple] Teams in Cyber Defence · 40d ago Segment With Purpose: A Zero Trust Blueprint For OT Network Segmentation In Manufacturing Cyber Defense Magazine · 40d ago Software supply chain attacks: check your dependencies For [Blue|Purple] Teams in Cyber Defence · 40d ago Police dismantles fake ID marketplace used by migrant smugglers BleepingComputer · 40d ago void-sniff: A lightweight x64 Native API syscall monitor with a custom inline hook engine and zero dependencies Reverse Engineering · 40d ago Chinese Cybercrime Group in Spotlight for Record Campaign Pace cybersecurity · 40d ago NAVTOR NavBox All CISA Advisories · 40d ago Hitachi Energy MACH HiDraw All CISA Advisories · 40d ago Hitachi Energy ITT600 Explorer All CISA Advisories · 40d ago B&R PPT30 Operating System All CISA Advisories · 40d ago Hitachi Energy RTU500 All CISA Advisories · 40d ago Extremely suspicious behaviour by memu emulator Malware Analysis & Reports · 40d ago Security Engineer 2 interview at Amazon coming up - What to expect? cybersecurity · 40d ago A researcher spent $1,500 testing if LLMs could hack a vulnerable app cybersecurity · 40d ago Help with university internship cybersecurity · 40d ago Are MCP servers becoming the next API security nightmare? cybersecurity · 40d ago Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator For [Blue|Purple] Teams in Cyber Defence · 40d ago Cisco warns of critical Unified CM flaw with PoC exploit code BleepingComputer · 40d ago What's the cybersecurity lesson you learned the hard way? cybersecurity · 40d ago ISO 27001 Surveillance audit vs Full recertification cybersecurity · 40d ago How important it is to get paid Cybersecurity certificates ? cybersecurity · 40d ago Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process cybersecurity · 40d ago Soc to Architecture cybersecurity · 40d ago Does "example file vulnerability" exists? cybersecurity · 40d ago VS code forces 2 hour cool down for most integrations. cybersecurity · 40d ago Company laptop isolated after Brave/Tor alert - should I be worried? cybersecurity · 40d ago Does anyone know how to send false positive to SOCradar ? virus total cybersecurity · 40d ago Looking for people to team up for Bug Bounties & CTFs cybersecurity · 40d ago Signal Without Smartphone cybersecurity · 40d ago I found a trojan on my pc and now im scared my private calls got leaked cybersecurity · 40d ago Meta, Microsoft & DOJ Smash Southeast Asia Scam Rings: 1.4 Million Accounts Removed, 63 Arrests cybersecurity · 40d ago CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog cybersecurity · 40d ago How do you change users behavior through awareness training? cybersecurity · 40d ago AI-built ransomware toolkit automates EDR evasion, AD discovery cybersecurity · 40d ago 29 open-source Sigma/Wazuh rules for Modbus, DNP3, IEC 104, MQTT, OPC-UA (OT/ICS detection) For [Blue|Purple] Teams in Cyber Defence · 40d ago Safe Rust API for wolfSSL/wolfCOSE hacking: security in practice · 40d ago Safe Rust API for wolfSSL/wolfCOSE cybersecurity · 40d ago Looking for feedback on my open-source OT detection ruleset (29 rules for Wazuh/Sigma) cybersecurity · 40d ago AMD GPU Users might be compromised cybersecurity · 40d ago [ Removed by Reddit ] cybersecurity · 40d ago Five Eyes Warn: Chinese Spies Using LinkedIn Recruitment Tactics to Access Sensitive Information cybersecurity · 40d ago CISA warns of cyberattacks targeting fuel tank monitoring systems cybersecurity · 40d ago [CTF] Struggling to extract RTSP stream from generic Chinese IP Cams (Altobeam SoC) via ONVIF cybersecurity · 40d ago how to get good at cyber security? cybersecurity · 40d ago Anyone use CrunchAtlas? cybersecurity · 40d ago Prompt monitoring laughs cybersecurity · 40d ago Malicious Payload in ai-sdk-ollama npm Package cybersecurity · 40d ago Can Someone Please ELI5 - "YellowKey" (CVE-2026-45585) to me? (an IT admin that survived the Great Global CrowdStrike Outage of 24) cybersecurity · 40d ago Resource Exhaustion hacking: security in practice · 40d ago what the HELL is dsztfso? cybersecurity · 40d ago Open Source - 2500 New MITRE Mutations For [Blue|Purple] Teams in Cyber Defence · 40d ago Yubikey Alternative....? cybersecurity · 40d ago Hiring cybersecurity · 40d ago Malware Malware Analysis & Reports · 40d ago CVE-2026-42897: Applying the Mitigation and Closing the Incident Are Not the Same Thing cybersecurity · 40d ago Threats to the 2026 FIFA World Cup Recorded Future · 40d ago Remembering Sir Alex Younger Recorded Future · 40d ago Agent-Ready: How to Prepare Your Site for AI-Driven Commerce Blog – Forter · 40d ago Certification Advice cybersecurity · 40d ago Question about Linux kernel TLS ULP disclosed June 2 to oss-security cybersecurity · 40d ago European authorities crack down on illegal streaming networks CyberScoop · 40d ago An IT guy basically stole my entire gmail account and probably posted it somewhere...how do I search for this? cybersecurity · 40d ago Chinese hackers use new Atlas RAT malware in European cyberattacks BleepingComputer · 40d ago How to Rob a Data Center (new article on data center physical security) cybersecurity · 40d ago Hermes has a Home Assistant skill and it's unreal! NetworkChuck · 40d ago US: California Back & Pain Specialists Exposes 133GB of Patient Medical Records on Public Server cybersecurity · 40d ago Is it worth taking the EC councils masters program?? Are they legit /2026 cybersecurity · 40d ago Mid-level AppSec engineers: what do you actually study to prep for interviews? cybersecurity · 40d ago Automated Fault Injection Attack Framework Reverse Engineering · 40d ago The U.S. sanctions Nobitex crypto exchange used by ransomware BleepingComputer · 40d ago CISA warns of cyberattacks targeting fuel tank monitoring systems BleepingComputer · 40d ago Season VI of the US Games launches TOMORROW! Technical Information Security Content & Discussion · 41d ago Company is paying for any certification, which should I obtain? cybersecurity · 41d ago DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels CyberScoop · 41d ago Trusting Microsoft with your offensive security repos cybersecurity · 41d ago Automated Fault Injection Attack Framework cybersecurity · 41d ago Inside DesckVB Rat Analysis: From Malspam to In-Memory RAT For [Blue|Purple] Teams in Cyber Defence · 41d ago Bring Your Own RWX Region DLL (BYORWXDLL) For [Blue|Purple] Teams in Cyber Defence · 41d ago Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem For [Blue|Purple] Teams in Cyber Defence · 41d ago APT-C-26(Lazarus)组织利用CVE-2025-55182与Copperhedge组件的攻击行动分析 - Analysis of APT-C-26 (Lazarus) group's attack activities using CVE-2025-55182 and the Copperhedge component For [Blue|Purple] Teams in Cyber Defence · 41d ago NuGet Code Execution As A Service For [Blue|Purple] Teams in Cyber Defence · 41d ago aether: Aether is a Windows memory-forensics and threat hunting tool that scans live process memory for malicious pattern, detect injection techniques, implant signatures, reflectively loaded .NET assemblies For [Blue|Purple] Teams in Cyber Defence · 41d ago Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor For [Blue|Purple] Teams in Cyber Defence · 41d ago TA4922: The Suspected Chinese Crime Group is Going Global For [Blue|Purple] Teams in Cyber Defence · 41d ago [ Removed by Reddit ] For [Blue|Purple] Teams in Cyber Defence · 41d ago New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute BleepingComputer · 41d ago Physical Biometric device as a security measure..?? cybersecurity · 41d ago Espionage Campaign Targeted Stock Exchange Executive for Five Months For [Blue|Purple] Teams in Cyber Defence · 41d ago Cybersegurança cybersecurity · 41d ago Started Learning Cybersecurity cybersecurity · 41d ago InfraGard Application - Seeking Help | Student cybersecurity · 41d ago x86 assembly: Why you only need Paris to beat Pizza Tycoon (1994) Reverse Engineering · 41d ago Orientación en Ciberseguridad cybersecurity · 41d ago OnionAccelerator: multi-circuit / chunked download acceleration over Tor For [Blue|Purple] Teams in Cyber Defence · 41d ago Anthropic's coordinated vulnerability disclosure dashboard cybersecurity · 41d ago Hands Free: What LLM Driven Vulnerability Research Looks Like cybersecurity · 41d ago HazyBeacon and AWS Lambda Function URL Abuse For [Blue|Purple] Teams in Cyber Defence · 41d ago Real time Cybersecurity failures regarding Quantum computing/cryptography cybersecurity · 41d ago The Server Seizure That Affects Also Iran's Cyber Operations For [Blue|Purple] Teams in Cyber Defence · 41d ago How China's Cyber Operations – and the Contractors Behind Them – Target Critics Abroad For [Blue|Purple] Teams in Cyber Defence · 41d ago 🚨 PCPJack's SMTP Toolkit Dissected: 3 Deployer Generations, Multi-Arch Chisel, and a Full EHLO/STARTTLS Verification Loop Malware Analysis & Reports · 41d ago 🕵️♂️ PCPJack Hijacked 230 Cloud Servers to Send Email. Here's How They Did It. cybersecurity · 41d ago 🚨 🪱 How PCPJack Converted 230 Compromised Cloud Servers into a Hidden SMTP Relay Network For [Blue|Purple] Teams in Cyber Defence · 41d ago Wow64 implementation details: How is Wow64 implemented in Windows 11 25H2 Reverse Engineering · 41d ago A two-year-old RCE bug in Redis was just made public. An AI tool found it. The full exploit chain is out. cybersecurity · 41d ago Cisco Webex Meetings Cross-Site Scripting Vulnerability Cisco Security Advisory · 41d ago CISA warns of active attacks exploiting Android, Linux bugs cybersecurity · 41d ago Found some open ports on a govt site, should i report or stay quiet? cybersecurity · 41d ago What is a good way to keep track of passwords for programs that don't support password managers? cybersecurity · 41d ago CISA warns of active attacks exploiting Android, Linux bugs BleepingComputer · 41d ago ChatGPT Malvertising Campaign Malware Analysis & Reports · 41d ago Cybersecurity statistics of the week (May 25th - May 31st) cybersecurity · 41d ago ASN Emissions Index. Networks ranked by how much noise they create on the internet. cybersecurity · 41d ago Have you sold cve before? cybersecurity · 41d ago EU CRA mandatory vulnerability reporting enters into force September 11, 2026 — what the 24-hour obligation requires Technical Information Security Content & Discussion · 41d ago i want to become a pentester, but i don't know how to cybersecurity · 41d ago Recommendation Malware Analysis & Reports · 41d ago I’m not sure I’m in the right subreddit…. hacking: security in practice · 41d ago The OT Security Problem Nobody Wants to Own cybersecurity · 41d ago Don't Take Wednesday Off When You Manage Vulnerabilities cybersecurity · 41d ago I finally finished a production version after 4 yrds cybersecurity · 41d ago Support role pivot to cloud security cybersecurity · 41d ago Sysmon RegistryEvent exclude not overriding include rule for Event ID 13 For [Blue|Purple] Teams in Cyber Defence · 41d ago What 345 Days of Untested Exposure Looks Like at a Bank BleepingComputer · 41d ago Took me a decade to turn quantum computing into what hackers can easily learn hacking: security in practice · 41d ago Welp, we got a VMware antidetect ransomware/spyware/trojan before GTA 6! Malware Analysis & Reports · 41d ago How do you manage your passwords? cybersecurity · 41d ago The Expanding Attack Surface And How Identity Is Now The Primary Breach Vector Cyber Defense Magazine · 41d ago Mad rush to produce AI driven slop cybersecurity · 41d ago O Tails é seguro para acessar links suspeitos? cybersecurity · 41d ago Took me a decade of work to turn Quantum Computing into a fun videogame hacking: security in practice · 41d ago Interesting- What LLM vuln research looks like Technical Information Security Content & Discussion · 41d ago Cyber Essentials plus + "legacy" network segments cybersecurity · 41d ago Red Hat npm supply chain attack "Miasma" — 32 @redhat-cloud-services packages, SLSA bypass via OIDC abuse, new GCP/Azure identity collectors For [Blue|Purple] Teams in Cyber Defence · 41d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 41d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 41d ago Acer working to patch max severity zero-days in Wave 7 routers BleepingComputer · 41d ago Hacking your PC using your speaker without ever touching it Reverse Engineering · 41d ago Hacking your PC using your speaker without ever touching it Technical Information Security Content & Discussion · 41d ago Insight for OPSWAT deep CDR cybersecurity · 41d ago Android vs iOS cybersecurity · 41d ago ShinyHunters leaks Charter Communications data: 4.9M customer records exposed via a social-engineering attack on an employee's Microsoft account cybersecurity · 41d ago Police dismantles 9 crime groups in illegal streaming crackdown BleepingComputer · 41d ago Security Audits at an MSP cybersecurity · 41d ago [ Removed by Reddit ] cybersecurity · 41d ago Google adds Android protection against AI deepfake scam calls BleepingComputer · 41d ago Passkey registration breaks after moving off localhost.. cybersecurity · 41d ago Lessons for life: Why children’s data is a long-term identity risk WeLiveSecurity · 41d ago Lessons for life: Why children’s data is a long-term identity risk WeLiveSecurity · 41d ago Does your team hire fresh AI engineer who doesn't know anything about Security operations? cybersecurity · 41d ago UARs for Equation (banking system) cybersecurity · 41d ago Simple way how to bypass hotel WiFi? hacking: security in practice · 41d ago VS Code zero-day lets hackers steal GitHub tokens in one click hacking: security in practice · 41d ago Abusing iDEAL (Wero): how criminals weaponise legitimate payment links in phishing Technical Information Security Content & Discussion · 41d ago IoT pentesting cert cybersecurity · 41d ago Anthropic Expands Project Glasswing, Bringing AI Cyber Defense Tools to 150 More Organizations cybersecurity · 41d ago Experience with Tac Security cybersecurity · 41d ago Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content cybersecurity · 41d ago VS Code zero-day lets hackers steal GitHub tokens in one click BleepingComputer · 41d ago Golang code review notes II - elttam Technical Information Security Content & Discussion · 41d ago Using AI to Secure Its Generated Code Is a Ponzi Scheme Technical Information Security Content & Discussion · 41d ago Found Security Vulnerabilities in my university website cybersecurity · 41d ago burp-cc-bridge: Burp Suite Community REST API bridge (free alternative to Pro's REST API) hacking: security in practice · 41d ago Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign | Microsoft Threat Intelligence cybersecurity · 41d ago AI - Threat to the CyberSec Industry? cybersecurity · 41d ago Built a honeypot platform to catch lateral movement. How are you guys detecting this? cybersecurity · 41d ago How should small SaaS teams safely answer customer security questionnaires? cybersecurity · 41d ago Dependency Cooldowns - Dependency Cooldowns For [Blue|Purple] Teams in Cyber Defence · 41d ago Can AI Do Intelligence Analysis? Apparently Not. cybersecurity · 41d ago PROMPTPurify - 14MB Tiny Prompt Injection Guardrail Open Weight Model cybersecurity · 41d ago Regarding Certified Ethical Hacker (CEH Practical) exam cybersecurity · 41d ago Asking for advices on pursuing first CERTIFICATE cybersecurity · 41d ago I opened my own company and I can't find clients! cybersecurity · 41d ago ShinyHunters vaza dados de clientes da Spectrum após recusa de resgate da Charter cybersecurity · 41d ago C2 Frameworks - Threat Hunting in Action with YARA Rules For [Blue|Purple] Teams in Cyber Defence · 41d ago How big of a security risk or exploit would this be? hacking: security in practice · 41d ago Microsoft's Coreutils project brings Linux commands to Windows BleepingComputer · 41d ago Do you support the idea of creating a European commission that would issue special licenses for social media platforms, with standardized account creation rules and mandatory KYC (Know Your Customer) verification requirements across the EU? cybersecurity · 41d ago Anyone knows Quad9 dns ? cybersecurity · 41d ago OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models BleepingComputer · 41d ago KTO , Be the only one online -- on any WiFi network hacking: security in practice · 41d ago Critical Kirki flaw exploited to hijack WordPress admin accounts BleepingComputer · 41d ago Over 116,000 Mincraft systems infected in WeedHack malware campaign BleepingComputer · 41d ago Over 116,000 Minecraft systems infected in WeedHack malware campaign BleepingComputer · 41d ago Ransomware tabletop For [Blue|Purple] Teams in Cyber Defence · 41d ago FREE coffee at Cisco Live (I'm giving it away) NetworkChuck · 41d ago I've a fullstack dev, I'm devleoping my own authentication for my application, Can anyone help me for it's security aspects ? cybersecurity · 41d ago Greynoise swarm cybersecurity · 41d ago SecOT+ certification for free cybersecurity · 41d ago How is the state of the job market for mid-level security engineers? cybersecurity · 41d ago Is anyone else still coding manually to learn? The market will continue to hire people that know what's going on even if you can now use AI to code many things cybersecurity · 41d ago WaSteal Update: Infrastructure Pivoting Reveals 57 Additional Extensions, Campaign Now at 183 Total cybersecurity · 41d ago Laid off from TPRM job - need help on the future of my career cybersecurity · 41d ago News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces The Last Watchdog · 41d ago Tracking APT28 PixyNetLoader: Evolutions from 2024 to 2026 For [Blue|Purple] Teams in Cyber Defence · 41d ago Tracking North Korea Nation-State APT Infrastructure: Kimsuky For [Blue|Purple] Teams in Cyber Defence · 41d ago 새벽에 온 암호화 손님 Endpoint(Midnight) 랜섬웨어 분석 - Analysis of Endpoint (Midnight) Ransomware: The Encrypted Guest That Arrived at Dawn For [Blue|Purple] Teams in Cyber Defence · 42d ago From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services For [Blue|Purple] Teams in Cyber Defence · 42d ago AI-built ransomware toolkit automates EDR evasion, AD discovery BleepingComputer · 42d ago apparently bypassing school systems by playing games hacking: security in practice · 42d ago Anyone compared RoboShadow vs ConnectSecure for vulnerability management? cybersecurity · 42d ago Codex Discovered a Hidden HTTP/2 Bomb For [Blue|Purple] Teams in Cyber Defence · 42d ago Four coordinated npm supply chain campaigns active in May–June 2026 — TTPs, IOCs, and detection notes Technical Information Security Content & Discussion · 42d ago Top 5 Active Directory Pentesting Tools The Cyber Mentor · 42d ago Any one send vulnerability to MITRE? cybersecurity · 42d ago Need advice for a 30 min Security Apprenticeship interview cybersecurity · 42d ago Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs For [Blue|Purple] Teams in Cyber Defence · 42d ago Unpatched NTLM Coercion in Windows search: URI Handler, Same Bug, No CVE, No Fix For [Blue|Purple] Teams in Cyber Defence · 42d ago UltraViolet: your own Shodan, in Docker, with CVE/KEV/EPSS cybersecurity · 42d ago Microsoft insists Defender is enough for most PCs, but admits third‑party antivirus tools still offer extras it can’t match cybersecurity · 42d ago We Added a Detection Rule. We Were Not Expecting This. Technical Information Security Content & Discussion · 42d ago Introducing Microsoft Scout: Your always-on personal agent Microsoft 365 Blog · 42d ago Virustotal API as private data source cybersecurity · 42d ago DOD wants to integrate cyber in all operations, and integrate security into AI CyberScoop · 42d ago Resident Evil: Code Veronica X is now able 3D graphics from the decompiled source! Reverse Engineering · 42d ago Microsoft Exchange Online outage causes email delays, failures BleepingComputer · 42d ago Announcing the new Work IQ APIs Microsoft 365 Blog · 42d ago Microsoft Build 2026: Building agentic apps with Microsoft Fabric and Microsoft Databases Security | Microsoft Azure Blog | Microsoft Azure · 42d ago Trump administration releases scaled-back AI executive order CyberScoop · 42d ago Account Number Security Flaw cybersecurity · 42d ago Is Red Team Leaders Certification (RTL) actually useful for jobs or just for learning? cybersecurity · 42d ago A PoC to demonstrate that without PMF, MAC filtering at the AP level is the only thing stopping selective WiFi deauth cybersecurity · 42d ago Codex Lives In PowerShell Now NetworkChuck · 42d ago [ Removed by Reddit ] cybersecurity · 42d ago [ Removed by Reddit ] cybersecurity · 42d ago “Fellow practitioners — made some infosec merch that actually speaks our language. What security concepts would you want on a shirt?” For [Blue|Purple] Teams in Cyber Defence · 42d ago Instagram users locked out after Meta AI abused to steal accounts BleepingComputer · 42d ago Phishing simulation platform cybersecurity · 42d ago 1-Click GitHub Token Stealing via a VSCode Bug Technical Information Security Content & Discussion · 42d ago Just task about OSI model cybersecurity · 42d ago FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential The Last Watchdog · 42d ago Need help improving DNS Spy from a security tool angle cybersecurity · 42d ago Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild cybersecurity · 42d ago Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild Technical Information Security Content & Discussion · 42d ago Oracle's first monthly patch update just dropped 77 CVEs. cybersecurity · 42d ago Cleaning up after a legacy service account breach. How are you handling automated secrets discovery? cybersecurity · 42d ago Airbus digital apprenticeship cybersecurity · 42d ago Built a decompiler for exotic legacy programming language opentext Gupta Team Developer Reverse Engineering · 42d ago Always-On Red Teams hacking: security in practice · 42d ago Why the browser is now the front line for AI security BleepingComputer · 42d ago Anthropic expanding access to Project Glasswing CyberScoop · 42d ago Anthropic is expanding Project Glasswing — giving 150 more critical infrastructure orgs access to Claude Mythos to scan for vulnerabilities cybersecurity · 42d ago [An RX Global Event] Infosecurity Europe darkreading · 42d ago Officials Confirm Early Rollout Of CMMC Requirements At CMMC Northeast Summit Cyber Defense Magazine · 42d ago This is a scam and probably a malware/trojan. Path Of Exile 2 builder ... Malware Analysis & Reports · 42d ago CISA flags two-year-old Oracle flaw as actively exploited in attacks BleepingComputer · 42d ago Google fixes one actively exploited Android zero-day, 124 flaws cybersecurity · 42d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 42d ago CISA and Partners Urge Hardening Automatic Tank Gauge Systems All CISA Advisories · 42d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 42d ago Can elections be hacked? Modern day computational propaganda techniques described by the EU's East Stratcom Task Force cybersecurity · 42d ago Parsing Cisco IOS configs for CIS Auditing: Why regex fails on block contexts, and how are you handling offline static analysis? cybersecurity · 42d ago Security Architects who who actively use modelling - What's your approach? cybersecurity · 42d ago PAN-OS authentication bypass bug added to list of exploited vulnerabilities cybersecurity · 42d ago Google fixes one actively exploited Android zero-day, 124 flaws BleepingComputer · 42d ago I have extreme anxiety about being hacked cybersecurity · 42d ago Fresher cybersecurity · 42d ago Iran is using Western AI services to help with phishing, malware support and military research while building a domestic platform at Sharif For [Blue|Purple] Teams in Cyber Defence · 42d ago Malicious Registrations in the Domain Name Market: An Analysis of gTLD Registrations and Cybercriminal Demand For [Blue|Purple] Teams in Cyber Defence · 42d ago Hackers Used Meta AI Bot to Hijack Instagram Accounts in Major Security Breach cybersecurity · 42d ago Career advice needed! cybersecurity · 42d ago LLMShare: using shared chatbot pages to distribute malware Malware Analysis & Reports · 42d ago GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure cybersecurity · 42d ago Google sr. security engineer interview cybersecurity · 42d ago Is offensive AI actually changing cybersecurity, or are we overestimating the impact? cybersecurity · 42d ago Multiple Red Hat NPM packages victim of Mini Shai-Hulud Miasma wave cybersecurity · 42d ago is emerald chat safe? cybersecurity · 42d ago Gamaredon’s gifts that keeps unpacking - GammaPhish and GammaWorm For [Blue|Purple] Teams in Cyber Defence · 42d ago Does anyone on this subreddit who has an VirusTotal premium account can help me with something important ? cybersecurity · 42d ago ClickJack in the wild cybersecurity · 42d ago NuGet Code Execution As A Service Technical Information Security Content & Discussion · 42d ago Thoughts on A.I assisted Malware Analysis? cybersecurity · 42d ago 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access cybersecurity · 42d ago What articles do you use for cybersecurity news? (2026) cybersecurity · 42d ago Is anyone using agents in regulated industries? How do you make sure sensitive data doesn't go back to the AI provider? cybersecurity · 42d ago Roadmap and Training Recommodation cybersecurity · 42d ago Attackers are exploiting Palo Alto Networks defect that initially flew under the radar CyberScoop · 42d ago I managed to pull the full system prompt for Meta's Support AI hacking: security in practice · 42d ago Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks BleepingComputer · 42d ago Les anti-triche de niveau noyau et leur risque de sécurité cybersecurity · 42d ago Harassing text messages hacking: security in practice · 42d ago Asked to Send Sensitive Documents via MMS cybersecurity · 42d ago Red Hat npm packages compromised to steal developer credentials BleepingComputer · 42d ago SC-200 compared to CC (isc2) cybersecurity · 42d ago Spain arrests doxer leaking sensitive data of govt employees BleepingComputer · 42d ago running custom firmware / patching the stock firmware of the soundcore headphones and running DOOM on it! Reverse Engineering · 42d ago Blind POST SSRF in phpBB 4.0.0-alhpa1 Web Push (CVD with phpBB) Technical Information Security Content & Discussion · 42d ago Every SaaS Company Is Accidentally Building Meta's Instagram Vulnerability Right Now cybersecurity · 42d ago Looking to move off KB4, what are people actually using these days? cybersecurity · 42d ago Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight CyberScoop · 43d ago Got my Security+. What's next? cybersecurity · 43d ago I'm Moderating My First Panel… Come see me at Cisco Live NetworkChuck · 43d ago Vulnerability Summary for the Week of May 25, 2026 cybersecurity · 43d ago RedSun: Exploiting Windows Defender's Remediation Workflow for Local Privilege Escalation For [Blue|Purple] Teams in Cyber Defence · 43d ago Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages For [Blue|Purple] Teams in Cyber Defence · 43d ago Cybersecurity (CYBER); Cyber Resilience Act (CRA); Cybersecurity requirements for routers, modems intended for the connection to the internet and switches For [Blue|Purple] Teams in Cyber Defence · 43d ago REMINDER: FINAL deadline for HOPE Talks & Workshops is TODAY! hacking: security in practice · 43d ago Malware cybersecurity · 43d ago Dashlane password manager users locked out by brute force attacks BleepingComputer · 43d ago Alternative Search Engine to Utilize in 2026? cybersecurity · 43d ago Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked cybersecurity · 43d ago Miasma: Supply Chain Attack Targeting RedHat npm Packages For [Blue|Purple] Teams in Cyber Defence · 43d ago USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order CyberScoop · 43d ago Switching back to Windows?!? NetworkChuck · 43d ago Windows Server vulnerability can grant system privileges with just a malformed packet — domain controllers are being exploited in the wild cybersecurity · 43d ago Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers cybersecurity · 43d ago Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Krebs on Security · 43d ago Hacking Palo Alto Networks' GlobalProtect VPN with AI hacking: security in practice · 43d ago AI compliance cybersecurity · 43d ago Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm cybersecurity · 43d ago WordPress malware campaign hides payloads in Steam profiles BleepingComputer · 43d ago Is TeamPCP a Russian-affiliated APT? How can preventive security principles assist defending ecosystems against attacks on software supply chains? cybersecurity · 43d ago MacBook or Windows Laptop for Cybersecurity cybersecurity · 43d ago What's the most creative MFA bypass you've seen? cybersecurity · 43d ago @redhat-cloud-services npm scope backdoored with valid signed SLSA provenance; recovered the GitHub commit-search dead-drop C2 markers For [Blue|Purple] Teams in Cyber Defence · 43d ago Research Notes from Building a Windows Event Log Hunting Workflow cybersecurity · 43d ago Analyzed 24 months of ransomware leak-site posts. 84% land on weekdays, not at 3am. hacking: security in practice · 43d ago How to fix securityheaders scan X-Frame-Options and Content-Security-Policy ?? cybersecurity · 43d ago Free AI tools for TPRM? cybersecurity · 43d ago incomplete phone number from togo, need help reporting to police cybersecurity · 43d ago NPM packages from RedHat Compromised cybersecurity · 43d ago Linux Copy Fail CVE-2026-31431: KEV Privilege Escalation on Shared Build Hosts cybersecurity · 43d ago Microsoft investigates Office Apps, Teams file access issues BleepingComputer · 43d ago SOC Analyst working towards Threat Intelligence cybersecurity · 43d ago Is XSS possible through PDFs? cybersecurity · 43d ago Race Against Time: Why Faster Vulnerability Alerts Matter BleepingComputer · 43d ago Dutch Police and NCSC dismantle 17-million-device botnet running on 200 servers seized from local hosting provider Technical Information Security Content & Discussion · 43d ago r/netsec monthly discussion & tool thread Technical Information Security Content & Discussion · 43d ago The Next AI Governance Failure Won’t Be the Model cybersecurity · 43d ago Poisoning Claude Code: One GitHub Issue to Break the Supply Chain Technical Information Security Content & Discussion · 43d ago Microsoft MFA Is Down Again cybersecurity · 43d ago Started my first writeup - Sherlock NeuroSync-D (CVE-2025-29927) cybersecurity · 43d ago How I Found My First $3,000 AI Vulnerability NahamSec · 43d ago Stealing Passwords via HTML Injection Under a Strict CSP Technical Information Security Content & Discussion · 43d ago Computer logic or Science cybersecurity · 43d ago Critical Windows Netlogon RCE flaw now exploited in attacks BleepingComputer · 43d ago Webinar tomorrow: From alert to resolution in network incident response BleepingComputer · 43d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 43d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 43d ago I am a Full Stack Developer but I want to switch to a cybersecurity centered position. Which positions should I prepare for? cybersecurity · 43d ago What C2s Are You Using cybersecurity · 43d ago Microsoft confirms outage affecting MFA, My Sign-Ins platform BleepingComputer · 43d ago Microsoft fixes outage affecting MFA setup, MySignIn service BleepingComputer · 43d ago Microsoft fixes KB5089549 Windows security update install issues BleepingComputer · 43d ago Best AI LLM for Hacking related stuff hacking: security in practice · 43d ago PNPT Exam cybersecurity · 43d ago Election threats are focused on campaign systems, not voting machines CyberScoop · 43d ago What do you do when a supplier refuses or lacks a reporting clause on vendor incident notification? cybersecurity · 43d ago Feels like most people ignore the wireless layer until it bites them hacking: security in practice · 43d ago Any appsec engineer working in fortune 500? cybersecurity · 43d ago I'm developing an IDS/EDR. I need suggestions which blind spots I have, whats missing and what should be added next cybersecurity · 43d ago Anyone transition from AWS Data Center Operations to InfoSec? cybersecurity · 43d ago I think my account got hacked but it's weird cybersecurity · 43d ago Subnet discovery through multi-protocol TTL tracing Technical Information Security Content & Discussion · 43d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 43d ago current market for detecting deepfakes? cybersecurity · 43d ago Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts via prompt injection with bot - now patched For [Blue|Purple] Teams in Cyber Defence · 43d ago Worried about friend being doxxed on doxbin cybersecurity · 43d ago Tracking The Trackers: Commercial Surveillance Occurring on U.S. Army Networks For [Blue|Purple] Teams in Cyber Defence · 43d ago Meta AI Recovery Flow Reportedly Bypassed 2FA: A Lesson in Privilege Boundaries For [Blue|Purple] Teams in Cyber Defence · 43d ago how to shift from a service based company to a product based one in cybersecurity ? cybersecurity · 43d ago Meta AI Password Reset Flaw Reportedly Bypassed Instagram 2FA cybersecurity · 43d ago Cuál es el mejor curso (con certificado) que puedo hacer para empezar en el mundo del hacking? hacking: security in practice · 43d ago Sapphire Sleet Targets macOS in Multi-Stage Intrusion Campaign For [Blue|Purple] Teams in Cyber Defence · 43d ago Claude AI user data directory exfiltration via malicious npm package cybersecurity · 43d ago Need help as a beginner. How do I start with Ghidra? Any good guides to start? Is Ada Pro better? Etc. What do you recommend me to start from? Reverse Engineering · 43d ago Bitdefender blocking amd stuff? False positive or? cybersecurity · 43d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 43d ago Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet Trend Micro Research, News, Perspectives · 43d ago did they have my password?? what triggers this specific email??? instagram HELP. cybersecurity · 43d ago How to Unpack FlawedAmmyy - Malware Unpacking Tutorial Malware Analysis & Reports · 43d ago ATTENTION: Dashlane may have been breached. (Password manager). cybersecurity · 43d ago Can anyone figure out how to retrieve the recovery key in signal app? hacking: security in practice · 43d ago Norton blocked a “malicious script”? cybersecurity · 43d ago Need Advice: Ex Claims He Still Has Access to My Mac/iCloud After Resets and New Accounts cybersecurity · 43d ago Security researchers have uncovered a new attack technique that lets malicious websites spy on your browsing activity through hard drive. cybersecurity · 43d ago I wrote about the 5 biggest threats in 2026, curious what this community thinks. cybersecurity · 44d ago MSPs: What evidence do cyber insurance underwriters ask you for that is hardest to produce? cybersecurity · 44d ago Atomdrift - open-source malware detection for the software supply chain For [Blue|Purple] Teams in Cyber Defence · 44d ago Im new to cybersecurity and have a iPhone 7 (iOS 15.8.5) I wanna pentest, any suggestions? cybersecurity · 44d ago NetworkChuck cybersecurity · 44d ago LLM for creating phishing tool cybersecurity · 44d ago Why are we still treating IAM like a compliance checkbox? cybersecurity · 44d ago Polyfill pop up? cybersecurity · 44d ago ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding Technical Information Security Content & Discussion · 44d ago Building A Malware Lab From Scratch! Malware Analysis & Reports · 44d ago ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding Reverse Engineering · 44d ago WP Maps Pro bug exploited to create admin accounts on WordPress sites BleepingComputer · 44d ago SecAI+ difficulty question cybersecurity · 44d ago $730k+ raised on Proxmark5 with 2150 backers hacking: security in practice · 44d ago Could you guys give an honest feedback to a completely automated ssrf attack tool? cybersecurity · 44d ago tengo 61 y mi famila y amigos me espian I am 61 and my family and friends spy on me cybersecurity · 44d ago Microsoft Joined the DMARC Club cybersecurity · 44d ago Help. cybersecurity · 44d ago Vibe Coding Security cybersecurity · 44d ago I made an image SynthID remover, video and image phone/location metadata injector. Free to try! (this one actually works) hacking: security in practice · 44d ago Looking for a Company to Partner With cybersecurity · 44d ago Best reporting tools? cybersecurity · 44d ago What actually moved the needle on our alert fatigue (Wazuh + some automation, lessons after ~6 months) cybersecurity · 44d ago Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens For [Blue|Purple] Teams in Cyber Defence · 44d ago How Can Polyfill.io Still Act Maliciously? cybersecurity · 44d ago 179 npm Packages Target Cloud and Finance via oob.moika.tech For [Blue|Purple] Teams in Cyber Defence · 44d ago KB4853: Vulnerability Resolved in Veeam Service Provider Console 9.2.1 - "A vulnerability in Veeam Service Provider Console allows for remote code execution." - CVSS 9.4 For [Blue|Purple] Teams in Cyber Defence · 44d ago Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs For [Blue|Purple] Teams in Cyber Defence · 44d ago Hawk: Golang tool designed to exfiltrate passwords found via the sshd and su services For [Blue|Purple] Teams in Cyber Defence · 44d ago TinyLoad v7 - what i added :D (in memory protection using VEH and alot more) Reverse Engineering · 44d ago EvilTokens and OAuth Abuse: How Device Code Phishing Bypasses MFA For [Blue|Purple] Teams in Cyber Defence · 44d ago Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace For [Blue|Purple] Teams in Cyber Defence · 44d ago Signal macOS Desktop App Doesn't Actually Delete Messages When it Should For [Blue|Purple] Teams in Cyber Defence · 44d ago Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan For [Blue|Purple] Teams in Cyber Defence · 44d ago WHQL-signed kernel driver keylogger, likely deployed as an anti-cheat BYOVD For [Blue|Purple] Teams in Cyber Defence · 44d ago Any idea who's behind this hack? How to resolve it? hacking: security in practice · 44d ago Typosquatted npm packages used to steal cloud and CI/CD secrets For [Blue|Purple] Teams in Cyber Defence · 44d ago Need THM voucher code for cheap? Any known seller? cybersecurity · 44d ago Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2 For [Blue|Purple] Teams in Cyber Defence · 44d ago Malicious npm packages abuse dependency confusion to profile developer environments For [Blue|Purple] Teams in Cyber Defence · 44d ago Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257) For [Blue|Purple] Teams in Cyber Defence · 44d ago Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attack For [Blue|Purple] Teams in Cyber Defence · 44d ago CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities - "Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied." For [Blue|Purple] Teams in Cyber Defence · 44d ago Dissecting an Undocumented Lua-Wrapped Loader: The BoldTealLayer Campaign For [Blue|Purple] Teams in Cyber Defence · 44d ago SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks. For [Blue|Purple] Teams in Cyber Defence · 44d ago EDR Incident Response Playbook: Containing Local Account Incidents For [Blue|Purple] Teams in Cyber Defence · 44d ago Adversarial Oracles: LLM-Guided EDR Signature Reduction For [Blue|Purple] Teams in Cyber Defence · 44d ago One click—and you’re spied on: GFF files criminal complaint alongside journalist Trung Khoa Lê following spyware attack - GFF For [Blue|Purple] Teams in Cyber Defence · 44d ago proxy: A lightweight caching proxy for package registries. For [Blue|Purple] Teams in Cyber Defence · 44d ago How OLTs may have exposed entire ISP networks For [Blue|Purple] Teams in Cyber Defence · 44d ago Ghost passwords? cybersecurity · 44d ago Years ago, NSA released their own NSA Python training PDF . Today I created a curriculum around it hacking: security in practice · 44d ago A miner with a side of RAT: the unintended gift with your TV show or book - Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years For [Blue|Purple] Teams in Cyber Defence · 44d ago HunterAgent: Neuro-Symbolic Attack Trace Reconstruction under Anti-Forensics For [Blue|Purple] Teams in Cyber Defence · 44d ago Honeyval: A Comprehensive Evaluation Framework for LLM-powered HTTP Honeypots For [Blue|Purple] Teams in Cyber Defence · 44d ago Security of OpenClaw Agents: Fundamentals, Attacks, and Countermeasures For [Blue|Purple] Teams in Cyber Defence · 44d ago Lessons from Penetration Tests on Large-Scale Agent Systems For [Blue|Purple] Teams in Cyber Defence · 44d ago pydepgate: A zero dependency lightweight static analyzer designed for adversarial-shape code in python to detect supply chain attacks before they reach your interpreter. For [Blue|Purple] Teams in Cyber Defence · 44d ago [ Removed by Reddit ] Reverse Engineering · 44d ago Was a stipulation in my offer letter that I was required to obtain my CISM certification in 6 months... I did not. cybersecurity · 44d ago Snowboard Kids 2 is 100% Decompiled Reverse Engineering · 44d ago LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions Technical Information Security Content & Discussion · 44d ago LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions cybersecurity · 44d ago Anyone else having Chatgpt Strikes / Violations while learning cybersecurity? cybersecurity · 44d ago Blue Team tips? hacking: security in practice · 44d ago Working at Cisco, worth it? cybersecurity · 44d ago Want to Learn Cybersecurity in 2026 – Need Guidance, Roadmap, Tools, Resources & AI Advice cybersecurity · 44d ago usbsnoop — sniff and decode USB device traffic system-wide with eBPF, for reversing proprietary protocols (control/SCSI/HID, no bus analyzer) Reverse Engineering · 44d ago CIFSwitch: a non-universal Linux local root vulnerability For [Blue|Purple] Teams in Cyber Defence · 44d ago Are you pen testing AI Agents? cybersecurity · 44d ago Question of android malware cybersecurity · 44d ago External attack surface: how are you correlating DNS, SSL, and IP reputation today? cybersecurity · 44d ago edit certified pdf hacking: security in practice · 44d ago how do i properly setup 2fa and bitwarden? cybersecurity · 45d ago Hacking India's Largest Exam Evaluation Portal: From Authentication Bypass to Full Account Takeover (Covered by BBC) cybersecurity · 45d ago i need a partner to learn coding with me and have fun too,Hey, I'm 16 and just started learning cybersecurity and coding. I'm looking for a coding buddy around beginner level. We can learn Python, web development, and build small projects together. Anyone interested? cybersecurity · 45d ago Question for teams running parallel agents: Would you actually pay for a deterministic control plane, or are we all just building custom wrappers forever? cybersecurity · 45d ago I reverse engineered how Plex gates its Pass features, then wrote a tiny patch that flips them all on (Linux) Reverse Engineering · 45d ago Can Steam Cloud Files Transfer Malware cybersecurity · 45d ago I bought an old phone from 2018 and wanna destroy it with viruses for fun Malware Analysis & Reports · 45d ago Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks BleepingComputer · 45d ago HackTheBox - Interpreter IppSec · 45d ago Web-Based Indirect Prompt Injection To Push A Malicious Chrome Extension For [Blue|Purple] Teams in Cyber Defence · 45d ago Questions for the cloud security engineers cybersecurity · 45d ago DriverSentinel: DriverSentinel is a security tool developed in Go that detects malicious and vulnerable drivers on Windows systems by comparing them against the LOLDrivers.io database. For [Blue|Purple] Teams in Cyber Defence · 45d ago Visual Studio Extensions Revisited For [Blue|Purple] Teams in Cyber Defence · 45d ago Thoughts on this as a starter and doing bug bounty on the side cybersecurity · 45d ago Supply Chain Compromises Impact Nx Console and GitHub Repositories For [Blue|Purple] Teams in Cyber Defence · 45d ago How are new SC-200 candidates practicing labs without an E5 Developer tenant? cybersecurity · 45d ago New CIFSwitch Linux flaw gives root on multiple distributions BleepingComputer · 45d ago Everyday hacking in our lives - transportation, work, finances, goods etc hacking: security in practice · 45d ago Digital Trap: Iran Uses Selective Internet Restoration to Track and Arrest January Protesters Technical Information Security Content & Discussion · 45d ago Getting OTP spammed from every app and website I've ever used. Should I be worried? cybersecurity · 45d ago BYOVD and Looting LSASS in the Modern EDR Era For [Blue|Purple] Teams in Cyber Defence · 45d ago A browser tool for checking contractor insurance certificates cybersecurity · 45d ago Am I getting screwed? cybersecurity · 45d ago SECODER | Security Coding Challenges for SOC Analysts & Detection Engineers cybersecurity · 45d ago PAN-OS added to KEV, Langflow exploit activity, and a surprising Windows EPSS jump — today's most actionable vulnerability signals [Threat Intel 2026/5/29} cybersecurity · 45d ago CTO at NCSC Summary: week ending May 31st cybersecurity · 45d ago CTO at NCSC Summary: week ending May 31st For [Blue|Purple] Teams in Cyber Defence · 45d ago BountyLabs — Bug Bounty Training with Labs, Challenges, and AI Mentorship cybersecurity · 45d ago OffensiveCon26 videos For [Blue|Purple] Teams in Cyber Defence · 45d ago Need suggestion cybersecurity · 45d ago Malware escaped browser without downloading files, then escaped a virtual machine Malware Analysis & Reports · 45d ago [INDIA] Need Advice: Shared mobile number risk on a joint minor account after a small P2P trade (P2P Fraud / Bank Freeze Anxiety) cybersecurity · 45d ago Was Dave Bittner interviewing an AI? cybersecurity · 45d ago CTF for complete beginner cybersecurity · 45d ago Hitting a plateau after 2 years in Web Security: How do I transition from standard OWASP bugs to finding CVEs and novel techniques? cybersecurity · 45d ago First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security Reverse Engineering · 45d ago AI-Era Cyber Risk Standards cybersecurity · 45d ago BEC Victim - Attacker replied inside a real email thread using a lookalike domain cybersecurity · 45d ago School Survey, (non-paid nothing its free its for my grades) For [Blue|Purple] Teams in Cyber Defence · 45d ago Question for those who transitioned from remote to work from anywhere cybersecurity · 45d ago Website Keeps Getting Falsely Flagged as Phishing/Malicious By Security Vendors cybersecurity · 45d ago Do you enjoy what you do or do you wish you could go back in time and change it? cybersecurity · 45d ago Is understanding how API keys, public/private keys, and secrets actually work necessary to work in cyber? cybersecurity · 45d ago A practical checklist for evaluating npm packages (supply chain attacks, slopsquatting, etc.) Technical Information Security Content & Discussion · 45d ago For those who made the jump to independent cybersecurity consulting, what was the hardest part of the first year? cybersecurity · 45d ago Name That Toon: Mark of (Cybersecurity) Progress darkreading · 45d ago Is a basic understanding of PKI and Public Key Cryptography necessary to work in cyber ? cybersecurity · 45d ago Do you think AI will make cybersecurity products/services cheaper over the next 5-10 years? cybersecurity · 46d ago Botnet of more than 17 million devices dismantled cybersecurity · 46d ago Exposed credentials on logs cybersecurity · 46d ago Do you think this is legit or has the website been compromised? hacking: security in practice · 46d ago Introducing Keyhog: The First GPU Accelerated secret scanner Technical Information Security Content & Discussion · 46d ago What do you think is the biggest cybersecurity risk for small businesses in 2026? cybersecurity · 46d ago Wanted to shift to cloud security, but have some questions cybersecurity · 46d ago OffensiveCon26 YouTube Playlist released Technical Information Security Content & Discussion · 46d ago Who actually owns the AI in your company? NetworkChuck · 46d ago Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments For [Blue|Purple] Teams in Cyber Defence · 46d ago LLMShare: how attackers are turning AI chatbot pages into malware delivery platforms For [Blue|Purple] Teams in Cyber Defence · 46d ago ChatGPT share links abused to host fake outage pages to deliver malware BleepingComputer · 46d ago Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 CyberScoop · 46d ago California AG sues 23andMe over 2023 breach exposing health data BleepingComputer · 46d ago Zero Trust is Overrated? Navigating the Complexity cybersecurity · 46d ago Test API post with flair cybersecurity · 46d ago Warning on MAD20 Subscriptions: $500 Blind Auto-Renewals and Hostage Certifications cybersecurity · 46d ago How Do You Handle the Massive Amount of Information in the CPTS Path? cybersecurity · 46d ago Wanna learn cybersecurity & ethical hacking hacking: security in practice · 46d ago LogMonitor — open-source Python tool for real-time failed login detection with multi-channel alerting For [Blue|Purple] Teams in Cyber Defence · 46d ago Help an upcoming cybersecurity engineer! cybersecurity · 46d ago Repeated Microsoft MFA attempts even after password change cybersecurity · 46d ago I’ve seen ppl get flamed online for ever thinking they’re hacked/being monitored but Malware Analysis & Reports · 46d ago Do you guys take paper notes or digital ones during studying ? hacking: security in practice · 46d ago What Is Device Intelligence and How Does It Stop Fraud? cybersecurity · 46d ago [FOSS Tool] WiFi-SpiderWeb V2.0: Active Cyber Defense for OpenWrt Routers with Live Radar Sweep (Python + SSE) cybersecurity · 46d ago Federal audit reveals NIST’s NVD is plagued by poor planning and duplication CyberScoop · 46d ago Ghidra 12.1.1 has been released! Reverse Engineering · 46d ago IBM commits $5 billion to secure open-source software cybersecurity · 46d ago Structuring an AI-Assisted Pentesting Homelab for a Final Year Project cybersecurity · 46d ago Are teams actually monitoring LLM traffic in production environments? cybersecurity · 46d ago How to protect passwords from memory scraping/API hooking on a compromised target machine during a remote session? (No Admin access, No 2FA) cybersecurity · 46d ago Raspberry pi cybersecurity · 46d ago Asia's Cyber Insurance Market Shows Signs of Life darkreading · 46d ago What is the biggest obstacle to using AI safely in a company? cybersecurity · 46d ago From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market BleepingComputer · 46d ago Dutch govt disrupts malware botnet with 17 million infected devices BleepingComputer · 46d ago Advice going forward cybersecurity · 46d ago MCP Firewall help cybersecurity · 46d ago I wanted to shift to security but people told me the market is extremely bad, is that true? cybersecurity · 46d ago Best Personality Type/Traits for Working in Cyber Security cybersecurity · 46d ago Identifying attack patterns through kernel frame callstacks For [Blue|Purple] Teams in Cyber Defence · 46d ago A fake freelance job interview almost installed malware on my PC cybersecurity · 46d ago Is there a viable career path here or am I just being delusional? cybersecurity · 46d ago With Complex Cloud Integrations, Small Errors Lead to Major Compromises darkreading · 46d ago What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks cybersecurity · 46d ago Evaluation taxonomy for cyber threat intelligence (CTI) quality and conversion quality in workflows such as MISP/STIX exchange and CTI Transmute, covering relevance, accuracy, timeliness, clarity, specificity, format validity, conversion fidelity, and usefulness For [Blue|Purple] Teams in Cyber Defence · 46d ago Google Chrome adds session cookie theft protection for all users BleepingComputer · 46d ago 'The Com' Cyberattacks Support Violence & Sexploitation darkreading · 46d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 46d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 46d ago How do enterprises actually prevent developers from exfiltrating source code? cybersecurity · 46d ago Man sent to prison for selling data of 7 millions elderly Americans BleepingComputer · 46d ago I have a datastealer malware cybersecurity · 46d ago Dúvida de carreira. cybersecurity · 46d ago US charges Google security engineer with Polymarket insider trading BleepingComputer · 46d ago Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace cybersecurity · 46d ago Need Cloud Security Engineer simulator to learn the Job. I need to be more hands on with running tools ,Please advise thank you. Your resources are appreciated cybersecurity · 46d ago is SIEM really needed here ? cybersecurity · 46d ago Decompiled an app, found a bunch of secrets, what now? cybersecurity · 46d ago What safety boundary would you expect from a local AI incident investigation tool? For [Blue|Purple] Teams in Cyber Defence · 46d ago Can someone give me a correct method for learning reverse engineering? cybersecurity · 46d ago 1,001 IPs, 64 countries, one operation: mapping a botnet by its back end · HoneyLabs blog Technical Information Security Content & Discussion · 46d ago Authenticated RCE via Argument Injection in Gogs (NOT FIXED) For [Blue|Purple] Teams in Cyber Defence · 46d ago Charter Communications data breach affects 4.9 million accounts BleepingComputer · 46d ago Critical Gogs Zero-Day RCE Remains Unpatched After 2+ Months cybersecurity · 46d ago GRC Advise cybersecurity · 46d ago [ Removed by Reddit ] cybersecurity · 46d ago Did something happen to haveibeenpwned? Any alternatives? cybersecurity · 46d ago I evaluated 5 LLM agents on patching real-world CVEs. Here is what I found. Technical Information Security Content & Discussion · 46d ago This month in security with Tony Anscombe – May 2026 edition WeLiveSecurity · 46d ago This month in security with Tony Anscombe – May 2026 edition WeLiveSecurity · 46d ago How do people actually modify mobile games to increase their power? hacking: security in practice · 46d ago Why I Built My Own LLM Benchmark for THOR Finding Triage For [Blue|Purple] Teams in Cyber Defence · 46d ago RAT SUSPECTED cybersecurity · 46d ago Casdoor contains multiple authentication bypass and access management vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 46d ago The approval prompt is lying: a critical coding agent security flaw - A symlink-hijack RCE in six AI coding agents For [Blue|Purple] Teams in Cyber Defence · 46d ago GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations For [Blue|Purple] Teams in Cyber Defence · 46d ago Inside a 176-Package npm Campaign Built to Beat Your Internal Dependencies For [Blue|Purple] Teams in Cyber Defence · 46d ago Malware seller hunted across three continents For [Blue|Purple] Teams in Cyber Defence · 46d ago Romanian National Sentenced for Selling Access to Networks of Oregon State Government Office and Other U.S. Victims For [Blue|Purple] Teams in Cyber Defence · 46d ago Law firm Wiley Rein hit with class action over data breach tied to Chinese hackers For [Blue|Purple] Teams in Cyber Defence · 46d ago Gezamenlijke actie politie en NCSC legt groot botnetwerk plat | Joint police and NCSC NL operation shuts down large bot network For [Blue|Purple] Teams in Cyber Defence · 46d ago How do people afford certificate s? cybersecurity · 46d ago I’m curious — what’s one cybersecurity tip you wish more people knew before getting hacked or scammed? cybersecurity · 46d ago Technical Brief of Planck-99: 34ns Deterministic Malware Classification on MCU-class Hardware (Zero FPU, 27KB footprint) Reverse Engineering · 46d ago Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations. cybersecurity · 46d ago Introducing Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet in plain English; get a narrative answer with containment recommendations. For [Blue|Purple] Teams in Cyber Defence · 46d ago Phone Forwarding cybersecurity · 46d ago Opinions on running Full Microsoft E5 Security Stack cybersecurity · 46d ago Claiming "XDR" cybersecurity · 46d ago Typosquatted npm packages used to steal cloud and CI/CD secrets cybersecurity · 46d ago Why Loyalty Programs Are Quietly Becoming a Security Blind Spot hacking: security in practice · 46d ago Fooling around with encrypted reasoning blobs Technical Information Security Content & Discussion · 46d ago CALIF: An AI audit of FreeBSD Technical Information Security Content & Discussion · 46d ago Microsoft security cybersecurity · 46d ago Need help regarding building a home lab cybersecurity · 46d ago Should I turn on passwordless accounts for all my Microsoft accounts? cybersecurity · 46d ago Transitioning from AWS Data Center Operations to Security Engineering cybersecurity · 46d ago CoreEvent GraphQL API – BOLA/IDOR exposing 10k+ records (PII, ticket QR codes) via unauthenticated queries Technical Information Security Content & Discussion · 46d ago Probably the wrong place. cybersecurity · 46d ago Anthropic confirms Claude Mythos-class models will roll out to the public BleepingComputer · 46d ago What after IT helpdesk? cybersecurity · 46d ago As Global Powers Explore Humanoid Robots, Cyber-Risk Looms darkreading · 46d ago News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit The Last Watchdog · 46d ago Ajuda pessoal hacking: security in practice · 46d ago VMP 3.5+ Internal Architecture & Heap Dispatch Analysis Reverse Engineering · 46d ago GreyVibe hackers use ChatGPT, Gemini to power cyberattacks BleepingComputer · 46d ago How are you security-testing API changes before production without slowing CI/CD? cybersecurity · 46d ago Are we trusting update repos or are you all extra paranoid now as well? cybersecurity · 46d ago Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops cybersecurity · 46d ago BTMOB Android malware service generates custom phishing payloads BleepingComputer · 46d ago Prevent supply chain attacks cybersecurity · 46d ago The C-suite job that's burning people out faster than any other For [Blue|Purple] Teams in Cyber Defence · 46d ago New OSINTDomain Update: Domain OSINT Analysis with AI Agent Interpretation For [Blue|Purple] Teams in Cyber Defence · 46d ago Cybersecurity Authorities Issue Joint Guidance on the Adoption of Agentic AI Systems cybersecurity · 46d ago SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer For [Blue|Purple] Teams in Cyber Defence · 46d ago FBI warns of fake FIFA websites running World Cup fraud schemes cybersecurity · 47d ago Frieren: an open-source framework for WiFi Pineapple-style OpenWrt security appliances For [Blue|Purple] Teams in Cyber Defence · 47d ago Hackers are trying to steal Signal users' backups in new wave of phishing attacks cybersecurity · 47d ago The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN Technical Information Security Content & Discussion · 47d ago Samy Kamkar on building viruses, his arrest and privacy in the LLM era hacking: security in practice · 47d ago 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface For [Blue|Purple] Teams in Cyber Defence · 47d ago FBI warns of fake FIFA websites running World Cup fraud schemes BleepingComputer · 47d ago Visual Studio Extensions Revisited Technical Information Security Content & Discussion · 47d ago Dutch Raid Fails to Dent Russian Bulletproof Host darkreading · 47d ago APT Activity Report: CONFLICT-INFORMED ESPIONAGE: MONITORING OIL SHIPMENTS, TARGETING DRONE MAKERS - October 2025-March 2026 For [Blue|Purple] Teams in Cyber Defence · 47d ago Incident Response Testing Preparation cybersecurity · 47d ago Introducing Microsoft 365 Business with Copilot: The new standard for small business Microsoft 365 Blog · 47d ago Kevin Mandia is speaking in NOVA on June 10 — probably the most candid you'll ever hear him outside of a major conference cybersecurity · 47d ago House panel poised to hold hearing centered on AI impact on cyber CyberScoop · 47d ago [Open-Source] WiFi-SpiderWeb: Turn any OpenWrt Router into an Active Cyber Defense & Honeypot System via USB 🕷️🔥 cybersecurity · 47d ago Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure For [Blue|Purple] Teams in Cyber Defence · 47d ago Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake For [Blue|Purple] Teams in Cyber Defence · 47d ago 3rd Party NFC cards.. secure? cybersecurity · 47d ago Vulnerability Management Tickets & SLA cybersecurity · 47d ago Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket CyberScoop · 47d ago Defending at Machine-Speed: Building AI Threat Readiness cybersecurity · 47d ago AI agents running in our environment have broader access than our sysadmins and ownership of that is unresolved cybersecurity · 47d ago HEAD request body processing leading cybersecurity · 47d ago Hackers exploit FortiClient EMS flaw to push infostealer malware BleepingComputer · 47d ago Malicious npm Package Stole Files From Claude AI User Directory via GitHub cybersecurity · 47d ago Does anyone have an app like substack to keep being updated and engaging within the cyber domain? cybersecurity · 47d ago Zero Trust Implementation Guidelines For [Blue|Purple] Teams in Cyber Defence · 47d ago [ Removed by Reddit ] hacking: security in practice · 47d ago What’s an attack vector people massively underestimate in 2026? cybersecurity · 47d ago We security-reviewed our own free CVE tool and shipped the fixes - EPSS Lookup Tool v2.7 cybersecurity · 47d ago Threat Intel: Kemper Corporation Hit by ShinyHunters Salesforce Extortion Campaign (269k Accounts Ingested by HIBP) Technical Information Security Content & Discussion · 47d ago Is this considered a bug or something else entirely? hacking: security in practice · 47d ago Agentic AI Isn't Risky; the Way Orgs Deploy It Is darkreading · 47d ago A Deeper Look at GLASSWORM's Solana Variant Malware Analysis & Reports · 47d ago A Deeper Look at GLASSWORM's Solana Variant cybersecurity · 47d ago How 2004 RuneScape fit a multiplayer RPG into 56k dial-up Reverse Engineering · 47d ago Getting back deleted conversation from messanger hacking: security in practice · 47d ago Introducing a new design for Microsoft 365 Copilot Microsoft 365 Blog · 47d ago BlackToad: Network Manipulation in an AutoIt Payload For [Blue|Purple] Teams in Cyber Defence · 47d ago RVTools Masquerade: How a Signed Fake Installer Deploys a Modular Python RAT For [Blue|Purple] Teams in Cyber Defence · 47d ago Kimsuky's Advanced Attack Techniques: JSONPing, Webex Spoofing, and a New HttpSpy Variant For [Blue|Purple] Teams in Cyber Defence · 47d ago Calling Cyber Security Beginners cybersecurity · 47d ago Drupal PostgreSQL SQL Injection: From SELECT-Only to RCE Technical Information Security Content & Discussion · 47d ago Busco oportunidad laboral / consejos para iniciar en TI, ciberseguridad o análisis cybersecurity · 47d ago Building Omegle for Exposed Webcams hacking: security in practice · 47d ago built something for ai agents, ended up looking a lot like classic appsec cybersecurity · 47d ago New Gogs zero-day flaw lets hackers get remote code execution BleepingComputer · 47d ago Is Gophish still usable in 2026? cybersecurity · 47d ago Microsoft vs Chaotic Eclipse: three zero-days now actively exploited cybersecurity · 47d ago How SIEM helps MSPs reduce noise and stop threats faster BleepingComputer · 47d ago what do you think cybersecurity · 47d ago Why would be clicking a website, redirect me? cybersecurity · 47d ago Device Code Lab (DCL) — Deep Dive into a Device Code Phishing Toolkit For [Blue|Purple] Teams in Cyber Defence · 47d ago Zapier fixes bug chain that researchers say risked widespread account takeover cybersecurity · 47d ago AI Cyber Security vs Cyber Defense? In your opinions, which one would be better for a more immediate/stable/higher paying career? hacking: security in practice · 47d ago Writing cybersecurity policies is a waste of time cybersecurity · 47d ago Zapier fixes bug chain that researchers say risked widespread account takeover CyberScoop · 47d ago The GitHub Leak Situation Just Got Worse | Threat Wire Hak5 · 47d ago reverse engineering need for speed most wanted for modding sdk Reverse Engineering · 47d ago Romanian gets 5 years in prison for hacking Oregon govt network BleepingComputer · 47d ago Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security darkreading · 47d ago Webinar: Why network incidents take too long to resolve BleepingComputer · 47d ago Raising the Cybersecurity Stakes: Ante up for the Agentic Era. cybersecurity · 47d ago Supply Chain Compromises Impact Nx Console and GitHub Repositories Alerts · 47d ago ABB EIBPORT All CISA Advisories · 47d ago Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter All CISA Advisories · 47d ago ABB Busch-Welcome 2 Wire Door Opener Actuator All CISA Advisories · 47d ago Fourth Frontier Frontier X Mobile Application, Frontier X2 All CISA Advisories · 47d ago CP Plus 8 Ch. Network Video Recorder All CISA Advisories · 47d ago XCharge C6 All CISA Advisories · 47d ago KMW CCTV Security Cameras All CISA Advisories · 47d ago MacGregor Voyage Data Recorder (VDR) G4e All CISA Advisories · 47d ago Schnieider Electric EcoStruxure Machine Expert HVAC All CISA Advisories · 47d ago Supply Chain Compromises Impact Nx Console and GitHub Repositories All CISA Advisories · 47d ago Public CAs are exiting client authentication. Most organisations haven't inventoried what depends on it. cybersecurity · 47d ago [ Removed by Reddit ] cybersecurity · 47d ago Got hit by an infostealer via Discord - Need advice on full removal - ASUS TUF A15 Malware Analysis & Reports · 47d ago Released: Dataforge Honeypot cybersecurity · 47d ago Carnival Cruise confirms data breach affecting nearly 6 million people BleepingComputer · 47d ago Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks cybersecurity · 47d ago CEH-free cybersecurity · 47d ago Hottest cybersecurity open-source tools of the month: May 2026 cybersecurity · 47d ago Preparation tips for CPENT cybersecurity · 47d ago Sextortionist sentenced to 33 years for targeting 145 children BleepingComputer · 47d ago BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model darkreading · 47d ago FROST: Fingerprinting Remotely using OPFS-based SSD Timing For [Blue|Purple] Teams in Cyber Defence · 47d ago How do you handle AI tools in your organization? cybersecurity · 47d ago ESET APT Activity Report Q4 2025–Q1 2026 WeLiveSecurity · 47d ago ESET APT Activity Report Q4 2025–Q1 2026 WeLiveSecurity · 47d ago What scanners are actually trying against AI infrastructure Technical Information Security Content & Discussion · 47d ago I think i got scammed anybody can help me with that cybersecurity · 47d ago Nordic CISOs Handle Rising Cyber Threats Remarkably Well darkreading · 47d ago New phishing campaign targeting Japanese online banking users uses 'PayPoy' domain/branding typo cybersecurity · 47d ago Alert Number: I-052726-PSA | 27 May 2026 Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup For [Blue|Purple] Teams in Cyber Defence · 47d ago Is it safe to have passwords copied to clipboard on IOS temporarily? cybersecurity · 47d ago Developers working on anti-fraud systems deserve more credit cybersecurity · 47d ago Real Folks of Cyber | Dan Berger | Day in the Life The Cyber Mentor · 47d ago My company is moving to security clearance requirements but I am a foreign national. Anyone know time lines / realistic outcomes for me? Currently working as a sec analyst cybersecurity · 47d ago GitHub - cadela-dev/Anything-Reversal-Template: A Claude Code clean-room documentation workflow for reversing source structure into behavior-focused mirror docs. Reverse Engineering · 47d ago Security awareness training for AI heavy smb workflows? cybersecurity · 47d ago puck-security/puck-oss: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations. For [Blue|Purple] Teams in Cyber Defence · 47d ago Defense by accumulation Technical Information Security Content & Discussion · 47d ago Minimum Requirements for Helpdesk Role ? cybersecurity · 47d ago Reddit spear phishing cybersecurity · 47d ago Winbox server/client reverse engineered is opensource Reverse Engineering · 47d ago GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++ cybersecurity · 47d ago What to do cybersecurity · 47d ago What resources would you recommend for studying cysa+ cybersecurity · 47d ago Provenance of Data cybersecurity · 47d ago GPU mining malware spreads via SEO poisoning, AI chatbots BleepingComputer · 47d ago 5-year census of 65,907 exposed databases: 514 attacker BTC wallets traced, 62% received zero on-chain hacking: security in practice · 47d ago Websites have a new way to spy on visitors: analyzing their SSD activity cybersecurity · 47d ago 12 years in secops, military to vendor then internal. Internal feels like all loss and no win. Is this normal? cybersecurity · 47d ago OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms CyberScoop · 47d ago Russian Art Teacher - Hinder Security Clearance? cybersecurity · 47d ago Ransomware Actors Show Up In Person to Steal Law Firm Data darkreading · 47d ago FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person CyberScoop · 47d ago Who is Salt Typhoon Really? Unraveling the Attribution Challenge For [Blue|Purple] Teams in Cyber Defence · 47d ago EDR/MDR Vendor Questions cybersecurity · 48d ago Cybersecurity as a Highschooler? cybersecurity · 48d ago New department created, would love your input cybersecurity · 48d ago What are the dangers of posting? hacking: security in practice · 48d ago OWASP Vienna - anyone going? cybersecurity · 48d ago Interview with Upstart cybersecurity · 48d ago 18, immigrant in Portugal (no Portuguese), failing high school. Need a stable path to Hardware/Network Cyber. cybersecurity · 48d ago Is cloud security engineer viable with my current position? cybersecurity · 48d ago UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace CyberScoop · 48d ago Cloudflare Access users: what would actually make JIT useful for you? cybersecurity · 48d ago Looking for resources on end-to-end APT attack flow summaries for detection engineering For [Blue|Purple] Teams in Cyber Defence · 48d ago Kali365 Activity Surges: Device Code Phishing Is Scaling Fast Malware Analysis & Reports · 48d ago eBPF to Detect Unexpected Control-Plane Traffic Inside GTP-U Tunnels cybersecurity · 48d ago The War Between Wars: How an IRGC Cyber Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire For [Blue|Purple] Teams in Cyber Defence · 48d ago Questions regarding Ubuntu 24 LTS hardening cybersecurity · 48d ago Cómo puedo interferir señal de un dispositivo que está cerca de mí para que no le funcione la señal de wifi a la que él está conectado, cómo puedo protegerme? Se me tipos de cómo protegerme, soy nuevo en esto, me gusta mucho. cybersecurity · 48d ago Honest question about OT Security Engineer work life in India cybersecurity · 48d ago Who is using CVE Lite CLI? Share your use case (OWASP Incubator Project for JS/TS dependency scanning) cybersecurity · 48d ago AI Security cybersecurity · 48d ago Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor cybersecurity · 48d ago durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP For [Blue|Purple] Teams in Cyber Defence · 48d ago 🚨 Exposed Global Smishing Operation Hitting 19 Countries Across 3 Continents cybersecurity · 48d ago Latin American Cybercriminals Hoover Up Government Data darkreading · 48d ago Exposing a Smishing campaign across 19 countries: 1,628 malicious URLs tied to a single 128-char HTML fingerprint For [Blue|Purple] Teams in Cyber Defence · 48d ago AI-Assisted Exploit Development Outpaces Scanner Detection darkreading · 48d ago Building Detection Engineering on AWS from scratch — roast my plan cybersecurity · 48d ago Building Detection Engineering on AWS from scratch — roast my plan For [Blue|Purple] Teams in Cyber Defence · 48d ago New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault Technical Information Security Content & Discussion · 48d ago Academic Survey - AI in Cybersecurity Governance and Regulatory Compliance cybersecurity · 48d ago Flipper Zero Users, What's Your Take? hacking: security in practice · 48d ago Large company with a bit of an issue free stuff hacking: security in practice · 48d ago I went to prison for internet piracy and hacking; my FBI profiler sent me a message on LinkedIn when I got out, and now we’re presenting at SLEUTHCON. I'm Josh Brody and I ran HeheStreams: AMA. cybersecurity · 48d ago Research: All three major eBPF security monitors (Falco, Tracee, Tetragon) can be silently disabled via BPF map poisoning cybersecurity · 48d ago Final Year Project: Looking for non-generic IAM project ideas that solve real problems cybersecurity · 48d ago MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware Technical Information Security Content & Discussion · 48d ago GlassWorm takedown: year-long developer supply chain campaign using VS Code extensions and npm packages dismantled. cybersecurity · 48d ago MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware For [Blue|Purple] Teams in Cyber Defence · 48d ago Breaking out of IT Helpdesk - how? cybersecurity · 48d ago A year in Cybersecurity — Where Do I Go From Here? cybersecurity · 48d ago MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware cybersecurity · 48d ago MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware Malware Analysis & Reports · 48d ago Can you enforce strong Active Directory password rules without frustrating users? BleepingComputer · 48d ago 22, SOC Analyst experience + certs, still no interviews since January - looking for honest advice from people in cyber cybersecurity · 48d ago FBI: Silent Ransom Group Turns to IT Support Ploy cybersecurity · 48d ago A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate Technical Information Security Content & Discussion · 48d ago How do machine builders track Siemens/Rockwell security advisories? cybersecurity · 48d ago CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain CyberScoop · 48d ago Glassworm botnet disrupted after resilient C2 infrastructure takedown BleepingComputer · 48d ago GlassWorm Developer Supply-Chain Botnet Takedown cybersecurity · 48d ago The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN cybersecurity · 48d ago Active Exploitation - LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0: Root Privilege Escalation added to KEV cybersecurity · 48d ago (URGENT), i need help reversing uber's api in order to always mark the 4 seated vehicles as always on the road and not available for a specified account, while the vans remain active Reverse Engineering · 48d ago Got cybersec work what next ? cybersecurity · 48d ago Hi everyone! I’m a doctoral student conducting research on how people’s cybersecurity concerns affect their use of technologies like Apple Pay, smart devices, wearables. I’m looking for adults (18+) who currently use or have recently used these types of technology; smart devices or smart wearables cybersecurity · 48d ago Ekoparty Miami - Interface Anti-Patterns: Exploiting Insecure Navigation in 3rd Party Android App Lockers cybersecurity · 48d ago HN Security - AI Reporter - Let's automate reporting in Burp Suite! Technical Information Security Content & Discussion · 48d ago Trying to understand the scope of NVIDIA's attestation (NRAS), what am I missing? cybersecurity · 48d ago GitHub - facebook/mcpguard-dynamic: Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP) cybersecurity · 48d ago nightmare eclipse is probably French here is why cybersecurity · 48d ago Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines cybersecurity · 48d ago Measuring performance of JA4/JA4H AI Model cybersecurity · 48d ago Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security darkreading · 48d ago What things are you really focused on this year? cybersecurity · 48d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog Alerts · 48d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog All CISA Advisories · 48d ago FBI warns of in-person data theft attacks from extortion gang BleepingComputer · 48d ago Deep structural file analysis with MITRE ATT&CK mapping, from the original ClamAV authors (clens.io) Malware Analysis & Reports · 48d ago Designing secure access with ZTNA For [Blue|Purple] Teams in Cyber Defence · 48d ago Hypothetical EDR spoofer Reverse Engineering · 48d ago Hypothetical EDR spoofer cybersecurity · 48d ago ISO 27001 Audit Stage 1 cybersecurity · 48d ago Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records Technical Information Security Content & Discussion · 48d ago Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That. cybersecurity · 48d ago CISA gives feds 4 days to patch actively exploited cPanel plugin flaw BleepingComputer · 48d ago Dutch police arrests suspect linked to Ajax football club hack BleepingComputer · 48d ago What to consider before asking an AI chatbot for health advice WeLiveSecurity · 48d ago What to consider before asking an AI chatbot for health advice WeLiveSecurity · 48d ago Looking for Hacker Friends to Learn☺️ cybersecurity · 48d ago Comptes Instagram et Facebook piratés et désactivés cybersecurity · 48d ago RCE in Strix Agent(Sandbox): A practical guide to prompt injections with impact Technical Information Security Content & Discussion · 48d ago How to safely disinfect a USB stick from potential malware files? cybersecurity · 48d ago Windows 11 KB5089573 update released with performance improvements BleepingComputer · 48d ago Proofpoint Introduces Active Exploits Protection to Help Organizations Prioritize Vulnerability Patching for Real-World Attacks in the AI Era Proofpoint News Feed · 48d ago Champion ethical hacker warns AI tools like Mythos will make competing harder. hacking: security in practice · 48d ago MSIT Launches Early “Incident Investigation Review Committee” for Proactive Security Incident Response For [Blue|Purple] Teams in Cyber Defence · 48d ago White House: Ensuring Effective and Efficient Agency Logging and Network Visibility to Defend Against Evolving Cyber Threats For [Blue|Purple] Teams in Cyber Defence · 48d ago Advisory X41-2026-002: Request Host Header not Validated in Starlette For [Blue|Purple] Teams in Cyber Defence · 48d ago Top ethical hacker Chompie warns AI tools could put her out of business For [Blue|Purple] Teams in Cyber Defence · 48d ago 浅谈AI Agent的行为检测思路 -A Brief Discussion on Behavior Detection Approaches for AI Agents For [Blue|Purple] Teams in Cyber Defence · 48d ago Samy Kamkar talking about how Jeffrey Epstein wanted him to be his hacker. hacking: security in practice · 48d ago YoroTrooper组织针对独联体及周边区域的攻击活动分析 - Analysis of YoroTrooper's Attacks Against the CIS and Surrounding Regions For [Blue|Purple] Teams in Cyber Defence · 48d ago CERT-IN: Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure - patch between 12 hours and 5 days they state For [Blue|Purple] Teams in Cyber Defence · 48d ago The Evolution of Chinese-language Phishing Services For [Blue|Purple] Teams in Cyber Defence · 48d ago Silent Ransom Group Impersonating IT Personnel through Social Engineering For [Blue|Purple] Teams in Cyber Defence · 48d ago Is anyone else concerned about how quickly AI is outpacing cloud security? cybersecurity · 48d ago The epoll UAF - an epoll uaf race in fs/eventpoll.c For [Blue|Purple] Teams in Cyber Defence · 48d ago Tycoon 2FA AiTM detection for Entra ID and Google For [Blue|Purple] Teams in Cyber Defence · 48d ago Microsoft Copilot Cowork Exfiltrates Files For [Blue|Purple] Teams in Cyber Defence · 48d ago What's a CyberSecurity job like? cybersecurity · 48d ago Microsoft Live credential stuffing cybersecurity · 48d ago I am on placement and part of a lab where we use cyber security and do research what jobs are similar to this? cybersecurity · 48d ago Security architects- summarize your responsibilities and role cybersecurity · 48d ago Finding Work in OSINT cybersecurity · 48d ago State of SDLC Security 2026 cybersecurity · 48d ago Reported to police for coding html cybersecurity · 48d ago there's a toll in the hall now hacking: security in practice · 48d ago I Reverse Engineered Need for Speed Most Wanted Server Reverse Engineering · 48d ago Am I crazy or is something off about this Google OAuth login via Calendly hacking: security in practice · 48d ago [Open Source] Desarrollé un mutador de huellas TLS en Rust para evadir sistemas Anti-Bot (JA3/JA4 scrambling) cybersecurity · 48d ago I open-sourced KernelEye — an eBPF/XDP-based Linux server security monitoring project cybersecurity · 48d ago Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover cybersecurity · 48d ago Shai-Hulud Hackers TeamPCP: Lucky or Skilled Operators? cybersecurity · 48d ago KnowledgeDeliver flaw exploited as a zero-day to install web shells cybersecurity · 48d ago KnowledgeDeliver flaw exploited as a zero-day to install web shells BleepingComputer · 49d ago GUEST ESSAY: AI pipelines are shattering network security — most companies haven’t even noticed yet The Last Watchdog · 49d ago Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos darkreading · 49d ago Charter confirms data breach after ShinyHunters extortion threat BleepingComputer · 49d ago Apple open-sources quantum-resistant encryption code CyberScoop · 49d ago Breaking GROK'S DEFENSES to make it HACK Real Public Websites cybersecurity · 49d ago GitHub Actions Cache Poisoning is eating open source cybersecurity · 49d ago State Cyber Leaders Push Congress for More Funding, Support darkreading · 49d ago Nightmare-Eclipse has also been banned on GitLab :DD cybersecurity · 49d ago Shai-Hulud Hackers TeamPCP: Lucky or Skilled? darkreading · 49d ago For Enterprises, Security Remains Agentic AI's Biggest Challenge darkreading · 49d ago Do we still have time before we are in the Age of the movie "Minority Report"? ↓ cybersecurity · 49d ago SimHub (popular sim racing dashboard software) appears to silently disable Windows Defender via hidden Group Policy file cybersecurity · 49d ago Unpatched Sparx vulnerabilties For [Blue|Purple] Teams in Cyber Defence · 49d ago What Software Supply Chain, Water Filters, and Power Grids Have in Common cybersecurity · 49d ago QA engineer trying to move into AppSec — does this plan hold up? cybersecurity · 49d ago Not a security person... got hit by an undocumented macOS stealer campaign, reverse engineered it, and tried to take the whole operation down. Malware Analysis & Reports · 49d ago Is work from anywhere really impossible to find?? cybersecurity · 49d ago Navigating Lax Load Balancers: When an Intersection Gets You Inside Technical Information Security Content & Discussion · 49d ago New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences Microsoft 365 Blog · 49d ago Cybersecurity statistics of the week (May 18th - May 24th) cybersecurity · 49d ago Engineering a Post Quantum Fortress Inside the Citadel Archite cybersecurity · 49d ago Cyber Security Analyst cybersecurity · 49d ago Environmental consulting firm pushing heavy AI adoption despite employee concerns over environmental impact and data governance cybersecurity · 49d ago Two layer email security tool thesis cybersecurity · 49d ago Encrypted DNS in 2026: DoH, DoT, DoQ and DoH3 protocol comparison — including DNS hijacking attack vectors and what each protocol actually prevents Technical Information Security Content & Discussion · 49d ago sylvia: iOS Syscall Explorer for IDA 9.X For [Blue|Purple] Teams in Cyber Defence · 49d ago Ultima Online T2A client recreated from Origin's 2.0.7 client decompilation Reverse Engineering · 49d ago OTP lockout state leaked valid-code signal, enabling OLX account takeover Technical Information Security Content & Discussion · 49d ago When OTP rate limiting fails: OLX account takeover with persistent sessions cybersecurity · 49d ago When “try again later” still tells you the OTP was correct: an account takeover story. hacking: security in practice · 49d ago Entra ID sessions revoke cybersecurity · 49d ago Anyone who attended GPCSSI before? Need some clarification cybersecurity · 49d ago How Varonis Atlas integrates Claude Compliance API for AI governance BleepingComputer · 49d ago Lost on my career path. cybersecurity · 49d ago How journalists rely on VPNs to protect press freedom Technical Information Security Content & Discussion · 49d ago EU-based folks: external pentest vs mandatory data/security training? cybersecurity · 49d ago help needed from experienced people cybersecurity · 49d ago How do you evaluate whether a privacy service is actually privacy-respecting? cybersecurity · 49d ago Which one Intellipaat or coursera which one to choose cybersecurity · 49d ago How random program can cause most of antiviruses close himself without telling himself to close Malware Analysis & Reports · 49d ago Sylvia — IDA 9.x plugin that finds & documents iOS AArch64 syscalls with live man-page fetching Reverse Engineering · 49d ago ShadowCat: Universal optical file transfer, single html file, browser to camera hacking: security in practice · 49d ago Analyzing the Taiwan High-Speed Rail (THSR) TETRA incident (part 1) Technical Information Security Content & Discussion · 49d ago Microsoft Defender can now automatically isolate hacked endpoints BleepingComputer · 49d ago Webinar: Too many tools are slowing network incident response BleepingComputer · 49d ago CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks cybersecurity · 49d ago India's CERT-In just mandated patching critical vulnerabilities within 12 hours. That sounds good — but is it actually realistic? cybersecurity · 49d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 49d ago ABB Terra AC All CISA Advisories · 49d ago ABB LVS MConfig All CISA Advisories · 49d ago ABB Ability Camera Connect All CISA Advisories · 49d ago Eppendorf BioFlo 320 All CISA Advisories · 49d ago ABB AbilityTM Zenon Remote Transport Vulnerability All CISA Advisories · 49d ago ABB AC500 V2 All CISA Advisories · 49d ago ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) All CISA Advisories · 49d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 49d ago Audited 20 production repos after the May supply chain attack. Every single one had at least 3 of the 8 misconfigs. cybersecurity · 49d ago Did anyone pass the SC-200 certificate recently? cybersecurity · 49d ago Honeypot cybersecurity · 49d ago passkeys, MFA, biometrics, and you can still reset everything with access to one gmail account cybersecurity · 49d ago Career in IAM as a fresher cybersecurity · 49d ago CISA orders feds to patch actively exploited Drupal vulnerability cybersecurity · 49d ago Telegram's Hidden Gatekeeper? OCCRP Probe Puts Spotlight on Shadowy Engineer Linked to App's Infrastructure cybersecurity · 49d ago GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered” cybersecurity · 49d ago Cyber security tool cybersecurity · 49d ago Ababil of Minab: An Iran-Linked Destruction and Exfiltration Campaign Targeting the U.S. and the Middle East For [Blue|Purple] Teams in Cyber Defence · 49d ago GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip For [Blue|Purple] Teams in Cyber Defence · 49d ago JOMANGY: INJ3CTOR3's Self-Healing FreePBX Toll Fraud Campaign For [Blue|Purple] Teams in Cyber Defence · 49d ago Saw this tool and it has potential cybersecurity · 49d ago 🚨 14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-26): Critical Worms, Parse Server DoS, and AI RCEs cybersecurity · 49d ago 7-Zip CVE-2026-48095: NTFS Heap Overflow Leads to Vtable Hijack For [Blue|Purple] Teams in Cyber Defence · 49d ago How I Tried to Parse a Replay from Dawn of War: Definitive Edition Reverse Engineering · 49d ago 7-Zip CVE-2026-48095: NTFS Heap Overflow Can Trigger Through Renamed Files cybersecurity · 49d ago Follow up : showing Claude install random pacakage in its vm instance without asking or prompting cybersecurity · 49d ago BTMOB: A stealthy RAT burrowing deep into Android devices WeLiveSecurity · 49d ago BTMOB: A stealthy RAT burrowing deep into Android devices WeLiveSecurity · 49d ago Update Starlette Now. New severe vulnerability dropped. Technical Information Security Content & Discussion · 49d ago CISA orders feds to patch actively exploited Drupal vulnerability BleepingComputer · 49d ago Microsoft: Domain Controller lookup may fail on Windows Server 2016 BleepingComputer · 49d ago Seeing alot of SSH honeypot attacks on "root:fjbdfdjkdsfs541544AA@@" For [Blue|Purple] Teams in Cyber Defence · 49d ago The practice of cyber-threat intelligence in organizations: A socio-technical case study of a mature financial organization For [Blue|Purple] Teams in Cyber Defence · 49d ago ¿Is safe? cybersecurity · 49d ago 7-Eleven data breach exposes personal information of 185,000 people BleepingComputer · 49d ago Need help cybersecurity · 49d ago What is the best tool for masking in kali cybersecurity · 49d ago What are the best tools other than ghostTracker? cybersecurity · 49d ago y2jb un able to enject payloads hacking: security in practice · 49d ago TrapDoor Cross-Ecosystem Crypto Stealer Campaign cybersecurity · 49d ago Follow up : Steal Your Files Claude AI installing package because internet say so cybersecurity · 49d ago New to Cybersecurity: Looking for general advice & help with Nmap cybersecurity · 49d ago GitHub - mrexodia/ida-pro-mcp: AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP. For [Blue|Purple] Teams in Cyber Defence · 49d ago Open sourcing our hardware red team RF toolkit: the Crimson Flipper Arsenal cybersecurity · 49d ago Dropping the Crimson Flipper Arsenal soon. 500+ vehicle signals. LoRa. Cellular. Vending. All validated. hacking: security in practice · 49d ago Looking for tech role references cybersecurity · 49d ago Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet Trend Micro Research, News, Perspectives · 49d ago How do you balance Paw? cybersecurity · 49d ago I'm a security professional who has dealt with ransomware. AMA about incident response and business continuity. cybersecurity · 49d ago The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire Malware Analysis & Reports · 49d ago The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire Technical Information Security Content & Discussion · 49d ago Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability For [Blue|Purple] Teams in Cyber Defence · 49d ago From Stuxnet to Handala: The reverse-engineering of a nation-state cyber weapon and its implications for ICS/SCADA security cybersecurity · 49d ago Ghost CMS flaw being actively exploited to compromise 700+ sites and serve malware to visitors through fake CAPTCHAs. Patch has been out since February cybersecurity · 49d ago What Companies are Legit? cybersecurity · 49d ago start learning cybersecurity from scratch cybersecurity · 49d ago Follow-up: measuring LLM-agent failures with replay evidence cybersecurity · 49d ago Follow-up: measuring LLM-agent failures with replay evidence cybersecurity · 49d ago WhatsApp users on alert after hacker drops massive dataset cybersecurity · 50d ago 17 years old going into CS — what certs should I start going after now? cybersecurity · 50d ago CVE-2026-20700: A controlled exploration of dyld's page-in linking and chained fixup machinery as a PAC signing oracle, in the context of CVE-2026-20700. For [Blue|Purple] Teams in Cyber Defence · 50d ago i want to hire an osint expert cybersecurity · 50d ago Open University pros/cons cybersecurity · 50d ago How important do you think browser/device fingerprinting has become for modern fraud detection compared to traditional bot detection? cybersecurity · 50d ago Career in IAM as a fresher cybersecurity · 50d ago Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo cybersecurity · 50d ago Need Advice cybersecurity · 50d ago Why did Hack Forums lose popularity? hacking: security in practice · 50d ago Nocturne - A bin2bin code virtualizer for x86-64 PE binaries Reverse Engineering · 50d ago Before going to college, what certifications should I get to prepare myself for cyber security as a person with no experience with cyber security at all? cybersecurity · 50d ago Someone from Germany on iOS keeps trying to login to my MSFT account cybersecurity · 50d ago AI cautionary tale... cybersecurity · 50d ago [Project Onyx] Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing Reverse Engineering · 50d ago Anthropic’s restricted Claude Mythos model may be coming to Claude Code BleepingComputer · 50d ago AI powered red vs blue teaming cybersecurity · 50d ago Starting a security analyst student apprenticeship next week, need advice cybersecurity · 50d ago Why CVE Does Not Work for AI Agents, but AVE? cybersecurity · 50d ago SC-200 or Security+ — which actually helps land a security title cybersecurity · 50d ago How about AI having access to your hard drive. cybersecurity · 50d ago How a Date Tag Hijacks macOS via ExifTool cybersecurity · 50d ago Need ideas for final year cybersec project : “CodeSafe” MCP for AI coding tools cybersecurity · 50d ago Tracing CVE-2021-21735 through ZTE H168N QuickSetup whitelist and Lua wizard routing Reverse Engineering · 50d ago How credential brokering prevents AI agents from compromising credentials via prompt injection Technical Information Security Content & Discussion · 50d ago How credential brokering prevents AI agents from compromising credentials via prompt injection cybersecurity · 50d ago Built a tiny daily cyber puzzle game during evenings/weekends cybersecurity · 50d ago Crypto4A launches quantum-safe rival to AWS Secrets Manager cybersecurity · 50d ago CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth Technical Information Security Content & Discussion · 50d ago ZTE rated this router leak 3.5 Low. NVD rated it 6.5 Medium. The impact explains why. cybersecurity · 50d ago Cyber Sec project cybersecurity · 50d ago ZTE router “info leak” exposed PPPoE/Wi-Fi secrets that could lead to admin compromise hacking: security in practice · 50d ago CySA+ cybersecurity · 50d ago Anyone tried Morgancyberhelp ? cybersecurity · 50d ago As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free cybersecurity · 50d ago YouTube SMS Blaster Ad Displays Scam Messages That Impersonate Telcos For [Blue|Purple] Teams in Cyber Defence · 50d ago Why are most of the dfir tools built to be used in windows cybersecurity · 50d ago OnlyFans mega leak reveals 340M user records, hackers claim cybersecurity · 50d ago Perplexity BumbleBee cybersecurity · 50d ago Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks Krebs on Security · 50d ago Cisco patches critical 10.0 flaw in Secure Workload APIs cybersecurity · 50d ago Suspicious ass website asking to run a terminal command (MacOS) Malware Analysis & Reports · 50d ago Shellcide: A shellcode IDE hacking: security in practice · 50d ago Stalker has my phonenumber cybersecurity · 50d ago FBI warns of Kali365 phishing service targeting Microsoft 365 accounts BleepingComputer · 50d ago I Show How the Survival Mode of the Flash Game Gun Mayhem 2 More Mayhem is Built Reverse Engineering · 50d ago Need some guidance cybersecurity · 50d ago Are you currently allocating budget to services that remove executive PII from B2B data brokers? cybersecurity · 50d ago Threat Intel: ShinyHunters Leaks 9.4GB Database of 7-Eleven Franchisee Systems Post-Extortion Refusal Technical Information Security Content & Discussion · 50d ago About CEHv13 book cybersecurity · 50d ago delimiter-less string obfuscation powered by compile-time AES Reverse Engineering · 50d ago Open sourced the part of our SOC tool that can nuke your endpoints, so you can read it before trusting it For [Blue|Purple] Teams in Cyber Defence · 50d ago We open-sourced the most dangerous part of our security startup on purpose. cybersecurity · 50d ago Which conference(s) result in the most people finding jobs? cybersecurity · 50d ago My discord account has been hacked second time even after enabling two factor authentication and resetting password cybersecurity · 50d ago What's the most efficient way to learn cloud governance and compliance cybersecurity · 50d ago honeyslop: Code canaries to quickly triage hallucinated ('slop') vulnerability reports For [Blue|Purple] Teams in Cyber Defence · 50d ago Apex One and Vision One – Standard Endpoint Protection (SEP) May 2026 Security Bulletin - TrendAI has observed at least one instance of an attempt to actively exploit one of these vulnerabilities in the wild. For [Blue|Purple] Teams in Cyber Defence · 50d ago Putin appoints Rostec cybersecurity specialist linked to GRU hackers from Fancy Bear as aide to Sergei Shoigu in Russia’s Security Council For [Blue|Purple] Teams in Cyber Defence · 50d ago RemotePE: The Lazarus RAT that lives in memory For [Blue|Purple] Teams in Cyber Defence · 50d ago Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer For [Blue|Purple] Teams in Cyber Defence · 50d ago Paved With Intent: ROADtools and Nation-State Tactics in the Cloud For [Blue|Purple] Teams in Cyber Defence · 50d ago Twee mannen aangehouden voor phishing - Two men arrested for phishing For [Blue|Purple] Teams in Cyber Defence · 50d ago Sharp Eyes: Mass surveillance of foreigners in China For [Blue|Purple] Teams in Cyber Defence · 50d ago Does anyone know C2 framwork and free hosting to host C2? cybersecurity · 50d ago Finding bot account hacking: security in practice · 50d ago relay_bible: Technical Reference to multiple relay techniques For [Blue|Purple] Teams in Cyber Defence · 50d ago CIS-CAT Assessor for assessment Windows server 2022 and 2025 cybersecurity · 50d ago Fix: CVE-2025-33073 NTLM reflection not exploitable on pre-NT10.0 systems by azoxlpf · Pull Request #1245 · Pennyw0rth/NetExec For [Blue|Purple] Teams in Cyber Defence · 50d ago The Gold Mine Red Teamers Never Touch - "read the Windows source code. Both Windows XP and Server 2003." [to make their tools blend in] For [Blue|Purple] Teams in Cyber Defence · 50d ago SYLK 文件格式的武器化滥用 – Weaponization and abuse of the SYLK file format For [Blue|Purple] Teams in Cyber Defence · 50d ago North Korean cyber hackers and masterminds behind gambling sites... Sentenced to 5 years in prison in the first trial For [Blue|Purple] Teams in Cyber Defence · 50d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 50d ago Auditor wants a specific access report format and our IAM tool can't produce it, how do you handle this cybersecurity · 50d ago Installed BlueStacks, 3 hours later "new login on your google account" and its from the same city as me and a samsung s22 galaxy that i did not authorize, does this have any relation to bluestacks? cybersecurity · 50d ago Recent adoption of AI taught me what is Cybersecurity. cybersecurity · 50d ago The Pentagon Changed the Rules for Cybersecurity Compliance cybersecurity · 50d ago Can someone explain to a noob like me what the implications of this exploit are? cybersecurity · 50d ago SHub's "Reaper" Variant Seen Bypassing New macOS Terminal Protections cybersecurity · 50d ago Window between zero-day CVE and a patch! cybersecurity · 50d ago Is it risky when a website puts on technology components with versions they used in their website? cybersecurity · 50d ago Anyone else losing their mind over this "AI Cybersecurity" hype? cybersecurity · 50d ago URL parsing behavior in a canonical tag lab cybersecurity · 50d ago How to hacking: security in practice · 50d ago Would an open source CLI tool that audits GitHub repos for supply chain attacks be useful to you? cybersecurity · 50d ago Any tips for me pls cybersecurity · 50d ago How do you minimize legal liability as a solo contractor? cybersecurity · 50d ago How does your MSSP handle fine-tuning detection rules for false positives? (e.g. "Guest" policy hitting UDP/TCP scan alerts) — do you verify with the customer before suppressing? cybersecurity · 50d ago nmap on Linux: Guide to Network Scanning and Discovery Technical Information Security Content & Discussion · 50d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 50d ago Made a cyberpunk-style encryption tool in Python (novelty) during my guard shift. hacking: security in practice · 50d ago Provenance: A survival toolkit for an AI dominant information landscape cybersecurity · 50d ago Nmap Mastery: The Complete Guide to Network Reconnaissance hacking: security in practice · 50d ago Google wallet virtual card cloned hacking: security in practice · 50d ago [ Removed by Reddit ] cybersecurity · 50d ago Active Drupal SQLi exploitation is a real „patch now“ moment cybersecurity · 50d ago machscope — macOS XPC, Mach services, launchd, and trust relationship explorer (zero-dependency, terminal-native) cybersecurity · 51d ago Need suggestions and input; not a promotion cybersecurity · 51d ago Need advice! cybersecurity · 51d ago New Zealand is becoming a focal point for AI-driven superhacking threats. cybersecurity · 51d ago Staged publishing and new install-time controls for npm - GitHub Changelog For [Blue|Purple] Teams in Cyber Defence · 51d ago nmap on Linux: Guide to Network Scanning and Discovery cybersecurity · 51d ago TrapDoor supply-chain campaign hits npm, PyPI, and Crates.io with AI-assistant poisoning angle cybersecurity · 51d ago How would Phishing look like in the future? (targeting agents, not humans) cybersecurity · 51d ago Best beginner/intermediate book for system security (blue team / defense / audits)? cybersecurity · 51d ago Why is on-prem and air-gapped asset inventory still such a mess? cybersecurity · 51d ago keep getting MS authentication sign in attempts? cybersecurity · 51d ago Updated UAC-0057 toolkit: OYSTERFRESH, OYSTERSHUCK and OYSTERBLUES For [Blue|Purple] Teams in Cyber Defence · 51d ago Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud For [Blue|Purple] Teams in Cyber Defence · 51d ago Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow For [Blue|Purple] Teams in Cyber Defence · 51d ago The Future and Past of Residential Proxies For [Blue|Purple] Teams in Cyber Defence · 51d ago Tracking TamperedChef Clusters via Certificate and Code Reuse For [Blue|Purple] Teams in Cyber Defence · 51d ago Machine Overmatch: What Salt Typhoon Reveals About China’s Data-Centric Intelligence Strategy For [Blue|Purple] Teams in Cyber Defence · 51d ago Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware For [Blue|Purple] Teams in Cyber Defence · 51d ago A fraudulent scheme to obtain and use code signing certificates to deceive victims into downloading dangerous malware under the false belief that it is trusted software For [Blue|Purple] Teams in Cyber Defence · 51d ago Prompt Injection finally broke my brain a little. My first article as a security student. Technical Information Security Content & Discussion · 51d ago Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows For [Blue|Purple] Teams in Cyber Defence · 51d ago Suricata 8.0.5 and 7.0.16 released! - fixed various critical and high severity vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 51d ago Phantom Killer: Reverse Engineering and Weaponizing a Lenovo Driver to Terminate EDR Processes For [Blue|Purple] Teams in Cyber Defence · 51d ago mkPIVM: Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode. For [Blue|Purple] Teams in Cyber Defence · 51d ago keyhog: The fastest, most accurate secret scanner. 896 detectors, Hyperscan SIMD, GPU acceleration, 96% recall. Built in Rust. For [Blue|Purple] Teams in Cyber Defence · 51d ago np-audit: Static security analysis for npm packages. Detects obfuscated code, malicious patterns, and known vulnerabilities before installation. For [Blue|Purple] Teams in Cyber Defence · 51d ago Ledger: An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed and what still needs to be cleaned up. For [Blue|Purple] Teams in Cyber Defence · 51d ago OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++ For [Blue|Purple] Teams in Cyber Defence · 51d ago Megalodon: Mass GitHub Repo Backdooring via CI Workflows For [Blue|Purple] Teams in Cyber Defence · 51d ago Silly issue cybersecurity · 51d ago FatGid - FreeBSD 14.x kernel LPE For [Blue|Purple] Teams in Cyber Defence · 51d ago Manage [VSCode] extensions in enterprise environments For [Blue|Purple] Teams in Cyber Defence · 51d ago angr: A powerful and user-friendly binary analysis platform! For [Blue|Purple] Teams in Cyber Defence · 51d ago Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware For [Blue|Purple] Teams in Cyber Defence · 51d ago Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign BleepingComputer · 51d ago How Attackers Force Microsoft to Send Phishing Emails For [Blue|Purple] Teams in Cyber Defence · 51d ago Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects For [Blue|Purple] Teams in Cyber Defence · 51d ago Microsoft Authenticator App Details now exposed in Entra SignInLogs For [Blue|Purple] Teams in Cyber Defence · 51d ago Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting For [Blue|Purple] Teams in Cyber Defence · 51d ago How China-linked threat actors obtain zero-day vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 51d ago How to practice cybersecurity while studying prograaming ? cybersecurity · 51d ago Fast and Furious - Nimbus Manticore Operations During the Iranian Conflict - Check Point Research For [Blue|Purple] Teams in Cyber Defence · 51d ago How to Use Claude AI: A Complete Technical Beginner's Guide Technical Information Security Content & Discussion · 51d ago [AI Security] Exploring Behavioral AI for Runtime Threat Detection cybersecurity · 51d ago Podman and krun: is it pointless to harden quadlets? cybersecurity · 51d ago Monitoring for vssadmin.exe delete shadows is an absolute bare minimum For [Blue|Purple] Teams in Cyber Defence · 51d ago Infostealers Just Spawned a 5,000+ Repo GitHub Supply Chain Attack For [Blue|Purple] Teams in Cyber Defence · 51d ago How a consultant and a concert pianist from the Netherlands aided pro-Russian hackers For [Blue|Purple] Teams in Cyber Defence · 51d ago How to handle security researchers (and firms) without a bounty program? cybersecurity · 51d ago CVE-2026-48029: Two grid-decode bugs in libheif For [Blue|Purple] Teams in Cyber Defence · 51d ago GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++ Reverse Engineering · 51d ago workcell: Bounded local runtime and policy boundary for coding agents For [Blue|Purple] Teams in Cyber Defence · 51d ago OpenShell: OpenShell is the safe, private runtime for autonomous AI agents. For [Blue|Purple] Teams in Cyber Defence · 51d ago Product analytics is becoming a third-party breach surface cybersecurity · 51d ago How can i learn and get into red teaming? cybersecurity · 51d ago Governments increasingly assume they’ll use offensive cyber tools as part of state power | Federal News Network cybersecurity · 51d ago I got hacked cybersecurity · 51d ago What are the ways of cracking wpa2/wpa3 without the usual dictionary/wordlist.txt method? hacking: security in practice · 51d ago Soc analysts in big companies, how it looks like? cybersecurity · 51d ago Has anyone manage to reverse the macked dylib? Reverse Engineering · 51d ago CTO at NCSC Summary: week ending May 24th cybersecurity · 51d ago Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automation For [Blue|Purple] Teams in Cyber Defence · 51d ago Built a SOC from scratch with no prior SOC experience For [Blue|Purple] Teams in Cyber Defence · 51d ago These special phone and app features can help protect you from spyware cybersecurity · 51d ago Is there a tool that lets you automatically rotate all your ssh keys and k8s creds and whatever else with a click of a button? cybersecurity · 51d ago Capcha Code Malware cybersecurity · 51d ago getting lost when hunting cybersecurity · 51d ago How to find information behind an account? cybersecurity · 51d ago Reverse engineering circuitry in a Spacelab computer from 1980 Reverse Engineering · 51d ago Theoretical Design Concept for Post-Exploitation Browser Defense cybersecurity · 51d ago Google Certifications... cybersecurity · 51d ago How to continue when finding a possible Vulnerability but local law prohibits me from investigating further cybersecurity · 51d ago Netherlands seizes 800 servers of hosting firm enabling cyberattacks cybersecurity · 51d ago Is the CISSP still a reputable cert for getting jobs? cybersecurity · 51d ago Which of these gоv roles would fare better in the private sector? cybersecurity · 51d ago Laravel Lang packages hijacked to deploy credential-stealing malware cybersecurity · 51d ago Laravel Lang packages hijacked to deploy credential-stealing malware BleepingComputer · 51d ago Mapping binaries to EDR feature spaces cybersecurity · 51d ago Lost my number + WhatsApp account — worried about old chats, photos, and videos cybersecurity · 51d ago Proxmark5 campaign unlocked the $600k stretch goal hacking: security in practice · 51d ago ☔️🌅 STÖK · 52d ago what is the most painful or time-consuming part of your work right now?" cybersecurity · 52d ago Anthropic says Mythos has already found more than 10,000 vulnerabilities cybersecurity · 52d ago What is the experience needed for “entry level” cybersecurity jobs? cybersecurity · 52d ago Browser extension testing. cybersecurity · 52d ago GitHub - vigolium/vigolium: Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed, modularity, and precision hacking: security in practice · 52d ago Interviewer ask me if you observe port scanning from internal ip , the scanning ip is not authorised for scanning. How will you investigate it and how will you find attackers ip? cybersecurity · 52d ago Open-source reverse engineering of PerimeterX (HUMAN Security) Web SDK — pure-algo cookie generators, dual-site live HTTP 200, 10-chapter methodology Reverse Engineering · 52d ago Have you ever had your face or voice misused by AI? I’m building a free reporting tool and need feedback cybersecurity · 52d ago Prompt Injection finally broke my brain a little. My first article as a cybersecurity student, cat approved edition cybersecurity · 52d ago Can someone recommend me some good, large universities to study cybersecurity? cybersecurity · 52d ago New guy khikhi cybersecurity · 52d ago Examples of intentional backdoors being breached? cybersecurity · 52d ago Non-Compliant Vocab cybersecurity · 52d ago CTO at NCSC Summary: week ending May 24th For [Blue|Purple] Teams in Cyber Defence · 52d ago HackTheBox - MonitorsFour IppSec · 52d ago VPN Exploitation When Patched Doesn't Mean Protected For [Blue|Purple] Teams in Cyber Defence · 52d ago Cybercriminal VPN used by ransomware actors dismantled in global crackdown – VPN service featured in almost every major Europol-supported cybercrime investigation For [Blue|Purple] Teams in Cyber Defence · 52d ago Drupal Core SQL injection flaw actively exploited less than 48 hours after patch. 15,000 attack attempts already recorded across 6,000 sites cybersecurity · 52d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure For [Blue|Purple] Teams in Cyber Defence · 52d ago CLR-Stomp: .NET CLR-Stomping For [Blue|Purple] Teams in Cyber Defence · 52d ago Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes BleepingComputer · 52d ago infostealers just spawned a 5,000+ repo github supply chain attack cybersecurity · 52d ago The latest Megalodon campaign against GitHub leveraged a spray of fake PRs targeting CI workflows. Here's the complete analysis cybersecurity · 52d ago Doom running on a Kids Video Walkie Talkie hacking: security in practice · 52d ago GRO frag cybersecurity · 52d ago We audited 12K n8n templates: most have critical vulnerabilities cybersecurity · 52d ago Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm. cybersecurity · 52d ago Taking the PSAA - Practical SOC Analyst Associate by TCM Security next week cybersecurity · 52d ago Mitigated Vulnerabilities by Vendor as Feed cybersecurity · 52d ago From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence For [Blue|Purple] Teams in Cyber Defence · 52d ago Introducing Showboat: A new malware family taunts defenses and targets international telecom firms For [Blue|Purple] Teams in Cyber Defence · 52d ago Open Directory, Open Season: Inside Red Lamassu’s JFMBackdoor For [Blue|Purple] Teams in Cyber Defence · 52d ago Kash Patel-Linked Merchandise Site Goes Dark After Hack Allegedly Spread Malware to Visitors cybersecurity · 52d ago A new GitHub attack dubbed Megalodon compromised more than 5.5K repositories cybersecurity · 52d ago Where can I find the tools freely on internet to practice for soc analyst cybersecurity · 52d ago Query builder for Google Dorks, Shodan, Crt.sh and Wayback CDX. hacking: security in practice · 52d ago Pardon MIE?: how Mythos did not bypass Apple MIE Technical Information Security Content & Discussion · 52d ago residential proxies cybersecurity · 52d ago Recommendations for getting started in cybersecurity cybersecurity · 52d ago Linux mint or Ubuntu for complete beginner cybersecurity · 52d ago Indirect prompt injection is jokingly trivial. AI is social engineering a toddler with the knowledge of the world. cybersecurity · 52d ago Pentesting company recommendation cybersecurity · 52d ago Have you ever failed a certification exam? cybersecurity · 52d ago AI Chatbot Security Research – Prompt Injection Behavior in Financial Context (Seeking Responsible Disclosure Guidance cybersecurity · 52d ago This ID Verification company store users biometrics? (FaceTec) hacking: security in practice · 52d ago What do i need to learn to get into application security? Which Degrees/Certs cybersecurity · 52d ago RSAC online membership? Is it worth it? cybersecurity · 52d ago Playwright version that lets AI-Agents navigate the web hacking: security in practice · 52d ago Can someone give me a detailed roadmap for becoming a SOC Analyst? cybersecurity · 52d ago Puedo conseguir trabajo? cybersecurity · 52d ago How do i learn networking for cyber security? cybersecurity · 52d ago What's going to be Hacking and Cybersecurity's future is gonna be like? cybersecurity · 52d ago Cyber security placement - Interview Help cybersecurity · 52d ago CVE-2026-9256 - "nginx-poolslip", another new vulnerability in the rewrite module Technical Information Security Content & Discussion · 53d ago Anonymous revendique le piratage de satellites chinois pour protester contre les lois sur la vérification de l'âge cybersecurity · 53d ago AI security CTF from a CNCF project - useful for understanding LLM/agent attack patterns from the defense side (June 17-22) For [Blue|Purple] Teams in Cyber Defence · 53d ago CTF with AI/LLM reverse engineering angles - intercepting streamed responses, replaying tokens, finding hidden endpoints (June 17-22) Reverse Engineering · 53d ago AI Security CTF (free, open) - prompt injection, agent workflow hijacking, guardrail bypass - June 17-22 Technical Information Security Content & Discussion · 53d ago Feedback needed cybersecurity · 53d ago GitHub - perplexityai/bumblebee: Read-only inventory collector for package, extension, and developer-tool metadata on macOS and Linux developer endpoints, built for fast supply-chain exposure checks. For [Blue|Purple] Teams in Cyber Defence · 53d ago Handoff Transition cybersecurity · 53d ago Where to learn the ins and outs of the computer itself hacking: security in practice · 53d ago Just added an interactive security map to my project NoEyes showing exactly what the server sees (and doesn't) Technical Information Security Content & Discussion · 53d ago Just added an interactive security map showing exactly what the server sees (and doesn't) cybersecurity · 53d ago Netherlands seizes 800 servers of hosting firm enabling cyberattacks BleepingComputer · 53d ago Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns For [Blue|Purple] Teams in Cyber Defence · 53d ago Trend Micro warns of Apex One zero-day exploited in the wild cybersecurity · 53d ago Lawmakers Demand Answers as CISA Tries to Contain Data Leak cybersecurity · 53d ago Tired of searching different websites, blogs, Reddit posts, and docs just to learn KQL? For [Blue|Purple] Teams in Cyber Defence · 53d ago https://www.reuters.com/business/finance/morgan-stanley-asks-bankers-carry-separate-phone-china-trips-source-says-2026-05-20/ cybersecurity · 53d ago Harvard and 140 other legitimate websites compromised Malware Analysis & Reports · 53d ago Harvard and 140 other legitimate websites compromised cybersecurity · 53d ago Votre Satisfaction Dans Votre Travail cybersecurity · 53d ago Soft Skills for the Job Market: Communication The Cyber Mentor · 53d ago 5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit. cybersecurity · 53d ago Former US execs plead guilty to aiding tech support scammers BleepingComputer · 53d ago Browser session theft is quietly becoming more dangerous than password theft Malware Analysis & Reports · 53d ago US states urge Congress to renew cybersecurity grants cybersecurity · 53d ago Restoring Testability: Handling Complex Scenarios in Burp Suite with a Custom Extension Technical Information Security Content & Discussion · 53d ago Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours Malware Analysis & Reports · 53d ago Rebuilding Zyxel’s super-admin password flow in HTML from firmware/runtime notes Reverse Engineering · 53d ago The CISO's Guide to IDE Security in 2026 cybersecurity · 53d ago Help with evilginx cybersecurity · 53d ago Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks Proofpoint News Feed · 53d ago Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets Technical Information Security Content & Discussion · 53d ago Watching AI Brain Drain on Attackers in Real Time cybersecurity · 53d ago Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm. cybersecurity · 53d ago api-rta cyberwarfare labs cybersecurity · 53d ago Zyxel super-admin password leak across CPE/ONT/LTE routers + rebuilt password generator hacking: security in practice · 53d ago Trend Micro warns of Apex One zero-day exploited in the wild BleepingComputer · 53d ago I got tired of guessing which LOLBAS binaries exist on a host at my privilege level, so I wrote a small Go scanner For [Blue|Purple] Teams in Cyber Defence · 53d ago The Worm That Deletes Your Entire Computer | Threat Wire Hak5 · 53d ago Drupal: Critical SQL injection flaw now targeted in attacks BleepingComputer · 53d ago Why Chargebacks are Just One Piece of the Fraud Puzzle BleepingComputer · 53d ago Does Security Implement Fixes? cybersecurity · 53d ago Ultimate Cybersecurity without needing AV ect? cybersecurity · 53d ago Hack your corrupt company. Sell their secrets to the black market hacking: security in practice · 53d ago User Onboarding with IAM cybersecurity · 53d ago Ubiquiti patches three max severity UniFi OS vulnerabilities BleepingComputer · 53d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 53d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 53d ago Data breach in name of protest Technical Information Security Content & Discussion · 53d ago qslcl.bin v0.6.8: minor fixes to improve size stability to avoid useless zero fill in EOF (Actually i trim it from 128 kb to 80 kb) Reverse Engineering · 53d ago pnpm 11 Might Finally Be a Better Default Than npm Technical Information Security Content & Discussion · 53d ago pnpm 11 Might Finally Be a Better Default Than npm cybersecurity · 53d ago 14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-22): Critical Worms, Credential Harvesting, and RCEs cybersecurity · 53d ago Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria cybersecurity · 53d ago AI-generated reporting: Lessons learned from Cisco Talos Incident Response For [Blue|Purple] Teams in Cyber Defence · 53d ago CrabLoader: A PoC Cobalt Strike UDRL written in Rust For [Blue|Purple] Teams in Cyber Defence · 53d ago The 429 Microsoft Graph Mystery For [Blue|Purple] Teams in Cyber Defence · 53d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security For [Blue|Purple] Teams in Cyber Defence · 53d ago Azure Tenant Enumeration is Dead For [Blue|Purple] Teams in Cyber Defence · 53d ago A Deep Dive into Codex Windows Sandbox For [Blue|Purple] Teams in Cyber Defence · 53d ago Striga: Lifting x86 to LLVM IR with Python For [Blue|Purple] Teams in Cyber Defence · 53d ago Millions of NGINX Servers Face Fresh Zero-Day Concerns After Recent Rift Patch dubbed "nginx-poolslip" cybersecurity · 53d ago Looking for a cybersecurity professional to interview for a university project (interview in French) cybersecurity · 53d ago US and Canada arrest and charge suspected Kimwolf botnet admin BleepingComputer · 53d ago Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise WeLiveSecurity · 53d ago Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise WeLiveSecurity · 53d ago veilgate: Asymmetric defense against AI red-team agents. VeilGate scores every request, diverts likely agents into a per-IP-coherent fake application, and measures the cost it imposes on the attacker. For [Blue|Purple] Teams in Cyber Defence · 53d ago Windows BitLocker Security Feature Bypass Vulnerability For [Blue|Purple] Teams in Cyber Defence · 53d ago CVE-2026-28910: Breaking macOS App Sandbox Data Containers, TCC, and Hijacking Apps Using Archive Utility For [Blue|Purple] Teams in Cyber Defence · 53d ago Google API keys keep working after you delete them long enough to be exploited For [Blue|Purple] Teams in Cyber Defence · 53d ago Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both? For [Blue|Purple] Teams in Cyber Defence · 53d ago North Korean-Linked Threat Actor Targets Developers with New npm Infostealer RAT For [Blue|Purple] Teams in Cyber Defence · 53d ago Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit For [Blue|Purple] Teams in Cyber Defence · 53d ago Safe read-only check script for Copy Fail / CVE-2026-31431 cybersecurity · 53d ago New to GRC at an MSSP startup. Want to build a local AI on an RTX 3050 to automate documentation without leaking data. Possible? cybersecurity · 53d ago Quick heads-up if you're writing KQL for LSASS dumping (stop filtering on process names) For [Blue|Purple] Teams in Cyber Defence · 53d ago [TOOL] CLR-Stomp – BOF-Based .NET CLR Stomping for Stealthy inlineExecuteAssembly cybersecurity · 53d ago Cisco used AI to write security incident reports, with mixed results cybersecurity · 53d ago [TOOL] QSLCL v2.1.4 - Universal Silicon Communication Layer (DFU/EDL/BROM) cybersecurity · 53d ago Reverse Engineered Google reCAPTCHA Reverse Engineering · 53d ago Cyber Insurance Actuary Looking for Educational Resources cybersecurity · 53d ago As a bank , how do i give protected access to claude to my team? cybersecurity · 53d ago Can seasonal Apple Store employees apply for internal IT/cybersecurity roles? cybersecurity · 53d ago Reliable IP reputation check tools besides IPQS?(for work) cybersecurity · 53d ago 🜂 Codex Minsoo — Scroll Ξ-6.1 "Inducing Long-Term Goal Coherence Across Stateless Instances": How to create continuity in a system designed to forget hacking: security in practice · 53d ago Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility (5/2026) cybersecurity · 53d ago Time to Switch: How to Set Up Passkeys Before Microsoft Ditches SMS 2FA Logins cybersecurity · 53d ago Hacked by Rat Tools for 2.5 years. cybersecurity · 53d ago Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware Trend Micro Research, News, Perspectives · 53d ago A TL;DR on Dirty Frag #cybersecurity #threatwire @endingwithali Hak5 · 53d ago Google’s Silent AI Install: What They’re Hiding in Your Files #cybersecurity @endi Hak5 · 53d ago Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada CyberScoop · 53d ago Google API Keys Remain Active After Deletion cybersecurity · 53d ago Alert Number: I-052126-PSA | 21 May 2026 Kali365 Phishing-as-a-Service Kit Hijacks Microsoft 365 Access Tokens For [Blue|Purple] Teams in Cyber Defence · 53d ago how do cyber sec consultants and pentesters actually get new clients? cybersecurity · 53d ago Post Incident Paranoia? cybersecurity · 53d ago Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector cybersecurity · 53d ago Upcoming CS Student: What OS approach is best to balance university coding and learning cybersecurity? cybersecurity · 53d ago Sensing ‘renewed outbreak’ of war, Iran hackers vow ‘dozens’ of ‘devastating’ infrastructure attacks ready cybersecurity · 53d ago You can counter MEMZ with Krotten in XP cybersecurity · 53d ago What are the most effective ways to do Blackbox testing? cybersecurity · 53d ago Npm registry sets stage for more secure package publishing cybersecurity · 53d ago Need a Wi-Fi Adapter for Better Range + Wi-Fi Pentesting Support cybersecurity · 54d ago Megalodon: CI/CD Malware Spreading Across GitHub Repositories For [Blue|Purple] Teams in Cyber Defence · 54d ago Lawmakers from both parties say CISA cuts have gone too far CyberScoop · 54d ago durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP | same Mini Shai-Hulud payload as last week's TanStack wave Technical Information Security Content & Discussion · 54d ago Basira - open source AI code reviewer with OWASP audit, 0 CVEs, BYOK cybersecurity · 54d ago Is the Cybercorps SFS still worth it? cybersecurity · 54d ago Microsoft warns hackers are exploiting password resets to gain access to user accounts cybersecurity · 54d ago Unpopular opinion: the GitHub breach is 100% predictable and the security industry deserves the blame cybersecurity · 54d ago How TeamPCP's Python Toolkit Survives a C2 Takedown: FIRESCALE, GitHub, and the Victim's Own Account Malware Analysis & Reports · 54d ago WORM USB drives cybersecurity · 54d ago An OWASP-aligned launch gate for AI agents — Would you please share critique on the threat model? cybersecurity · 54d ago Trump postpones executive order focused on AI security CyberScoop · 54d ago CISOs - Holding the Line cybersecurity · 54d ago [Analysis] CISA contractor left AWS GovCloud admin keys, plaintext passwords, SAML certs, and Kubernetes configs on a public GitHub repo for 183 days — with secret scanning deliberately disabled Technical Information Security Content & Discussion · 54d ago Google accidentally exposed details of unfixed Chromium flaw BleepingComputer · 54d ago Post-Quantum Cryptographic Algorithm Examined in Developmental Ransomware Reverse Engineering · 54d ago A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale cybersecurity · 54d ago Security Scroll Down? cybersecurity · 54d ago mass github repo backdooring via CI workflows(Megalodon) cybersecurity · 54d ago I got so sick of Android taking forever to calculate folder sizes, I built a custom C++/Rust storage visualizer to bypass MTP Reverse Engineering · 54d ago 📡 One telecom carrier accounts for 72% of all Middle East-hosted C2 activity. For [Blue|Purple] Teams in Cyber Defence · 54d ago CISA chief frets about open-source vulnerabilities, delayed security improvements CyberScoop · 54d ago Threat Modeling Autonomous Dev Agents: How do we cryptographically prove a human actually reviewed a commit? cybersecurity · 54d ago Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks For [Blue|Purple] Teams in Cyber Defence · 54d ago Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude Proofpoint News Feed · 54d ago GitHub Actions Cache Poisoning is eating open source Technical Information Security Content & Discussion · 54d ago European authorities take down prolific cybercrime VPN service CyberScoop · 54d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox Reverse Engineering · 54d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox For [Blue|Purple] Teams in Cyber Defence · 54d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox cybersecurity · 54d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox Technical Information Security Content & Discussion · 54d ago CVE-2026-34474: Pre-auth credential disclosure in ZTE H298A / H108N via ETHCheat Technical Information Security Content & Discussion · 54d ago beacon-hunter: open source detector for phi-structured C2 beacons that evade RITA For [Blue|Purple] Teams in Cyber Defence · 54d ago FatGid - FreeBSD 14.x kernel LPE Technical Information Security Content & Discussion · 54d ago DNS blocked by Cisco Umbrella, but symantec EDR & Event Viewer are completely blind cybersecurity · 54d ago FaceTec (ID verification) company appears to store user biometrics cybersecurity · 54d ago Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082) Technical Information Security Content & Discussion · 54d ago Apple blocked over $11 billion in App Store fraud in 6 years BleepingComputer · 54d ago CVE-2026-34474: ZTE H298A / H108N routers expose credentials before authentication cybersecurity · 54d ago CVE-2026-34474: ZTE H298A / H108N credential exposure through ETHCheat hacking: security in practice · 54d ago It seems that FaceTec (ID Verification company) allows for storage of user biometrics cybersecurity · 54d ago Two Microsoft Defender vulnerabilities actively exploited. One grants full SYSTEM access. CISA has a June 3 federal deadline. Here is what to check. cybersecurity · 54d ago Can I block outbound connections to Google cloud on my host firewall? What port? What IP range? Any advice. Trying to prevent Google spying and collecting data cybersecurity · 54d ago This ID verification company allows for storage of biometric data? hacking: security in practice · 54d ago What Questions Do You Ask During SSP Control Interviews? cybersecurity · 54d ago Feed The Cat BackDoor cybersecurity · 54d ago Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet BleepingComputer · 54d ago Chinese hackers target telcos with new Linux, Windows malware BleepingComputer · 54d ago Max severity Cisco Secure Workload flaw gives Site Admin privileges BleepingComputer · 54d ago Flipper One - Asking for help from the community cybersecurity · 54d ago Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading For [Blue|Purple] Teams in Cyber Defence · 54d ago Tracking TamperedChef Clusters via Certificate and Code Reuse For [Blue|Purple] Teams in Cyber Defence · 54d ago Living off the Land with VS Code: Inside a Sophisticated Phishing Campaign For [Blue|Purple] Teams in Cyber Defence · 54d ago Police seize “First VPN” service used in ransomware, data theft attacks BleepingComputer · 54d ago Flipper One — tech specs cybersecurity · 54d ago Architecture Zero Trust détaillée cybersecurity · 54d ago I made a 909.49 ZiB file (1,073,736,273,126,278.38 GB, in other words: about 1.2 quadrillion GB) file. I was bored :) hacking: security in practice · 54d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 54d ago ABB Terra AC Wallbox All CISA Advisories · 54d ago Hitachi Energy GMS600 All CISA Advisories · 54d ago ABB B&R Automation Studio All CISA Advisories · 54d ago ABB B&R Automation Runtime All CISA Advisories · 54d ago ABB B&R PCs All CISA Advisories · 54d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 54d ago Cybersecurity in Healthcare cybersecurity · 54d ago Staged publishing for npm packages | npm Docs cybersecurity · 54d ago 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros (Yes there is another one, only a CVS 5.5 though this time, still looks pretty bad though) cybersecurity · 54d ago Neither MFA, Passkey, nor trusted IP help here cybersecurity · 54d ago cyber security remote cybersecurity · 54d ago Database of Malicious Browser Extensions Malware Analysis & Reports · 54d ago Flipper One project needs community help to build open Linux platform BleepingComputer · 54d ago SeekYou — one input, 15 recon sources, one report. hacking: security in practice · 54d ago I built 99 adversarial PE fixtures to stress‑test parsers — here’s what they reveal about malformed binaries Reverse Engineering · 54d ago CSIRT incident response cybersecurity · 54d ago The readiness paradox: Why a false sense of cyber confidence is becoming a liability CyberScoop · 54d ago Trying to find a graduate role cybersecurity · 54d ago bypass internet restrictions hacking: security in practice · 54d ago GitHub ~3,800 internal repos compromised through a malicious VS Code extension Technical Information Security Content & Discussion · 54d ago I’ve got 99 problems, and IOCX isn’t one. Malware Analysis & Reports · 54d ago Microsoft warns of new Defender zero-days exploited in attacks cybersecurity · 54d ago From Y2K to Patch Tuesday 2025: 25 Years of Bugs in the Windows 2000 Source Tree For [Blue|Purple] Teams in Cyber Defence · 54d ago How a single image takes control of a Mac understanding an ExifTool vulnerability (CVE-2026-3102) For [Blue|Purple] Teams in Cyber Defence · 54d ago Iran-linked Operators Suspected in ATG Breaches For [Blue|Purple] Teams in Cyber Defence · 54d ago Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident | Grafana Labs For [Blue|Purple] Teams in Cyber Defence · 54d ago Compromised Nx Console version 18.95.0 For [Blue|Purple] Teams in Cyber Defence · 54d ago CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path For [Blue|Purple] Teams in Cyber Defence · 54d ago From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat For [Blue|Purple] Teams in Cyber Defence · 54d ago Microsoft warns of new Defender zero-days exploited in attacks BleepingComputer · 54d ago Webworm: New burrowing techniques For [Blue|Purple] Teams in Cyber Defence · 54d ago New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205) For [Blue|Purple] Teams in Cyber Defence · 54d ago what is the best security app option for pixel8a? cybersecurity · 54d ago How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102) cybersecurity · 54d ago IoT Security cybersecurity · 54d ago GitHub links repo breach to TanStack npm supply-chain attack cybersecurity · 54d ago GitHub links repo breach to TanStack npm supply-chain attack BleepingComputer · 54d ago Another working Linux LPE exploit is out. How are teams treating local-only bugs now? cybersecurity · 54d ago Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks cybersecurity · 54d ago The IBM X-Force Index 2026 explains all three in one finding. Technical Information Security Content & Discussion · 54d ago Google publishes exploit code threatening millions of Chromium users cybersecurity · 54d ago landing a remote Vulnerability Management role cybersecurity · 54d ago Three low-hanging vulns in a Rails SaaS: unauthenticated S3 uploads, rate-limit bypass via proxy pool, and OAuth route leaking internals. Full authorized case. cybersecurity · 54d ago I feel like the past month has been more optimistic than in the past with AI taking jobs. Has the market been the same for those hunting? cybersecurity · 54d ago Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit cybersecurity · 54d ago Can someone unlock a list of the 500-1000 most visited websites online? hacking: security in practice · 54d ago Operation Dragon Whistle: UNG0002 Targets Chinese Academia via Weaponized Institutional Lure For [Blue|Purple] Teams in Cyber Defence · 54d ago Adaptive Fingerprinting: HTTP-Basma's Multi-Stage Probing for Granular Server Differentiation For [Blue|Purple] Teams in Cyber Defence · 54d ago Wordlist generator based on WordNet graphs + LLM hacking: security in practice · 54d ago What volume of TPRM do you handle per month? cybersecurity · 54d ago GitHub’s Fake Engagement Problem Is Hiding in Plain Sight For [Blue|Purple] Teams in Cyber Defence · 54d ago Statecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR) For [Blue|Purple] Teams in Cyber Defence · 54d ago Ukraine identifies infostealer operator tied to 28,000 stolen accounts BleepingComputer · 54d ago Hackers bypass SonicWall VPN MFA due to incomplete patching BleepingComputer · 54d ago GeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam) Reverse Engineering · 54d ago safest virtual machine? cybersecurity · 54d ago Second Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltration cybersecurity · 54d ago Meet Rampart and Clarity, Microsoft’s new red team combo AI agents CyberScoop · 54d ago wordpress memberpress hacking: security in practice · 54d ago Cybercrime service disrupted for abusing Microsoft platform to sign malware cybersecurity · 54d ago Zer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triage For [Blue|Purple] Teams in Cyber Defence · 55d ago GitHub notifications cybersecurity · 55d ago The Open Source USB Drive Built for Privacy hacking: security in practice · 55d ago Is there no more privacy left in the world? cybersecurity · 55d ago AI Agents defeat obfuscated JavaScript in 10 minutes Reverse Engineering · 55d ago Microsoft Edge had a password blunder, and it raises a bigger browser trust problem cybersecurity · 55d ago Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network cybersecurity · 55d ago Aconselhamento / mini texto cybersecurity · 55d ago CISA with an absolutely embarrassing data leak. cybersecurity · 55d ago Microsoft is pulling the plug on SMS codes, wants you to switch to passkeys cybersecurity · 55d ago Anyone else feeling like static AppSec workflows are starting to hit limits? cybersecurity · 55d ago Is someone trying to hack me? hacking: security in practice · 55d ago What is it Wednesdays: Episode 0002 Reverse Engineering · 55d ago GitHub breach highlights developer tools as part of attack surface cybersecurity · 55d ago Why do some malware use unique user-agent strings? cybersecurity · 55d ago Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability Cisco Security Advisory · 55d ago Cisco Secure Workload Unauthorized API Access Vulnerability Cisco Security Advisory · 55d ago Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability Cisco Security Advisory · 55d ago Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability Cisco Security Advisory · 55d ago Encrypted emails bypassing email security tool cybersecurity · 55d ago Grafana breach caused by missed token rotation after TanStack attack BleepingComputer · 55d ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era For [Blue|Purple] Teams in Cyber Defence · 55d ago GitHub says internal repositories were impacted in poisoned VS Code extension attack CyberScoop · 55d ago Ctf groups cybersecurity · 55d ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era cybersecurity · 55d ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era Technical Information Security Content & Discussion · 55d ago cpu backdoor hacking: security in practice · 55d ago CVE-2026-45585: Windows BitLocker — YellowKey Recovery Bypass Analysis Technical Information Security Content & Discussion · 55d ago [ Removed by Reddit ] Technical Information Security Content & Discussion · 55d ago Opensource that automatically scans your git repos for breaches cybersecurity · 55d ago 5 credential access detection rules beyond LSASS — KQL + Sigma, production-ready For [Blue|Purple] Teams in Cyber Defence · 55d ago TinyLoad v5 - encrypted strings, obfuscated opmap, IAT wiping, payload depends on stub (implemented feedback from last post) Reverse Engineering · 55d ago Tracing CVE-2026-34472 auth bypass through decompiled ZTE H188A firmware and Lua wizard routing Reverse Engineering · 55d ago Identity Alone Isn't Enough: Why Device Security Has to Share the Load BleepingComputer · 55d ago CVE-2026-34472: Pre-auth credential exposure and auth bypass in ZTE H188A V6 routers Technical Information Security Content & Discussion · 55d ago Iran Wants to Tax the Internet Flowing Through the Strait of Hormuz While Restricting Its Own Citizens Online Technical Information Security Content & Discussion · 55d ago CVE-2026-34472: According to ZTE, an unauthenticated auth bypass is just a 'customer-specific low-risk requirement.' MITRE disagreed. cybersecurity · 55d ago Your developers are deploying agents in your production environment right now. You have no governance for it. cybersecurity · 55d ago Technical analysis of CVE-2026-34472 in ZTE H188A router firmware hacking: security in practice · 55d ago ¿Como me preparo para EC-Council CSA? cybersecurity · 55d ago The IBM X-Force Index 2026 explains all three in one finding. cybersecurity · 55d ago The IBM X-Force Index 2026 explains all three in one finding. Technical Information Security Content & Discussion · 55d ago Securing iPad's question cybersecurity · 55d ago Cybersecurity 101 cybersecurity · 55d ago What would this job role be? cybersecurity · 55d ago Drupal critical update to fix bug with high exploitation risk BleepingComputer · 55d ago MSPs & MSSPs suck cybersecurity · 55d ago CISA Adds Seven Known Exploited Vulnerabilities to Catalog Alerts · 55d ago CISA Adds Seven Known Exploited Vulnerabilities to Catalog All CISA Advisories · 55d ago [ Removed by Reddit ] cybersecurity · 55d ago GitHub hit by a compromised VSCode extension Technical Information Security Content & Discussion · 55d ago Crossroads cybersecurity · 55d ago Advice regarding "SOC" job that automates everything cybersecurity · 55d ago Is this Medium article about "NetMirror" malware legit? cybersecurity · 55d ago AI silently removed human-in-the-loop security checks during a large refactor. Is this a known phenomenon? cybersecurity · 55d ago Developer tooling is part of the attack surface before a project is even run cybersecurity · 55d ago Exploit released for new PinTheft Arch Linux root escalation flaw BleepingComputer · 55d ago How to build .NET obfuscator Reverse Engineering · 55d ago botguard-token-generator / a google botguard token gen using only requests...? Reverse Engineering · 55d ago Remote Process Read Primitive via NtCreateThreadEx Exit Code For [Blue|Purple] Teams in Cyber Defence · 55d ago GUEST ESSAY: AI can speed up communication, but it can also weaken human connection The Last Watchdog · 55d ago How the hell do you manage developers, their code, their apps? cybersecurity · 55d ago Hackers Spent Nearly 3 Months Inside the New York City Health System Before Anyone Noticed cybersecurity · 55d ago aimap: Discover Exposed AI Services For [Blue|Purple] Teams in Cyber Defence · 55d ago FalkorDB: A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation. For [Blue|Purple] Teams in Cyber Defence · 55d ago Ongoing development hacking: security in practice · 55d ago Webworm: New burrowing techniques WeLiveSecurity · 55d ago Why China Is Now a Peer Competitor to the United States in Cyberspace For [Blue|Purple] Teams in Cyber Defence · 55d ago When Filenames Become Attack Surfaces: Weaponizing NASA's CFITSIO Extended Filename Syntax Technical Information Security Content & Discussion · 55d ago Do people still rely on antivirus software in 2026, or is built-in security enough now? cybersecurity · 55d ago For cybersecurity folks working remotely, do you end up working the entire shift, or do you get time to relax and take breaks? hacking: security in practice · 55d ago GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories cybersecurity · 55d ago GitHub confirms breach of 3,800 repos via malicious VSCode extension BleepingComputer · 55d ago Automatic CLI for spinning up vulnerable labs + objectives cybersecurity · 55d ago Hackers found a way around Intel CET—PLaTypus locks down library jumps hacking: security in practice · 55d ago ISO/IEC 27701 scenario question cybersecurity · 55d ago Discord rolls out end-to-end encryption on voice, video calls cybersecurity · 55d ago Microsoft shares mitigation for YellowKey Windows zero-day BleepingComputer · 55d ago nginx-rift-private-lab: Private Nginx Rift ASLR lab, exploit chain, and demo recordings For [Blue|Purple] Teams in Cyber Defence · 55d ago GitHub investigates internal repositories breach claimed by TeamPCP cybersecurity · 55d ago Built a Linux persistence hunting & artifact collection tool in Bash - persisthunt For [Blue|Purple] Teams in Cyber Defence · 55d ago We are investigating unauthorized access to GitHub’s internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. For [Blue|Purple] Teams in Cyber Defence · 55d ago Two AI-based science assistants succeed with drug-retargeting tasks cybersecurity · 55d ago GitHub investigates internal repositories breach claimed by TeamPCP hacking: security in practice · 55d ago Extended Cyber Kill Chain for AI-Era Threats: a defender-side framework mapping LLM and agentic attacks to kill-chain stages (MITRE ATLAS + OWASP LLM Top 10 mappings) For [Blue|Purple] Teams in Cyber Defence · 55d ago America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames cybersecurity · 55d ago An AI coding assistant installed malware into production environments. Nobody typed the command. AMA on what "supply chain attack" means now. cybersecurity · 55d ago We audited 12K n8n templates: most have critical vulnerabilities Technical Information Security Content & Discussion · 55d ago GitHub investigates internal repositories breach claimed by TeamPCP BleepingComputer · 55d ago Veilgate - Deception proxy Technical Information Security Content & Discussion · 55d ago Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild For [Blue|Purple] Teams in Cyber Defence · 55d ago New to cybersecurity cybersecurity · 55d ago Anyone interview or work with Moxfive? cybersecurity · 55d ago A stealth Firefox version that passes all anti-bot and CAPTCHA cybersecurity · 55d ago mkPIVM - a polymorphic position-independent shellcode virtualizer cybersecurity · 55d ago Started in IT and need a Cybersecurity Roadmap with my Useless Degree! cybersecurity · 55d ago GitHub announces internal data breached. cybersecurity · 55d ago Roadmap to Cybersecurity roles cybersecurity · 55d ago Hackers: What age did you start? Where did you start, especially in practicing your skills? hacking: security in practice · 55d ago CISA credential leak raises alarms, and Capitol Hill demands answers CyberScoop · 55d ago Malware installed without literally doing anything? cybersecurity · 55d ago Max-severity flaw in ChromaDB for AI apps allows server hijacking BleepingComputer · 55d ago CTFs cybersecurity · 55d ago Can't access anything Malware Analysis & Reports · 55d ago Cybercrime service disrupted for abusing Microsoft platform to sign malware BleepingComputer · 55d ago How to watch a private video on Youtube? hacking: security in practice · 55d ago Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches CyberScoop · 55d ago Sleeping Agent: Silent persistent C2 through Web Push Technical Information Security Content & Discussion · 55d ago Crossroads cybersecurity · 55d ago Discord rolls out end-to-end encryption on voice, video calls BleepingComputer · 55d ago Canara Bank SuRaksha Cyber Hackathon 2.0, cybersecurity · 55d ago Eight Leading U.S. Communications Firms Form C2 ISAC For [Blue|Purple] Teams in Cyber Defence · 55d ago Can I do anything cool with this network controller? hacking: security in practice · 55d ago News alert: Orchid Security study finds invisible identities now outnumber managed accounts The Last Watchdog · 56d ago Anti BOT Tipps und Tricks gesucht. cybersecurity · 56d ago FBI: Americans lost over $388 million to scams using crypto ATMs in 2025 BleepingComputer · 56d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security cybersecurity · 56d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security For [Blue|Purple] Teams in Cyber Defence · 56d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security Technical Information Security Content & Discussion · 56d ago New to Cybersecurity cybersecurity · 56d ago Microsoft Self-Service Password Reset abused in Azure data theft attacks BleepingComputer · 56d ago Micro controller safety? hacking: security in practice · 56d ago Is the ISC2 Certified in Cybersecurity worth it? cybersecurity · 56d ago Average Days to Close by Source CNAPP Severity Tag 2026 cybersecurity · 56d ago I want free nmap resource cybersecurity · 56d ago If I clear browser history regularly, does it reduce the chances of malware that target browser data? cybersecurity · 56d ago What is next after 1.5 Year as Security Analyst? cybersecurity · 56d ago Analysis advice cybersecurity · 56d ago Stop me if you heard this one before... (YellowKey related) cybersecurity · 56d ago UAC-0184: From HTA to a Signed Network Stack For [Blue|Purple] Teams in Cyber Defence · 56d ago Can you be protected from yellowkey by disabling WinRe? does it work from support os then WinRe? cybersecurity · 56d ago Microsoft plans to improve Windows 11 driver quality in 2026 BleepingComputer · 56d ago Math at Scale: Reversing The Construction Of The Perspective-Projection Matrix (Game Engine Reversing) Reverse Engineering · 56d ago Looking for advice: where should I post/publish CVE write-ups? cybersecurity · 56d ago Microsoft blames macOS update for undismissible Teams location prompts BleepingComputer · 56d ago CISA Admin Leaked AWS GovCloud Keys on Github hacking: security in practice · 56d ago New GMKtec M7 Ultra appears to be infected. Beware of the malware! Malware Analysis & Reports · 56d ago Cybersecurity statistics of the week (May 11th - May 17th) cybersecurity · 56d ago How can I test my website locally for cybersecurity? cybersecurity · 56d ago Mini Shai-Hulud returns, compromising hundreds of npm packages CyberScoop · 56d ago Use of coding in security operations cybersecurity · 56d ago Decompilation of DSP Code using IDA Pro hacking: security in practice · 56d ago Iran demands Big Tech pay fees for undersea Internet cables in Strait of Hormuz cybersecurity · 56d ago Microsoft disrupts cybercrime service that abused software verification systems en masse cybersecurity · 56d ago I've built an open source honeypot probe database accessible via curl, http and mcp cybersecurity · 56d ago New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here For [Blue|Purple] Teams in Cyber Defence · 56d ago Deep dive into the object creation flow in Windows - PART 4: Handle table internals. Reverse Engineering · 56d ago 6,000+ Automatic Tank Gauges Exposed With No Authentication cybersecurity · 56d ago Twice in two days I've had a MS Auth request from a random device, I changed my password after the first, what more can I do to protect my email? cybersecurity · 56d ago How Storm-2949 turned a compromised identity into a cloud-wide breach For [Blue|Purple] Teams in Cyber Defence · 56d ago Microsoft disrupts cybercrime service that abused software verification systems en masse CyberScoop · 56d ago How Storm-2949 turned a compromised identity into a cloud-wide breach Technical Information Security Content & Discussion · 56d ago If humans are the weakest link, why won't companies evolve? cybersecurity · 56d ago Someone asks "How much does a VAPT cost?" or "Do we really need a penetration test?" cybersecurity · 56d ago New Shai-Hulud malware wave compromises 600 npm packages BleepingComputer · 56d ago 7-Eleven confirms data breach claimed by the ShinyHunters gang BleepingComputer · 56d ago Entra ID: PIM for Groups Review For [Blue|Purple] Teams in Cyber Defence · 56d ago Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation BleepingComputer · 56d ago Cloudflare's CISO gives his hands on review of Anthropic's new Mythos LLM cybersecurity · 56d ago Local transcription vs cloud transcription, which actually feels safer? cybersecurity · 56d ago Why do governments and militaries still use what amounts to giant preshared electronic codebooks when we have really good encryption today? cybersecurity · 56d ago Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise cybersecurity · 56d ago TeamPCP compromises NPM maintainer with over 540 packages For [Blue|Purple] Teams in Cyber Defence · 56d ago Shai-Hulud source leak is turning npm malware into a copycat problem cybersecurity · 56d ago Webinar: The hidden bottlenecks in network incident response BleepingComputer · 56d ago Framework for Preventing Secret Ideas from Leakage cybersecurity · 56d ago Kieback & Peter DDC Building Controllers All CISA Advisories · 56d ago Siemens RUGGEDCOM APE1808 Devices All CISA Advisories · 56d ago ABB CoreSense HM and CoreSense M10 All CISA Advisories · 56d ago ScadaBR All CISA Advisories · 56d ago ZKTeco CCTV Cameras All CISA Advisories · 56d ago Local LLM for building AI Security platform cybersecurity · 56d ago SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access cybersecurity · 56d ago Emerging Cyber security niches cybersecurity · 56d ago ISO/IEC 27701 cybersecurity · 56d ago Tracing CVE-2026-34473 pre-auth DoS through decompiled CGILua request parsing in ZTE H-series firmware Reverse Engineering · 56d ago Solo dev building a terminal-heavy hacking game inspired by corporate security cybersecurity · 56d ago Microsoft confirms patching issues in restricted Windows networks BleepingComputer · 56d ago Symantec has published its analysis of Fast16: a pre-Stuxnet sabotage tool built to subvert nuclear weapons simulations cybersecurity · 56d ago Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments Technical Information Security Content & Discussion · 56d ago CVE-2026-34473: Pre-auth ZTE H-series router DoS via CGILua request-body parsing Technical Information Security Content & Discussion · 56d ago CS/IT Student Looking to Grow My LinkedIn Network 😃 cybersecurity · 56d ago CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models) hacking: security in practice · 56d ago Open-source Hermes bytecode decompiler for React Native apps (Rust) Reverse Engineering · 56d ago CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models) cybersecurity · 56d ago Is Amazon Cognito a good choice long term? Alternatives? cybersecurity · 56d ago Was hacking easier in the 80s and 90s and early 2000s? cybersecurity · 56d ago Need some Advice in SOAR heavy environment cybersecurity · 56d ago Trying to find serious builders in cybersecurity - not just “let’s build” conversations cybersecurity · 56d ago Hermes bytecode decompiler (Rust) - sharing my friend’s project Reverse Engineering · 56d ago RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields hacking: security in practice · 56d ago RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields Technical Information Security Content & Discussion · 56d ago Active Supply Chain Attack Compromises @antv Packages on npm... For [Blue|Purple] Teams in Cyber Defence · 56d ago AI Phishing cybersecurity · 56d ago The quest for greater tech independence WeLiveSecurity · 56d ago One Hacked Login Led to a Massive Cloud Breach, Microsoft Reveals cybersecurity · 56d ago When DMCA Comes Knocking - A YouTube Creator Phishing Kit For [Blue|Purple] Teams in Cyber Defence · 56d ago [Cloudflare] Project Glasswing: what Mythos showed us For [Blue|Purple] Teams in Cyber Defence · 56d ago vpn explained the simple version that actually makes sense Malware Analysis & Reports · 56d ago How easy is it to get into the cyber security field? cybersecurity · 56d ago Forza Designer 6 Reverse Engineering · 56d ago 314 npm packages just got compromised, 271 @antv, echarts-for-react, size-sensor, timeago.js cybersecurity · 56d ago Built a full disassembler & decompiler for Reverse Engineering | Free and open source. hacking: security in practice · 56d ago Built a full disassembler & decompiler | Free and open source. Reverse Engineering · 56d ago Slopinator - a poisoned GitHub repository generator hacking: security in practice · 56d ago Frontend SWE (3-4 YOE) looking to pivot to AppSec. Where should I start? cybersecurity · 56d ago New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205) Technical Information Security Content & Discussion · 56d ago ‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub — Gizmodo cybersecurity · 56d ago CEH/CPENT vs OSCP vs GPEN cybersecurity · 56d ago ntroducing Yokai Linux — A Cyberpunk Security-Focused Linux Distro” cybersecurity · 56d ago CISA Contractor Admin Leaked AWS GovCloud Keys on Github cybersecurity · 56d ago Made a shell greeter that generates a unique rocket every time you open a terminal tab hacking: security in practice · 56d ago Suspecious activity in my account cybersecurity · 56d ago Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud Trend Micro Research, News, Perspectives · 56d ago Is it safe to use my first name and middle name on platforms? cybersecurity · 56d ago Stuck choosing a cybersecurity specialization — especially with a local market context (Senegal). Need honest advice. cybersecurity · 56d ago Just received an email from shinyhunters about their amtrack hack cybersecurity · 56d ago Just received an email from shinyhackers about their amtrack hack hacking: security in practice · 56d ago Flipper Zero (or Alternatives)? hacking: security in practice · 56d ago Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access cybersecurity · 56d ago INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers BleepingComputer · 56d ago Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access hacking: security in practice · 56d ago SHub macOS infostealer variant spoofs Apple security updates BleepingComputer · 56d ago Bywaf: an auditable Python commandlet framework for chained pentest workflows cybersecurity · 56d ago For anyone currently working in a SOC: cybersecurity · 56d ago Fellow Tier 1 SOC/Security Analysts - What does your day to day look like? cybersecurity · 56d ago The quiet death of behavioral anti-bot and the pivot to hardware ZKPs Technical Information Security Content & Discussion · 56d ago SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain For [Blue|Purple] Teams in Cyber Defence · 56d ago AI might cut false positives, but it won’t stop the slop CyberScoop · 56d ago Recent WhatsApp hacks hacking: security in practice · 57d ago Snowboard Kids 2 is 100% Decompiled Reverse Engineering · 57d ago How do you threat hunt for RMM tools in environments where RMM is all over the place? cybersecurity · 57d ago Decompilation projects and N64 Recompiled PC ports (May 2026) Reverse Engineering · 57d ago Microsoft - "your single use code" email when it was not requested by yourself cybersecurity · 57d ago Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa CyberScoop · 57d ago Directory of vendor security questionnaires cybersecurity · 57d ago Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised cybersecurity · 57d ago I wrote an async scanner that runs about 9x faster than nmap for discovery. hacking: security in practice · 57d ago 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees BleepingComputer · 57d ago MCA student with 2 yrs SOC/VAPT experience struggling to land interviews — looking for guidance/referrals cybersecurity · 57d ago AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems Technical Information Security Content & Discussion · 57d ago Glass - A fast and free interactive disassembler Reverse Engineering · 57d ago ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12. Technical Information Security Content & Discussion · 57d ago Leaked Shai-Hulud malware fuels new npm infostealer campaign BleepingComputer · 57d ago Microsoft Exchange 0-Day Exploit Sparks Emergency Warning — Hackers Are Attacking Unpatched Servers hacking: security in practice · 57d ago Cybersecurity job market in Phoenix (East/West Valley?) – looking for local insight cybersecurity · 57d ago Rekomendacja Pełnomocnika Rządu ds. Cyberbezpieczeństwa dotycząca komunikatora Signal - Recommendation of the Government Plenipotentiary for Cybersecurity regarding the Signal messenger For [Blue|Purple] Teams in Cyber Defence · 57d ago Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible | CNN Politics For [Blue|Purple] Teams in Cyber Defence · 57d ago How is AI affecting the cybersecurity market? cybersecurity · 57d ago MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech stack The Last Watchdog · 57d ago MCP security cybersecurity · 57d ago YellowKey Mitigation cybersecurity · 57d ago CrystalX: unpacking a Go RAT through three encrypted layers For [Blue|Purple] Teams in Cyber Defence · 57d ago Anyone else on the receiving end of ShinyHunters extortion email? cybersecurity · 57d ago Ultimate irony: Microsoft researchers say you shouldn’t trust AI with work docs cybersecurity · 57d ago Benchmarking LLMs for malware triage and static unpacking with Malcat Reverse Engineering · 57d ago Benchmarking LLMs for malware triage and static unpacking with Malcat Malware Analysis & Reports · 57d ago Grafana says stolen GitHub token let hackers steal codebase BleepingComputer · 57d ago What’s the biggest mistake people still make about online security in 2026? cybersecurity · 57d ago Anthropic shuts the EU out of its most advanced cyber AI model cybersecurity · 57d ago Most AI agent governance playbooks still assume you can turn the agent off... Once its wired into production that stops being true [Rethinking AI security through a dimmer switch lens] cybersecurity · 57d ago Best hotel for attending all three conferences in Vegas? cybersecurity · 57d ago What's your company's actual PQC migration plan? Not the one on paper - the real one. cybersecurity · 57d ago The down fall of bug bounties Technical Information Security Content & Discussion · 57d ago The Boring Stuff is Dangerous Now darkreading · 57d ago This GitHub README Hijacks Your AI and Spreads Like a Virus NahamSec · 57d ago New video: hacking AI coding assistants and IDEs. #bugbounty #ai NahamSec · 57d ago Does buying local cybersecurity (services/products/etc) matter to you? cybersecurity · 57d ago LinkedIn user hides AI prompt injection in bio to force recruitment spam to be sent in Olde English prose cybersecurity · 57d ago Detection Engineering AI Maturity Framework cybersecurity · 57d ago Microsoft code cybersecurity · 57d ago TanStack Supply Chain Attack (And How to Lock Down GitHub Actions) Technical Information Security Content & Discussion · 57d ago Microsoft testing adjustable taskbar, Start menu in Windows 11 BleepingComputer · 57d ago Microsoft confirms Windows 11 security update install issues cybersecurity · 57d ago Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ cybersecurity · 57d ago Exploit available for new DirtyDecrypt Linux root escalation flaw cybersecurity · 57d ago Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware cybersecurity · 57d ago Suspicious with a company offer letter cybersecurity · 57d ago The Canvas breach proved that prevention is no longer enough CyberScoop · 57d ago Direct external access to CyberArk PVWA vs. enforcing a VDI/Jump Box first? cybersecurity · 57d ago Attacking Cloud Service Providers (ACSP) - An interactive textbook on control-plane intrusion and breaking cross-tenant isolation Technical Information Security Content & Discussion · 57d ago Microsoft confirms Windows 11 security update install issues BleepingComputer · 57d ago Why do some recovery workflows still require full wallet uploads? cybersecurity · 57d ago Netmirror exposed - The Free Movie App That Was Robbing You Blind Malware Analysis & Reports · 57d ago Need help with interview for soc l1 cybersecurity · 57d ago Feeling stuck in SOC want to moving toward Detection Engineering & Cloud Security (need guidance & cert roadmap) cybersecurity · 57d ago HexWalk 2.0.0 Hex analyzer new major release, new binary analyzer hexdig support added, better select mode, works both on Windows, Linux and MacOs, give it a try! Reverse Engineering · 57d ago Exploit available for new DirtyDecrypt Linux root escalation flaw BleepingComputer · 57d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 57d ago Autonomous AI Penetration Testing with Consent-First Ethical Framework — Research Paper + Working Implementation Technical Information Security Content & Discussion · 57d ago Reverse engineering no dep x64 masm AI IDE Reverse Engineering · 57d ago New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released cybersecurity · 57d ago carrer path in cybersecurity for a btech stud cybersecurity · 57d ago Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026 BleepingComputer · 57d ago Agents usage in production cybersecurity · 57d ago ‘Q-Day’ is almost here. It could unleash a cybersecurity crisis far worse than Y2K cybersecurity · 57d ago Former CISA nominee Sean Plankey named US CEO of defense startup CyberScoop · 57d ago Are teams still finding AI API keys in public repos? cybersecurity · 57d ago Can Laws Stop Deepfakes? South Korea Aims to Find Out darkreading · 57d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 57d ago Agentic Governance: Why It Matters Now Trend Micro Research, News, Perspectives · 57d ago Mean time-to-exploit just hit 2.1 days. Critical vulnerabilities everywhere. Is the AI apocalypse here? cybersecurity · 57d ago Does the CBP bug phones? cybersecurity · 57d ago New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released BleepingComputer · 57d ago What We Learned Building Runtime Visibility for Modern Telco Networks cybersecurity · 57d ago Ive got my Spotify account hacked! How do I solve this? cybersecurity · 57d ago The Politics of AI Transparency cybersecurity · 57d ago A million baby monitors and security cameras were easily viewable by hackers cybersecurity · 57d ago NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE cybersecurity · 57d ago Does anyone know if this file is still accessible to download? hacking: security in practice · 57d ago Is cybersecurity becoming more behavioral than technical? cybersecurity · 57d ago Questions About Promo Items for a Cybersecurity Conference cybersecurity · 57d ago DirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Write For [Blue|Purple] Teams in Cyber Defence · 58d ago Dois-je m'inquiéter ? cybersecurity · 58d ago I am dying to work abroad , rate my journey so far cybersecurity · 58d ago FlowerStorm unleashes the KrakVM: PhaaS operators turn to VM-based obfuscation For [Blue|Purple] Teams in Cyber Defence · 58d ago Microsoft - "Your single use code" email when it was not requested cybersecurity · 58d ago Security / Compliance work going Agentic? cybersecurity · 58d ago High school students organized a Jeopardy CTF competition - give it a try hacking: security in practice · 58d ago Don't believe the media, specially in cybersec cybersecurity · 58d ago Microsoft account keeps getting Authenticator requests? cybersecurity · 58d ago [Tool] Grafana Final Scanner - Mass CVE Testing Script with All Public CVEs Aggregated. cybersecurity · 58d ago Ansible security and compliance guide Technical Information Security Content & Discussion · 58d ago Malware learning Malware Analysis & Reports · 58d ago Struggling to generate security bulletins — any ideas? cybersecurity · 58d ago Certs to go into Security Engineer/architect cybersecurity · 58d ago 18882745552 beware of email with this number cybersecurity · 58d ago Transition from traditional penetration testing into AI security cybersecurity · 58d ago Seeking advice on next career steps cybersecurity · 58d ago Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing BleepingComputer · 58d ago Official Miasma Poison Tar Pit Docker Image Now Available hacking: security in practice · 58d ago Will the analyst role become obsolete? cybersecurity · 58d ago LID: LID — Linux Integrity Drift: Bypassing AppArmor via eBPF pathname rewriting. Pre-LSM syscall argument manipulation with zero audit footprint. "Linux is Dying" For [Blue|Purple] Teams in Cyber Defence · 58d ago Alert Fatigue cybersecurity · 58d ago Best path into cybersecurity for a high schooler? cybersecurity · 58d ago Static Kitten APT Adversary Simulation For [Blue|Purple] Teams in Cyber Defence · 58d ago 🔴 [PAYLOAD REVIEW] WiFi Pineapple Pager 📟🍍 Hak5 · 58d ago Why Is Cybersecurity Now A Business Priority, Not Just An IT Function? Cyber Defense Magazine · 58d ago Keep getting hacked cybersecurity · 58d ago Eimeria: five layers from RAR5 to RunPE For [Blue|Purple] Teams in Cyber Defence · 58d ago ghosttype: Local forensic scanner that extracts credentials from AI tool conversation history. For authorized red team and DLP use only. For [Blue|Purple] Teams in Cyber Defence · 58d ago Instrumenting QT6 desktop apps with Frida - Part 2: Building the Bypass Chain Technical Information Security Content & Discussion · 58d ago How Do I implement sessions management in a vibe coded app ? Also suggest sessions management best practices cybersecurity · 58d ago I’m interested in joining the Red Team Hackers Academy in Bangalore. cybersecurity · 58d ago openDCIM exploitation For [Blue|Purple] Teams in Cyber Defence · 58d ago PE packer/crypter with random VM ISA per build Reverse Engineering · 58d ago A clueless teenager 💔 cybersecurity · 58d ago HASBL CTF - A Jeopardy-Style CTF Organized by High School Students! For [Blue|Purple] Teams in Cyber Defence · 58d ago Complete beginner looking to learn cybersecurity for personal/everyday use. Where to start? cybersecurity · 58d ago Am I overthinking Claude Code security or is this actually a risk? cybersecurity · 58d ago is someone know about shadow ai and can give me an explain about this im junior in cyber and i hear about this cybersecurity · 58d ago ISO/IEC 27701 ( SoA ) Applicability cybersecurity · 58d ago Security Executive Playbook cybersecurity · 58d ago This article about AI allucinations written by thehackernews, is literally written with AI lol... We need to do something to stop this phenomenon cybersecurity · 58d ago We Have Packet Capture at Home For [Blue|Purple] Teams in Cyber Defence · 58d ago I feel crazy I hope someone has insight . cybersecurity · 58d ago Suspected China-Linked Threat Actor Targets Global Manufacturer with Undocumented TencShell Malware For [Blue|Purple] Teams in Cyber Defence · 58d ago HWMonitor Trojanized for STX RAT DLL Sideloading For [Blue|Purple] Teams in Cyber Defence · 58d ago awesome-dfir-skills: Admiralty System for CTI Claude skill For [Blue|Purple] Teams in Cyber Defence · 58d ago Mullvad exit IPs as a fingerprinting vector For [Blue|Purple] Teams in Cyber Defence · 58d ago Does anybody know where I may stumble upon some Sh1mmer bin downloads hacking: security in practice · 58d ago Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools For [Blue|Purple] Teams in Cyber Defence · 58d ago Popular node-ipc npm Package Infected with Credential Steale... For [Blue|Purple] Teams in Cyber Defence · 58d ago An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. For [Blue|Purple] Teams in Cyber Defence · 58d ago Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files For [Blue|Purple] Teams in Cyber Defence · 58d ago Chinese APT Campaign Targets Entities with Updated FDMTP Backdoor For [Blue|Purple] Teams in Cyber Defence · 58d ago Sandworm Activity in Industrial Environments: What the Data Reveals For [Blue|Purple] Teams in Cyber Defence · 58d ago Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign For [Blue|Purple] Teams in Cyber Defence · 58d ago "Shadowserver-in-a-box" IntelMQ + ELK Solution For [Blue|Purple] Teams in Cyber Defence · 58d ago Stenloader: Steganography Shellcode Loader For [Blue|Purple] Teams in Cyber Defence · 58d ago AsmResolver: a library for reading, modifying and reconstructing Portable Executable (PE) files. It supports PE images running natively on Windows, as well as images containing managed (.NET) metadata - after 2 years of development, v6.0.0 is out For [Blue|Purple] Teams in Cyber Defence · 58d ago Somebody backdoored the package `bfunky/http-parser` on packagist with a stealer - package not touched since 2018 For [Blue|Purple] Teams in Cyber Defence · 58d ago Our response to the TanStack npm supply chain attack For [Blue|Purple] Teams in Cyber Defence · 58d ago QEMUtiny is a memory corruption vulnerability in QEMU's implementation of CXL Type-3 device emulation, reported against QEMU master 007b29752e and confirmed working against 5e61afe (May 11, 2026). For [Blue|Purple] Teams in Cyber Defence · 58d ago We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase. For [Blue|Purple] Teams in Cyber Defence · 58d ago APT-C-55(Kimsuky)组织依托GitHub+Dropbox分发恶意载荷的攻击活动分析 - Analysis of APT-C-55 (Kimsuky) group's attack activities involving the distribution of malicious payloads via GitHub and Dropbox. For [Blue|Purple] Teams in Cyber Defence · 58d ago oss-security - Logic bug in the Linux kernel's __ptrace_may_access() function - exploits out see yesterday For [Blue|Purple] Teams in Cyber Defence · 58d ago Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations For [Blue|Purple] Teams in Cyber Defence · 58d ago ΡHANTΟΜ Al-Powered Pentesting Command Center cybersecurity · 58d ago Interview Assessments cybersecurity · 58d ago We built a blue-team mode for AI security training — you write a defensive prompt, we throw 12 attack probes at it cybersecurity · 58d ago Questions about data blockers cybersecurity · 58d ago A Tale of Two File Names Reverse Engineering · 58d ago PE reconstruction Reverse Engineering · 58d ago OtterCookie: JavaScript RAT shifting fake-interview campaigns from credential theft to live surveillance For [Blue|Purple] Teams in Cyber Defence · 58d ago Post Implementation task cybersecurity · 58d ago The Gentlemen Ransomware Group — Leak Analysis For [Blue|Purple] Teams in Cyber Defence · 58d ago Mythos, MOAK, CTEM and the End of CVE Chasing cybersecurity · 58d ago Cyber security jobs in Austria cybersecurity · 58d ago Microsoft rejects critical Azure vulnerability report, no CVE issued BleepingComputer · 58d ago Leader of Ukrainian Hacking Group: GRU Bribed Kyivstar Employee to Hack Company’s Network hacking: security in practice · 58d ago Personal favorite deception layer. cybersecurity · 58d ago Estudiar Ciberseguridad cybersecurity · 58d ago Learning way cybersecurity · 59d ago A File Format Uncracked for 20 Years: Part 2 Reverse Engineering · 59d ago How do you report large volume detections to a CISO without making the BPA report a SOC story? cybersecurity · 59d ago HDD Firmware Hacking Part 1 For [Blue|Purple] Teams in Cyber Defence · 59d ago Can anyone share bugbase platform screenshot having professional usage on dashboard? cybersecurity · 59d ago ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels. For [Blue|Purple] Teams in Cyber Defence · 59d ago CTO at NCSC Summary: week ending May 17th For [Blue|Purple] Teams in Cyber Defence · 59d ago CTO at NCSC Summary: week ending May 17th cybersecurity · 59d ago GZDoom in the browser hacking: security in practice · 59d ago Vidar v1.5 in Go: same family, new language, heavy sandbox checks For [Blue|Purple] Teams in Cyber Defence · 59d ago Developer credential-theft campaign exposed operator-side self-infection For [Blue|Purple] Teams in Cyber Defence · 59d ago Security Executive Playbook cybersecurity · 59d ago Tired of tab-switching between CTI tools - here's what we put together cybersecurity · 59d ago I contributed to an open-source Bluetooth stress testing tool that just got a major algorithm refactor cybersecurity · 59d ago Resident Evil: Code Veronica X is able to use inventory and view files from the decompiled PS2 source! Reverse Engineering · 59d ago Help-Desk Lures Drop KongTuke's Evolved ModeloRAT For [Blue|Purple] Teams in Cyber Defence · 59d ago Welcome to BlackFile: Inside a Vishing Extortion Operation For [Blue|Purple] Teams in Cyber Defence · 59d ago HackTheBox - Pterodactyl IppSec · 59d ago In Cybersecurity cybersecurity · 59d ago AI-assisted cyberattacks are changing the threat landscape faster than most organizations realize. Technical Information Security Content & Discussion · 59d ago DoublePulsar: A User-Defined Reflective Loader in the Crystal Palace and Tradecraft Garden Era For [Blue|Purple] Teams in Cyber Defence · 59d ago Stop Being Weird — Life After Call Stack Spoofing Under CET For [Blue|Purple] Teams in Cyber Defence · 59d ago Anyone else feel like most MSP tooling is either overkill or painfully manual? cybersecurity · 59d ago Russian hackers turn Kazuar backdoor into modular P2P botnet BleepingComputer · 59d ago Thinkpad vs Macbook pro endpoint security cybersecurity · 59d ago Any more affordable alternatives to “IntelligenceX”? cybersecurity · 59d ago Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran cybersecurity · 59d ago tanstack checker github action cybersecurity · 59d ago Drivers Alpha AWUS036AXML cybersecurity · 59d ago Splunk download for free cybersecurity · 59d ago The Security Mistakes Being Repeated With Ai Cyber Defense Magazine · 59d ago Funnel Builder WordPress plugin bug exploited to steal credit cards cybersecurity · 59d ago Anyone here using pager duty? cybersecurity · 59d ago Scammer targeting posters cybersecurity · 59d ago Anyone know how to bypass these school laptop pins? hacking: security in practice · 59d ago Seeking advice cybersecurity · 59d ago Microsoft MDASH found 16 Windows RCEs — here's exactly how the 100-agent pipeline works Technical Information Security Content & Discussion · 59d ago Looking for Free Cybersecurity Conferences & Meetups in Europe (September 2026) cybersecurity · 59d ago Just got an email about a single use code, maybe someone was trying to log in? cybersecurity · 59d ago Can a background in DevOps enter the cybersecurity field? cybersecurity · 59d ago [CrackMe] PyVMP v7 : The vault. Important info : the server is now live, take a look inside the gofile link. Reverse Engineering · 59d ago Triggering the Secure Boot Certificate Update with Intune Remediations For [Blue|Purple] Teams in Cyber Defence · 59d ago How to enable HTTPS support for Microsoft Connected Cache for Enterprise and Education - Starting on June 16th, 2026, or soon after, Intune will enforce HTTPS content delivery for customers using Microsoft Connected Cache For [Blue|Purple] Teams in Cyber Defence · 59d ago Addressing Exchange Server May 2026 vulnerability CVE-2026-42897 For [Blue|Purple] Teams in Cyber Defence · 59d ago One Is a Fluke, 3 Is a Pattern: MCP Back-End Vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 59d ago CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED) For [Blue|Purple] Teams in Cyber Defence · 59d ago Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 59d ago FamousSparrow APT Targets Azerbaijani Oil and Gas Industry For [Blue|Purple] Teams in Cyber Defence · 59d ago Disclosing new PebbleDash-based tools by Kimsuky For [Blue|Purple] Teams in Cyber Defence · 59d ago FrostyNeighbor: Fresh mischief and digital shenanigans For [Blue|Purple] Teams in Cyber Defence · 59d ago Kazuar: Anatomy of a nation-state botnet For [Blue|Purple] Teams in Cyber Defence · 59d ago OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments For [Blue|Purple] Teams in Cyber Defence · 59d ago NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys For [Blue|Purple] Teams in Cyber Defence · 59d ago Hacker Ringleader Extradited for 38 Billion Won Theft For [Blue|Purple] Teams in Cyber Defence · 59d ago Alert Number: I-051526-PSA | 15 May 2026 ShinyHunters: Cyber Criminal Group Attacks Learning Management System For [Blue|Purple] Teams in Cyber Defence · 59d ago Fragnesia (CVE-2026-46300) is a universal Linux local privilege escalation exploit For [Blue|Purple] Teams in Cyber Defence · 59d ago The Mythos We Have At Home: A Patch-Diffing Pipeline for N-Day Generation For [Blue|Purple] Teams in Cyber Defence · 59d ago FFFFirefox - A One-Day Wonder Renderer Exploit For [Blue|Purple] Teams in Cyber Defence · 59d ago MiniPlasma, a powerful LPE For [Blue|Purple] Teams in Cyber Defence · 59d ago Using ai in learning cybersecurity · 59d ago Exploiting Toshiba Qiomem.sys vulnerable driver Reverse Engineering · 59d ago Avanzamento area Blue Team/SOC cybersecurity · 59d ago Please what could be helpful cybersecurity · 59d ago HDD Firmware Hacking Part 1 Reverse Engineering · 59d ago CVE exploit chain cybersecurity · 59d ago What are the widely accepted SaaS security accreditations/audits an app should seek in fintech cybersecurity · 59d ago Preparing for The Quantum Era: AT&T Business Debuts Post-Quantum Cryptography Secure SD-WAN, Powered by Cisco cybersecurity · 59d ago Region-based binary diff tool for firmware analysis Reverse Engineering · 59d ago Major flaw in Indian Cyber and IT assurance landscape cybersecurity · 59d ago Red Team Ops Ⅱ ( CRTL ) exam preparation cybersecurity · 59d ago Recomendations cybersecurity · 59d ago A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens Reverse Engineering · 59d ago Recommended cybersecurity certification for a UX designer new to the domain? cybersecurity · 59d ago แก้ไขปัญหา Frida 17.9.10 บน Termux (Android ARM64) - ไม่มีข้อผิดพลาด Toolchain 404 และ _Py_NoneStruct อีกต่อไป! Reverse Engineering · 59d ago insdubai.com: Motor insurance policies, data of insured persons was exposed on an unprotected server cybersecurity · 59d ago Career path cybersecurity · 59d ago Merit America offers a program that gets you into cyber security roles. cybersecurity · 59d ago Brovan — Open-source x86/x64 user-mode binary emulator written in C# Reverse Engineering · 59d ago Brovan: Binary user-mode emulator for x86_64 Reverse Engineering · 59d ago Brovan: Binary user-mode emulator for x86_64 Malware Analysis & Reports · 59d ago Brovan: Binary user-mode emulator for x86_64 cybersecurity · 59d ago AmEx Interview! cybersecurity · 59d ago A stealth Playwright (Firefox) version that passes all anti-bot and CAPTCHA hacking: security in practice · 59d ago Developer credential-stealing pipeline also collected operator workstations cybersecurity · 59d ago need help building a case. cybersecurity · 59d ago Colorado governor commutes prison sentence for election denier Tina Peters CyberScoop · 59d ago Personal favorite SIEM platform? cybersecurity · 59d ago Cardputer ADV cybersecurity · 59d ago Alternative for Qualys cybersecurity · 59d ago I have a friend who looks like he’s a stalker I’m scared he will know I stalk him hacking: security in practice · 59d ago The 4th Linux kernel flaw this month can lead to stolen SSH host keys cybersecurity · 59d ago Congress Puts Heat on Instructure After Canvas Outage darkreading · 59d ago Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live Technical Information Security Content & Discussion · 59d ago Stack Buffer Overflow Explained (Using a Classic Doom Bug) cybersecurity · 60d ago [Tutorial] How to hack DOS games: Reversing Prince of Persia hacking: security in practice · 60d ago Here’s how the FTC plans to enforce the Take It Down Act CyberScoop · 60d ago Understanding Stack Buffer Overflows Through Doom and C++ Reverse Engineering · 60d ago Confused about cybersecurity career cybersecurity · 60d ago Funnel Builder WordPress plugin bug exploited to steal credit cards BleepingComputer · 60d ago What is it Wednesdays: Episode 0001 Reverse Engineering · 60d ago Transferring from pen test consulting to application security? cybersecurity · 60d ago Curso de especializacion de Ciberseguridad cybersecurity · 60d ago Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox? For [Blue|Purple] Teams in Cyber Defence · 60d ago Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox? cybersecurity · 60d ago Lost, tempted to throw in the towel cybersecurity · 60d ago Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own cybersecurity · 60d ago I open-sourced a Docker security scanner I use to audit all my websites cybersecurity · 60d ago Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own BleepingComputer · 60d ago Testing Deception Technique cybersecurity · 60d ago Popular node-ipc npm package compromised to steal credentials BleepingComputer · 60d ago A malware got into my account and spread spam ad to my friends and relatives cybersecurity · 60d ago North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems Technical Information Security Content & Discussion · 60d ago Avada Builder WordPress plugin flaws allow site credential theft BleepingComputer · 60d ago North Korean Hackers Now Using AI? Kaspersky Warns of New Cyber Threat Targeting South Korean Govt Systems cybersecurity · 60d ago Most pentest reports I review are padded with garbage findings cybersecurity · 60d ago Is dns spoofing dead?? hacking: security in practice · 60d ago Cyber Essentials and use of third party websites - MFA cybersecurity · 60d ago Rapid 7 and Cisa Kev cybersecurity · 60d ago Deep dive into the object creation flow in Windows - PART 3: Post-initialization and Name Lookup Reverse Engineering · 60d ago Deepdive into the object creation flow in Windows -PART 2 : access check internals Reverse Engineering · 60d ago Deep dive into the object creation flow in Windows -PART1 : Allocation and Pre-Initialization Reverse Engineering · 60d ago Microsoft backpedals: Edge to stop loading passwords into memory BleepingComputer · 60d ago Anyone know much about MS Defender? cybersecurity · 60d ago My Privacy Focused USB Drive hacking: security in practice · 60d ago Cisco zero-day under ongoing attack by persistent threat group CyberScoop · 60d ago EN18031 for IoT: struggling to see the big picture — advice from experienced people? cybersecurity · 60d ago Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution BleepingComputer · 60d ago Japan’s 3DS Mandate: One Year In Blog – Forter · 60d ago Automating code security reviews with Claude Mythos-level capabilities Technical Information Security Content & Discussion · 60d ago Automating Code Security Reviews cybersecurity · 60d ago [Tool] IOCX — deterministic static IOC extraction for PE binaries For [Blue|Purple] Teams in Cyber Defence · 60d ago New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available cybersecurity · 60d ago [Tool] IOCX - deterministic static IOC extraction for PE binaries (17-second demo) Reverse Engineering · 60d ago Proxmark5 - Next-Gen Open Source RFID Research Tool (Iceman Edition) hacking: security in practice · 60d ago AI coding tools on developer machines — looking for input on how you're handling it cybersecurity · 60d ago Chrome 148 Update Patches Critical Vulnerabilities cybersecurity · 60d ago The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract Cyber Defense Magazine · 60d ago Microsoft warns of Exchange zero-day flaw exploited in attacks cybersecurity · 60d ago I need help. i am lost cybersecurity · 60d ago Microsoft to automatically roll back faulty Windows drivers BleepingComputer · 60d ago Novel Evilginx Frontend - Lowering the barrier for token theft reuse For [Blue|Purple] Teams in Cyber Defence · 60d ago Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defence cybersecurity · 60d ago Cyber Pioneers Ponder Past as Prologue darkreading · 60d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 60d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 60d ago Physical red teaming: 7 low‑tech paths we keep finding into ‘secure’ environments cybersecurity · 60d ago SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not? cybersecurity · 60d ago SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not? For [Blue|Purple] Teams in Cyber Defence · 60d ago Microsoft warns of Exchange zero-day flaw exploited in attacks BleepingComputer · 60d ago I'm going crazy. At the application level what I can actually do to prevent DDos? cybersecurity · 60d ago yarax_android: The first Android implementation of yara-x. Blazing fast pattern matching swiss knife running natively on Android. Reverse Engineering · 60d ago Is anyone enrolled in Intellipaat's cybersecurity course? cybersecurity · 60d ago Will AI Replace Cybersecurity Jobs? cybersecurity · 60d ago Why geopolitical turmoil is a gift for scammers, and how to stay safe WeLiveSecurity · 60d ago What's best certification choice after OSWE cybersecurity · 60d ago TinyLoad v4 — added opaque predicates, anti-debug, and section obfuscation to my PE packer hacking: security in practice · 60d ago Facebook Page Call Slipping through Sleep mode cybersecurity · 60d ago ssh-keysign-pwn: Linux LPE allows unprivileged users to read root-owned files. PoC with SSH server privkey cybersecurity · 60d ago New Linux LPE allows local users to read any file, including privkeys cybersecurity · 60d ago A fix for the previous Linux kernel critical exploit has seemingly introduced another critical local privilege escalation exploit, a third in two weeks. cybersecurity · 60d ago Your experience as IT Admin on Alerts cybersecurity · 60d ago Slow-drip responses as a bot defense: streaming fake credentials 3 bytes at a time cybersecurity · 60d ago Maximum Severity Cisco SD-WAN Bug Exploited in the Wild cybersecurity · 60d ago GitHub - jetnoir/metis: Automated binary vulnerability triage for macOS, Linux, and Windows targets Reverse Engineering · 60d ago GitHub - jetnoir/poppy: Dynamic XPC Observability & Fault Injection for macOS Reverse Engineering · 60d ago Instrumenting QT6 desktop apps with Frida - Part 1 Technical Information Security Content & Discussion · 60d ago From Vercel Typosquatting to an Obfuscated macOS Malware Loader Technical Information Security Content & Discussion · 60d ago Discord VC lag Exploit cybersecurity · 60d ago FrostyNeighbor: Fresh mischief and digital shenanigans cybersecurity · 60d ago Bug FB - Inicio de sesion por password cybersecurity · 60d ago Does anyone know how to configure EVILGINX for testing cybersecurity · 60d ago Trafexia V2 - Mobile Traffic Interceptor Toolkit Reverse Engineering · 60d ago How long does it take to get familiar with a tool cybersecurity · 60d ago Scam website cybersecurity · 60d ago ANTS Hack: 19 million records exposed in French ID agency breach cybersecurity · 60d ago has anyone used tail os here? hacking: security in practice · 60d ago Is it really that easy to obtain SMS codes using an SS7 attack? cybersecurity · 60d ago AI coding tools are shipping code faster than security can review it. What's your team doing about it cybersecurity · 60d ago Interview for AI security engineer position at a fortune 500 company cybersecurity · 60d ago How’s the job market for Senior AppSec Engineers? How are the interviews? cybersecurity · 60d ago Has anyone read "The Art of Deception"? How does it hold up to now? cybersecurity · 60d ago Run this washer/dryer sans coin? hacking: security in practice · 60d ago WAF Evasion Engine For [Blue|Purple] Teams in Cyber Defence · 60d ago Is metadata protection becoming more important than traditional endpoint security for ordinary users? cybersecurity · 60d ago Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems darkreading · 60d ago Inspecting a DLL file trying to figure out if it really is malware Malware Analysis & Reports · 60d ago Zero trust in hybrid environments - what's actually worked for you cybersecurity · 60d ago Have you encountered issues with CSAF advisories in practice? cybersecurity · 60d ago Zero trust in hybrid environments - what's actually working for you cybersecurity · 60d ago I built an open-source Burp alternative hacking: security in practice · 60d ago TeamPCP hackers advertise Mistral AI code repos for sale BleepingComputer · 60d ago OpenAI confirms security breach in TanStack supply chain attack cybersecurity · 60d ago Bachelors Degree Options cybersecurity · 60d ago HighBoy hacking: security in practice · 60d ago Innovator Spotlight: Klever Compliance Cyber Defense Magazine · 60d ago Thus Spoke…The Gentlemen For [Blue|Purple] Teams in Cyber Defence · 60d ago Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin BleepingComputer · 60d ago Innovator Spotlight: Radware Cyber Defense Magazine · 60d ago SecurityScorecard Snags Driftnet to Level Up Threat Intelligence darkreading · 60d ago npm supply chain compromise on a Next.js app — XMRig miner bundled into webpack output Malware Analysis & Reports · 60d ago Pentagon cyber official calls advanced AI ‘revolutionary warfare’ CyberScoop · 60d ago Maximum Severity Cisco SD-WAN Bug Exploited in the Wild darkreading · 60d ago White House cyber official: identity security matters more than ever in the age of AI CyberScoop · 60d ago Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks BleepingComputer · 60d ago I need help protecting my privacy cybersecurity · 61d ago Free Threat Intellegence cybersecurity · 61d ago What discovery in cybersecurity amazed you the most? cybersecurity · 61d ago OpenAI confirms security breach in TanStack supply chain attack BleepingComputer · 61d ago Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 BleepingComputer · 61d ago Scholarship for Service cybersecurity · 61d ago Reading Siemens CT raw data hacking: security in practice · 61d ago KQLab - open-source query manager for SOC teams For [Blue|Purple] Teams in Cyber Defence · 61d ago For teams archiving logs outside the SIEM: how often do you actually query them, and for what reasons? cybersecurity · 61d ago How I use Hermes agent to turn Patch Tuesday into Windows exploit research hacking: security in practice · 61d ago Another day, another supply chain cybersecurity · 61d ago How often do you actually see SSRF exploited in real incidents vs just discussed in CTFs/blogs? cybersecurity · 61d ago Teaching Linux+ & CEH..... cybersecurity · 61d ago Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon cybersecurity · 61d ago How TeamPCP's Python Toolkit Survives a C2 Takedown For [Blue|Purple] Teams in Cyber Defence · 61d ago Innovator Spotlight: JScrambler Cyber Defense Magazine · 61d ago Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon hacking: security in practice · 61d ago SIEM use case development cybersecurity · 61d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode Technical Information Security Content & Discussion · 61d ago JFrog vs Mend as Scanners cybersecurity · 61d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode Reverse Engineering · 61d ago KQLab - open-source query manager for SOC teams cybersecurity · 61d ago Which Vendors Publish the Best (or Worst) Security Advisories? cybersecurity · 61d ago Tips for a beginner noob that wants to learn hacking: security in practice · 61d ago 'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine darkreading · 61d ago Synthetic training data vs. real attack telemetry — does it actually matter? cybersecurity · 61d ago Microsoft AntiSSRF For [Blue|Purple] Teams in Cyber Defence · 61d ago Operative IT-Sicherheit | SIEM & Splunk cybersecurity · 61d ago Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state Technical Information Security Content & Discussion · 61d ago Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state For [Blue|Purple] Teams in Cyber Defence · 61d ago 18-year-old NGINX vulnerability allows DoS, potential RCE BleepingComputer · 61d ago Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight BleepingComputer · 61d ago SOC not for junior level? cybersecurity · 61d ago Major tech manufacturer Foxconn confirms cyberattack hit North American factories CyberScoop · 61d ago Cybersecurity at MSG cybersecurity · 61d ago pii-tools.com reputable? cybersecurity · 61d ago Hey all! sharing this week's issue I wrote on the TeamPCP supply chain compromise cybersecurity · 61d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure For [Blue|Purple] Teams in Cyber Defence · 61d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure Reverse Engineering · 61d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure Malware Analysis & Reports · 61d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure Technical Information Security Content & Discussion · 61d ago Contract jobs worth the risk? cybersecurity · 61d ago HackTheBoxAcademy vs LetsDefend vs CyberDefenders cybersecurity · 61d ago Automating code security reviews with Claude: near Mythos-level capabilities at lower cost cybersecurity · 61d ago Making Right Career Decision? cybersecurity · 61d ago AI Drives Cybersecurity Investments, Widening 'Valley of Death' darkreading · 61d ago I tried using apparmor (linux security) but it doesn't seem to work very well cybersecurity · 61d ago Level Effect AMA! Former NSA Operators turned EDR developers and trainers in 2020. We’ve seen a lot of trends over the years and want to start being active in r/cybersecurity giving back. Ask us anything! cybersecurity · 61d ago Struggling to Stay Up to Date With Vulnerabilities cybersecurity · 61d ago CVE-2026-44338: Scanners Target PraisonAI Within Four Hours of Disclosure Technical Information Security Content & Discussion · 61d ago How to Check Computer Activity: 2026 Guide for Windows and Mac Technical Information Security Content & Discussion · 61d ago Strix — first public beta of the spiritual successor to cSploit/dSploit hacking: security in practice · 61d ago KongTuke hackers now use Microsoft Teams for corporate breaches BleepingComputer · 61d ago 🔴 [LIVE] Payload Review & 1M Subs! Hak5 · 61d ago How fast is autonomous AI cyber capability advancing? For [Blue|Purple] Teams in Cyber Defence · 61d ago Foxconn Attack Highlights Manufacturing's Cyber Crisis darkreading · 61d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 61d ago Siemens Siemens ROS# All CISA Advisories · 61d ago Siemens gWAP All CISA Advisories · 61d ago Siemens SIMATIC All CISA Advisories · 61d ago Siemens Ruggedcom Rox All CISA Advisories · 61d ago Siemens Ruggedcom Rox All CISA Advisories · 61d ago Siemens Simcenter Femap All CISA Advisories · 61d ago Universal Robots Polyscope 5 All CISA Advisories · 61d ago Siemens Ruggedcom Rox All CISA Advisories · 61d ago Siemens Teamcenter All CISA Advisories · 61d ago Siemens Solid Edge All CISA Advisories · 61d ago Siemens SENTRON 7KT PAC1261 Data Manager All CISA Advisories · 61d ago Siemens Opcenter RDnL All CISA Advisories · 61d ago Siemens Ruggedcom Rox All CISA Advisories · 61d ago Siemens SIMATIC S7 PLC Web Server All CISA Advisories · 61d ago Siemens Industrial Devices All CISA Advisories · 61d ago Siemens SIMATIC All CISA Advisories · 61d ago Siemens SIPROTEC 5 All CISA Advisories · 61d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 61d ago How to Transfer files Safely from a Compromised (work) Device cybersecurity · 61d ago Two brothers deleted 96 federal databases after being fired – one googled how to hide the evidence afterward cybersecurity · 61d ago Multiple data breaches in one week cybersecurity · 61d ago Whatsapp hacking: security in practice · 61d ago How are small security teams handling vulnerability overload now? cybersecurity · 61d ago Concerns mount that EU will demand age verification for VPNs cybersecurity · 61d ago Automating code security reviews: Claude Mythos-level capabilities with lower cost cybersecurity · 61d ago The Rare Patch: A Digital Sovereignty Challenge cybersecurity · 61d ago Advise cybersecurity · 61d ago CVE-2026-42945 : NGINX Heap Buffer Overflow in rewrite module - Writeup and PoC Technical Information Security Content & Discussion · 61d ago Face ID bypass with avatar hacking: security in practice · 61d ago GRC cybersecurity · 61d ago Dell confirms its SupportAssist software causes Windows BSOD crashes BleepingComputer · 61d ago Admins and Engineers cybersecurity · 61d ago Microsoft's multi-agent AI system tops Anthropic's Mythos on cybersecurity benchmark cybersecurity · 61d ago Ghidra 12.1 has been released! Reverse Engineering · 61d ago Prompt injection in browser coding agents is the threat model nobody is ready for cybersecurity · 61d ago US charges suspected Dream Market admin arrested in Germany BleepingComputer · 61d ago FrostyNeighbor: Fresh mischief and digital shenanigans WeLiveSecurity · 61d ago New Fragnesia Linux flaw lets attackers gain root privileges cybersecurity · 61d ago New Fragnesia Linux flaw lets attackers gain root privileges BleepingComputer · 61d ago Transition from MSP to Network Engineering? cybersecurity · 61d ago YellowKey: YellowKey Bitlocker Bypass Vulnerability For [Blue|Purple] Teams in Cyber Defence · 61d ago Reverse Engineering Slither.io’s Network Protocol Reverse Engineering · 61d ago So called “off grid” method cybersecurity · 61d ago Convince me I’m not paranoid: a unique hacking situation. cybersecurity · 61d ago Hunting the Behavior Behind npm Supply Chain Attacks cybersecurity · 61d ago Hunting the Behavior Behind npm Supply Chain Attacks hacking: security in practice · 61d ago Question for AppSec Members cybersecurity · 61d ago Hunting the Behavior Behind npm Supply Chain Attacks Technical Information Security Content & Discussion · 61d ago LIVE: 🕵️ HTB Sherlocks! | Cybersecurity | Blue Team The Cyber Mentor · 61d ago Beginners guide to Google Dorks by Heisenberg cybersecurity · 61d ago I got a desktop notification, saying I had a security oversight. What's odd, is that the notification said Windows Security and it looked very believable... Malware Analysis & Reports · 61d ago Alguém sabe algo sobre raven eye technology cybersecurity · 61d ago Gophish Porject - Requirement cybersecurity · 61d ago Security Team Won’t Assess Risk cybersecurity · 61d ago Trusted Unknown Apps Protocol (TUAP) – A Global Behavior‑Based Security Framework cybersecurity · 61d ago Microsoft’s new multi-model agentic security system tops leading industry benchmark cybersecurity · 61d ago Proxmark5 Day 3 Update - $357K+ funded (715% of goal) hacking: security in practice · 61d ago Researchers say AI just broke every benchmark for autonomous cyber capability CyberScoop · 61d ago Microsoft MDASH Deployment Identifies 16 Windows Flaws via 100+ AI Agents cybersecurity · 61d ago West Pharmaceutical says hackers stole data, encrypted systems BleepingComputer · 61d ago Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks CyberScoop · 61d ago Overwhelmed on how to enter the job market. cybersecurity · 61d ago Iranian hackers targeted major South Korean electronics maker BleepingComputer · 61d ago Social media scam bill targets tech giants as New Yorkers lose billions cybersecurity · 61d ago What are the biggest technical & cultural hurdles you’re facing right now? cybersecurity · 61d ago CISSP / CCSP training - Experienced engineer cybersecurity · 61d ago WaSteal: 126 Chrome extensions, 148K installs, one Brazilian operator silently sending WhatsApp user data and ad cookies to its servers Technical Information Security Content & Discussion · 61d ago I Reverse-engineering Need for Speed Underground 2 Server Reverse Engineering · 61d ago Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live Technical Information Security Content & Discussion · 61d ago Checkbox Assessments Aren't Fit to Measure Risk darkreading · 61d ago Attackers Weaponize RubyGems for Data Dead Drops darkreading · 61d ago Innovators Spotlight: OPSWAT Cyber Defense Magazine · 61d ago Vulnerability in Canvas/Instructure Support Tickets had part in breach? cybersecurity · 61d ago Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak darkreading · 61d ago Are There Really Ethical Hackers? I've Yet To Meet One hacking: security in practice · 61d ago Tinker Tailor Soldier: Paper Werewolf’s latest toolkit For [Blue|Purple] Teams in Cyber Defence · 61d ago On vendor disclosure timelines, bounty programme incentive misalignment, and the psychological contract Technical Information Security Content & Discussion · 61d ago New critical Exim mailer flaw allows remote code execution BleepingComputer · 61d ago /sbin/ping -G sweepmax has no bounds check on macOS: deterministic BSS out-of-bounds write, confirmed by Apple Technical Information Security Content & Discussion · 61d ago Apple's smbd has no FSCTL_SRV_COPYCHUNK limit enforcement: 256 bytes in, 64 GiB disk I/O out Technical Information Security Content & Discussion · 61d ago 126 Chrome extensions, all secretly the same product, taking 148K users' WhatsApp data and ad cookies For [Blue|Purple] Teams in Cyber Defence · 61d ago DOJ releases legal rationale for nationwide voter data collection CyberScoop · 61d ago is malwarefox legit? cybersecurity · 62d ago what lab to learn zero trust? cybersecurity · 62d ago Anyone else got a bunch of emails leaked by Samsung? cybersecurity · 62d ago Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape darkreading · 62d ago This is what some the world's largest banks of malware look like stacked as hard drives cybersecurity · 62d ago I need feedback on my project please cybersecurity · 62d ago would like to understand the role of "Cyber Insurance UnderWriters" cybersecurity · 62d ago Weaponized AI: The new frontier of fraud and identity spoofing CyberScoop · 62d ago clens.io - new public threat & data intel service Malware Analysis & Reports · 62d ago Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad For [Blue|Purple] Teams in Cyber Defence · 62d ago Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise For [Blue|Purple] Teams in Cyber Defence · 62d ago I made a video explaining CPU registers for people learning binary exploitation — x86 vs x64 differences included Reverse Engineering · 62d ago Free on-device tool for monitoring AI traffic on macOS — visibility before policy cybersecurity · 62d ago Is secure evidence handling and controlled derivative file sharing needed? cybersecurity · 62d ago Will Adding Some Certifications Help Me in the Job Market? cybersecurity · 62d ago Linux driver posted for Intel Silicon Security Engine Interface "ISSEI" cybersecurity · 62d ago Hello guys I am hearing everywhere Cybersecurity is the most demanding Subject. If it is true then where can I learn and get certified? cybersecurity · 62d ago Fragnesia made public as latest Linux local privilege escalation vulnerability cybersecurity · 62d ago HP ZBook Fury G8 vs ThinkPad T Series for Cybersecurity? cybersecurity · 62d ago trying to learn patching hacking: security in practice · 62d ago NIST is surrendering to the amount of CVEs coming in cybersecurity · 62d ago Windows BitLocker zero-day gives access to protected drives, PoC released BleepingComputer · 62d ago [HOMELAB] Built a SOC investigation console on two old Dell boxes For [Blue|Purple] Teams in Cyber Defence · 62d ago Military Veteran looking to get into the Cyber Field cybersecurity · 62d ago Android Intrusion Logging as a new source of data for consensual forensic analysis For [Blue|Purple] Teams in Cyber Defence · 62d ago Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor cybersecurity · 62d ago Granny’s Compromised Android Firmware Malware Analysis & Reports · 62d ago On-prem vs IaaS vs PaaS vs SaaS for self-hosted IAM (Keycloak case study) Technical Information Security Content & Discussion · 62d ago Post-quantum audit substrate for critical national infrastructure. The NCSC 2031 high-priority deadline reframed as an operator-side playbook. cybersecurity · 62d ago Webinar tomorrow: Why security alone won't stop modern attacks BleepingComputer · 62d ago Microsoft fixes BitLocker recovery issue only for Windows 11 users BleepingComputer · 62d ago Shai-Hulud: Another Wave and Going Open Source For [Blue|Purple] Teams in Cyber Defence · 62d ago Cve apis for a database cybersecurity · 62d ago Empresas de Cyberseguridad en Mexico (Reacciones) cybersecurity · 62d ago Joined a new company: GRC landscape advice cybersecurity · 62d ago Removing admin rights cybersecurity · 62d ago a leak from "the gentleman" ransomware group confirms Infostealers were often used to establish initial access cybersecurity · 62d ago A stealth approach to Process Injection - EntryPoint Hijacking For [Blue|Purple] Teams in Cyber Defence · 62d ago A stealth approach to Process Injection - EntryPoint Hijacking Technical Information Security Content & Discussion · 62d ago FamousSparrow's evolved DLL sideloading - execution gated behind the host app's normal control flow cybersecurity · 62d ago Golden years for cyber security about to start? cybersecurity · 62d ago A stealth approach to Process Injection - EntryPoint Hijacking cybersecurity · 62d ago Microsoft fixes Windows Autopatch bug installing restricted drivers BleepingComputer · 62d ago Detecting CopyFail and DirtyFrag by thinking outside the box cybersecurity · 62d ago Daybreak is OpenAI’s answer to the AI arms race in cybersecurity CyberScoop · 62d ago Adaptive Behavioral Identity: A Human‑First Model for Symbiotic Security cybersecurity · 62d ago The Board Is Asking The Wrong Security Question Cyber Defense Magazine · 62d ago LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly darkreading · 62d ago China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm darkreading · 62d ago Foxconn confirms cyberattack claimed by Nitrogen ransomware gang BleepingComputer · 62d ago Career advice cybersecurity · 62d ago 73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation BleepingComputer · 62d ago LW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push back The Last Watchdog · 62d ago Microsoft says some users can't install Office on Windows 365 devices BleepingComputer · 62d ago A year of Apple Security Bounty research — 16 closed findings, full disclosure Technical Information Security Content & Discussion · 62d ago [Tool] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible) Malware Analysis & Reports · 62d ago The exponential rise of economic damage caused by cyber-crime continues cybersecurity · 62d ago [Claude Code] Android Reverse engineering Skill being updated with tracker/AD neutralization features Reverse Engineering · 62d ago Today's cybersecurity systems are not ready for AI cybersecurity · 62d ago Are certifications worth it, or do practical skills matter more? cybersecurity · 62d ago [Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible) cybersecurity · 62d ago [Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible) For [Blue|Purple] Teams in Cyber Defence · 62d ago Claude Mythos technical breakdown: CVE-2026-4747 ROP chain, OpenBSD SACK integer overflow, Linux 1-bit OOB-to-root, and what AISLE's reproductions actually showed cybersecurity · 62d ago Apple Supplier Foxconn in Taiwan Confirms Cyberattack After Ransomware Gang Claims 8TB Data Theft cybersecurity · 62d ago What to do after security+ cybersecurity · 62d ago AI-Generated Fake Marketplaces Are Poisoning Search Results and Stealing Card Data cybersecurity · 62d ago AI-Coded App Vulnerability Checklist - 33 LLM-specific items with detection methods Technical Information Security Content & Discussion · 62d ago LAN-LOK: Living as a sysadmin at an isolated Antarctic research station in the early 90s [DOS game -- would like to collab to reverse engineer] Reverse Engineering · 62d ago Service Principal Sign-Ins: A blind spot that a lot are missing For [Blue|Purple] Teams in Cyber Defence · 62d ago Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub cybersecurity · 62d ago Is it realistic to move from Tech Risk/GRC into technical cybersecurity? cybersecurity · 62d ago My Analysis of a Bandook RAT PCAP For [Blue|Purple] Teams in Cyber Defence · 62d ago Are IPhone autofill passwords safe to use? cybersecurity · 62d ago Access approvals happen over Slack dm and I don't know how to present that to an auditor cybersecurity · 62d ago 🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline cybersecurity · 62d ago China is going dark to develop its own Mythos, German cyber chief fears cybersecurity · 62d ago Is prompt injection a real problem for you? cybersecurity · 62d ago New Exim BDAT bug shows why “just patch the mail server” is still not simple cybersecurity · 62d ago Microsoft France's legal affairs director told the French Senate, under oath, that he can't guarantee European "sovereign cloud" data stays out of US reach cybersecurity · 62d ago Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign For [Blue|Purple] Teams in Cyber Defence · 62d ago Cybersecurity guide cybersecurity · 62d ago [Conseil Orientation] LP ASUR (ANSSI) après une L3 Générale pour viser un Master Cyber ? cybersecurity · 62d ago How you guys rate Google Cyber security course and certificate out of 10 !? cybersecurity · 62d ago Detection Rule is here For [Blue|Purple] Teams in Cyber Defence · 62d ago Cyebrsecurity Startup Advice cybersecurity · 62d ago Can anyone give a real world based AI based attack? cybersecurity · 62d ago r2garlic - The world's fastest Android/DEX decompiler meets radare2! Reverse Engineering · 62d ago How worried should we be about AI powered cyberattacks? cybersecurity · 62d ago Built STIS-ICS — an open ICS/OT security learning project cybersecurity · 62d ago Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft Trend Micro Research, News, Perspectives · 62d ago OS scanner that checks repos for traces of the Shai Hulud worm Malware Analysis & Reports · 62d ago OS scanner that checks repos for traces of the Shai Hulud worm cybersecurity · 62d ago US govt seeks Instructure testimony on massive Canvas cyberattack BleepingComputer · 62d ago Foxconn Ransomware Attack Shows Nothing Is Safe Forever cybersecurity · 62d ago Open-source CLI for testing LLM agents across prompt, tool, and replay boundaries cybersecurity · 62d ago Cellphone IP address spoofing. hacking: security in practice · 62d ago AI Vulnerability Research and the Fuzzer Era Déjà Vu cybersecurity · 62d ago Explorer shows random letter/number filenames before copying my actual files — normal behavior? cybersecurity · 62d ago Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America Proofpoint News Feed · 62d ago ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack CyberScoop · 62d ago Zscaler AI Security Capabilities ? cybersecurity · 62d ago Major world economies spell out key elements of AI ‘ingredients list’ CyberScoop · 62d ago It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight darkreading · 62d ago Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical CyberScoop · 62d ago Cybersecurity degree cybersecurity · 62d ago Owning a service principal equals owning its permissions. For [Blue|Purple] Teams in Cyber Defence · 62d ago Disgruntled researcher who dropped BlueHammer and RedSun drops two new Windows 11 zero-days: A Bitlocker bypass, nicknamed YellowKey, and LPE, nicknamed GreenPlasma cybersecurity · 62d ago Cyber security cybersecurity · 62d ago New York Senate takes on junk fees, digital subscriptions, surveillance pricing cybersecurity · 62d ago UK fines water supplier $1.3M for exposing data of 664k customers BleepingComputer · 62d ago Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection For [Blue|Purple] Teams in Cyber Defence · 63d ago Mini Shai-Hulud Supply-Chain Worm Compromises npm and PyPI Packages, Including TanStack, Mistral, Lightning, and Guardrails AI Malware Analysis & Reports · 63d ago Webinar: Fixing the gaps in network incident response BleepingComputer · 63d ago Signal adds security warnings for social engineering, phishing attacks BleepingComputer · 63d ago CPU OP Cache Corruption - AMD has identified a vulnerability in the CPU operation (op/µop) cache on Zen 2‑based products that can cause incorrect instructions to be executed at a higher privilege level. For [Blue|Purple] Teams in Cyber Defence · 63d ago Cybersecurity statistics of the week (May 4th - May 10th) cybersecurity · 63d ago Feels like AI changed the speed of attacks more than most companies want to admit cybersecurity · 63d ago Microsoft releases Windows 10 KB5087544 extended security update BleepingComputer · 63d ago Anyone used Kasm or ReplicaCyber? cybersecurity · 63d ago Škoda warns of customer data breach after online shop hack cybersecurity · 63d ago Google launches new Android security feature to help uncover spyware attacks cybersecurity · 63d ago Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator BleepingComputer · 63d ago Windows 11 KB5089549 & KB5087420 cumulative updates released BleepingComputer · 63d ago Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days BleepingComputer · 63d ago Fancy Bear: Stealing Credentials Invisibly cybersecurity · 63d ago Nightmare Eclipse has published Greenplasma and YellowKey cybersecurity · 63d ago Copilot Agent cybersecurity · 63d ago A Quick Way to Prove Your Cybersecurity Skillset! The Cyber Mentor · 63d ago Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim Technical Information Security Content & Discussion · 63d ago The Algorithm Goes to War: Inside the AI Cyberweapon Revolution That Governments Cannot Stop Technical Information Security Content & Discussion · 63d ago What SANS cert I should consider acquiring (from my job)? Most useful ones or one that goes across many roles? cybersecurity · 63d ago GitHub - iss4cf0ng/OpenBootloader: A Proof-of-Concept of simple bootloader, written in Assembly (NASM) and C language. Reverse Engineering · 63d ago Škoda warns of customer data breach after online shop hack BleepingComputer · 63d ago Android 17 to expand banking scam call and privacy protections BleepingComputer · 63d ago Google and Amnesty International teamed up to make it harder for spyware vendors to hide CyberScoop · 63d ago Career Advice cybersecurity · 63d ago Malicious Coding Agent Skills and the Risk of Dynamic Context | Datadog Security Labs Technical Information Security Content & Discussion · 63d ago AI Vulnerability Research and the Fuzzer Era Déjà Vu Technical Information Security Content & Discussion · 63d ago AI+DFIR Challenge: Share Your Disasters and Successes For [Blue|Purple] Teams in Cyber Defence · 63d ago Anyone else exhausted by the nonstop AI hype? cybersecurity · 63d ago Reviewing the trends in ransomware attacks in 2026 cybersecurity · 63d ago FIRESIDE CHAT: Cyber insurers deepen SMB security role as supply chain attacks spread The Last Watchdog · 63d ago Sorry if its the wrong place but hacking: security in practice · 63d ago Is It a Good Idea to Change Jobs Shortly After Getting Hired? cybersecurity · 63d ago SSO makes life easier but MFA keeps it safe, do we actually need both? cybersecurity · 63d ago Hugging Face Packages Weaponized With a Single File Tweak darkreading · 63d ago Didn’t land a Cybersecurity internship—starting IT Support for POS systems. Tips on maximizing my off-hours? cybersecurity · 63d ago Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware For [Blue|Purple] Teams in Cyber Defence · 63d ago How are SOC teams actually deciding what not to investigate anymore? cybersecurity · 63d ago Spam calls on this number he was distrubing a girl idk about this guy but the girl placed an order on blinkit and he started acting that he's not able to find the location so she gave her number on ws and now he's spamming unecessarily cybersecurity · 63d ago Chris Cochran at SANS Institute: AMA about the AI Security Maturity Model we just released. cybersecurity · 63d ago Synthetic Identity Fraud Requires An Equal Focus On Biometrics And Document Verification Cyber Defense Magazine · 63d ago Has anyone tryed this out yet? cybersecurity · 63d ago I spent a weekend trying to get OpenClaw to leak my own personal data and it caught me immediately... Technical Information Security Content & Discussion · 63d ago The frontier model caught my prompt injection but the cheaper fallback didn't (and most devs have no idea which one they're on..) cybersecurity · 63d ago Switching to Cyber cybersecurity · 63d ago 20 Leaders Who Built the CISO Era: 2 Decades of Change darkreading · 63d ago Software Bill of Materials for AI - Minimum Elements All CISA Advisories · 63d ago ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax All CISA Advisories · 63d ago Subnet Solutions PowerSYSTEM Center All CISA Advisories · 63d ago ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities All CISA Advisories · 63d ago ABB AC500 V3 Multiple Vulnerabilities All CISA Advisories · 63d ago ABB Automation Builder Gateway for Windows All CISA Advisories · 63d ago Fuji Electric Tellus All CISA Advisories · 63d ago Nitrogen ransomware group claims Foxconn after Wisconsin plant outage cybersecurity · 63d ago Shai Hulud attack ships signed malicious TanStack, Mistral npm packages cybersecurity · 63d ago Shai Hulud attack ships signed malicious TanStack, Mistral npm packages BleepingComputer · 63d ago Postmortem: TanStack npm supply-chain compromise For [Blue|Purple] Teams in Cyber Defence · 63d ago Using Cape Sandbox for Phishing Analysis cybersecurity · 63d ago Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain darkreading · 63d ago SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA BleepingComputer · 63d ago Canvas hack: company pays criminals to delete students' stolen data cybersecurity · 63d ago AI is separating the companies built to scale from the ones built to sell CyberScoop · 63d ago i have 1 year of experience as product security intern. Please let me know if there are any job oppurtunities available for freshers. I have to start earning. cybersecurity · 63d ago AI integrations are quietly creating a new OAuth supply-chain problem cybersecurity · 63d ago Instructure reaches 'agreement' with ShinyHunters to stop data leak cybersecurity · 63d ago UnMapper: a tool that crawls a target, finds its JavaScript, and reconstructs the original source tree from any sourcemaps it ships cybersecurity · 63d ago Curl lead developer Daniel Stenberg provides insightful feedbacks from Mythos analysis results Technical Information Security Content & Discussion · 63d ago Instructure reaches 'agreement' with ShinyHunters to stop data leak BleepingComputer · 63d ago Hardcoded secrets in Git cybersecurity · 63d ago Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages cybersecurity · 63d ago UK water company allowed hackers to lurk undetected for nearly two years, regulator finds cybersecurity · 63d ago New ipTIME Pre-Auth RCE in CWMP cybersecurity · 63d ago New ipTIME Pre-Auth RCE in CWMP Technical Information Security Content & Discussion · 63d ago Postmortem: TanStack npm supply-chain compromise Technical Information Security Content & Discussion · 63d ago Anyone here familiar with the Internet Computer Protocol (ICP) and why TeamPCP would choose to use it? hacking: security in practice · 63d ago Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak cybersecurity · 63d ago Steam spear phishing Malware Analysis & Reports · 63d ago Fake linked in sponsored google search Malware Analysis & Reports · 63d ago Is my phone hacked? cybersecurity · 63d ago Switched to a grc role after a year in SOC L1 cybersecurity · 63d ago bits from the release team - Aided by the efforts of the Reproducible Builds project, we've decided it's time to say that Debian must ship reproducible packages For [Blue|Purple] Teams in Cyber Defence · 63d ago rxrpc_privesc: RxRPC privesc PoC without fcrypt() restrictions For [Blue|Purple] Teams in Cyber Defence · 63d ago Detecting Remote Thread Creation with Windows Driver For [Blue|Purple] Teams in Cyber Defence · 63d ago Mythos finds a curl vulnerability For [Blue|Purple] Teams in Cyber Defence · 63d ago Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - some leaps pending technical details For [Blue|Purple] Teams in Cyber Defence · 63d ago Reverse Engineering a Multi Stage File Format Steganography Chain of the TeamPCP Telnyx Campaign For [Blue|Purple] Teams in Cyber Defence · 63d ago Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment For [Blue|Purple] Teams in Cyber Defence · 63d ago esp32-c5-deauth: A deauth with nuker for 2.4Ghz and 5Ghz controlled by BLE with Android app For [Blue|Purple] Teams in Cyber Defence · 63d ago Forecasting Lazarus Crypto Heists cybersecurity · 63d ago LOLRMM Publishers - PR merges 182 new code signing certificates and adds important safety warnings to entries containing certificates from major software vendors. For [Blue|Purple] Teams in Cyber Defence · 63d ago How Cloudflare responded to the “Copy Fail” Linux vulnerability For [Blue|Purple] Teams in Cyber Defence · 63d ago Infrastructure Security Incident Update & FAQs cybersecurity · 63d ago I analyzed 196k+ Sysmon events and found APT29 staging malware in Temp. Here is my detection logic. For [Blue|Purple] Teams in Cyber Defence · 63d ago LUKSbox: Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots. For [Blue|Purple] Teams in Cyber Defence · 63d ago Mini Shai-Hulud npm worm compromises 160+ packages, abuses GitHub Actions cache + Trusted Publishing. Full list of compromised packages cybersecurity · 63d ago In Depth Guide To VM Based Obfuscation - What it is and how to handle it. cybersecurity · 63d ago Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective cybersecurity · 63d ago Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective Reverse Engineering · 63d ago Transitioned to GRC cybersecurity · 63d ago Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages cybersecurity · 63d ago Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages Malware Analysis & Reports · 63d ago German cybersecurity official warns China is close to developing AI superhacker cybersecurity · 63d ago How do Fortune 10 SOCs handle incident response with 15 people instead of 150? Energy-Based Models. Technical Information Security Content & Discussion · 63d ago New Shai-Hulud npm worm variant Malware Analysis & Reports · 63d ago New Shai-Hulud npm worm variant For [Blue|Purple] Teams in Cyber Defence · 63d ago Google Detects First AI-Generated Zero-Day Exploit cybersecurity · 63d ago “DCSA agent” calling IT Help Desk to be transferred to employees they are investigating for a clearance cybersecurity · 63d ago Instructure/ canvas paid the ransom? cybersecurity · 63d ago Instructure claims hackers returned stolen Canvas data after an extortion standoff CyberScoop · 63d ago OpenAI announces Daybreak, "frontier AI for defenders" Technical Information Security Content & Discussion · 63d ago Troca emprego - big para consultoria ou fintech - Pentester/Red Team cybersecurity · 63d ago GM agrees to $12.75M California settlement over sale of drivers’ data BleepingComputer · 63d ago Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation hacking: security in practice · 63d ago Finally, texts between Android and iPhone users can be end-to-end encrypted cybersecurity · 63d ago Official CheckMarx Jenkins package compromised with infostealer cybersecurity · 63d ago Official CheckMarx Jenkins package compromised with infostealer BleepingComputer · 63d ago New GhostLock tool abuses Windows API to block file access BleepingComputer · 63d ago IMF warns of the potential for AI attacks on global financial systems cybersecurity · 63d ago 🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline cybersecurity · 63d ago GhostLock: SMB Deny-Share Handles as a Zero-Privilege Availability Weapon Technical Information Security Content & Discussion · 63d ago Cookie thieves caught stealing dev secrets via fake Claude Code installers cybersecurity · 63d ago Pwn2Own 2026 Capacity Overflow, Hackers Drop 0-Days Solo cybersecurity · 63d ago Innovator Spotlight: Iru Cyber Defense Magazine · 63d ago MS Defender on OT Network cybersecurity · 63d ago A fateful question cybersecurity · 64d ago EtwWatcher For [Blue|Purple] Teams in Cyber Defence · 64d ago SC-900 or SC-400 cybersecurity · 64d ago What are your security non-negotiables? cybersecurity · 64d ago Losing my path cybersecurity · 64d ago Axon-captcha cybersecurity · 64d ago What makes companies trust small cybersecurity vendors? cybersecurity · 64d ago Donuts and Beagles: Fake Claude site spreads backdoor For [Blue|Purple] Teams in Cyber Defence · 64d ago Hathor Wallet Daemon (headless) Has Fail-Open Auth – Notified via Immunefi but Closed as “User Responsibility” cybersecurity · 64d ago TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack cybersecurity · 64d ago Innovator Spotlight: Axonius Cyber Defense Magazine · 64d ago News Alert: Lyrie.ai joins Anthropic verification program, unveils protocol for securing AI agents The Last Watchdog · 64d ago New and improved: Agent governance, intelligent workflows, and connected app experiences Microsoft 365 Blog · 64d ago Foxconn Wisconsin breach reportedly linked to Nitrogen ransomware, 8TB data theft claim cybersecurity · 64d ago How I Defeat Passkeys Nearly Every Time in Phishing Assessments Technical Information Security Content & Discussion · 64d ago These Extensions are Scraping Your AI Chats, are you affected? cybersecurity · 64d ago Reverse Engineering Fisher-Price Pixter Reverse Engineering · 64d ago Be careful with your Git: Investigating malware spreading through Git repositories cybersecurity · 64d ago Training and Phishing cybersecurity · 64d ago Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation cybersecurity · 64d ago AI-powered hacking has exploded into industrial-scale threat, Google says cybersecurity · 64d ago Apple closed my bug report 4 times. MITRE wouldn't let it die. cybersecurity · 64d ago Instructure confirms hackers used Canvas flaw to deface portals BleepingComputer · 64d ago NASA Investigators Expose a Chinese National Phishing for Defense Software - NASA OIG cybersecurity · 64d ago Fine of nearly £1m issued against South Staffordshire Plc and South Staffordshire Water Plc following major cyber attack and data breach For [Blue|Purple] Teams in Cyber Defence · 64d ago Why Changing Passwords Doesn’t End an Active Directory Breach BleepingComputer · 64d ago CHERIoT-Ibex: Closing the door on memory safety vulnerabilities with hardware-enforced protection For [Blue|Purple] Teams in Cyber Defence · 64d ago looking for "evil" Websites Malware Analysis & Reports · 64d ago Google spotted an AI-developed zero-day before attackers could use it cybersecurity · 64d ago Google: Hackers used AI to develop zero-day exploit for web admin tool BleepingComputer · 64d ago Security In The AI Era: Why Compliance, Infrastructure, And Platform Security Must Converge Cyber Defense Magazine · 64d ago Google spotted an AI-developed zero-day before attackers could use it CyberScoop · 64d ago The SMB Cybersecurity Gap: Why Small Businesses Are The Fastest-Growing Attack Surface Cyber Defense Magazine · 64d ago Deterministic PE Structural Validation in IOCX v0.7.3 Malware Analysis & Reports · 64d ago beginner doubt cybersecurity · 64d ago The Bug Bounty Roadmap I'd Follow If I Started Over (With AI) NahamSec · 64d ago Is the AI hype helping or killing your bug bounty dreams? #hacking #bugbounty NahamSec · 64d ago where is the location of Files by Google on Android? hacking: security in practice · 64d ago Webinar this week: Prevention alone is not enough against modern attacks BleepingComputer · 64d ago I got my CEH Certification. SO what now? cybersecurity · 64d ago Construction to Cyber PM cybersecurity · 64d ago Deterministic PE Validation for Blue Teams - IOCX v0.7.3 For [Blue|Purple] Teams in Cyber Defence · 64d ago Reading old s4 memory with xgecu t48 hacking: security in practice · 64d ago [ Removed by Reddit ] cybersecurity · 64d ago Something got downloaded on my phone and then dissappeared cybersecurity · 64d ago Bleeding Llama cybersecurity · 64d ago The missing cybersecurity leader in small business CyberScoop · 64d ago Hack a data center? hacking: security in practice · 64d ago Do accountants even care about cybersecurityas much? cybersecurity · 64d ago Where Have All the Complex Windows Malware and Their Analyses Gone? cybersecurity · 64d ago TrickMo Android banker adopts TON blockchain for covert comms BleepingComputer · 64d ago Eyes wide open: How to mitigate the security and privacy risks of smart glasses WeLiveSecurity · 64d ago sl1nk link Malware Analysis & Reports · 64d ago MyAudi app:Security issues in Audi Connected Vehicle experience Technical Information Security Content & Discussion · 64d ago Delving deep into threat detection: My logic for abnormal EventID 7 activity For [Blue|Purple] Teams in Cyber Defence · 64d ago Giving Claude Code Full Control of a Hardware Fault Injection Setup to Bypass Secure Boot Technical Information Security Content & Discussion · 64d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 64d ago Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust cybersecurity · 64d ago Was the reconnaissance in Bugbounty overrated? cybersecurity · 64d ago Cybersecurity beginner building an experimental log analyzer — looking for advice cybersecurity · 64d ago Anyone else worried about AI being a security nightmare? cybersecurity · 64d ago Snyk not working cybersecurity · 64d ago Malicious tenants paid us to abuse our RMM. We blocked them cybersecurity · 64d ago Help reasuring parents with an email parsing tool (i will not promote) cybersecurity · 64d ago Check out my matplotlib of BLE live wire data for Oura ring! Reverse Engineering · 64d ago Positron: DLL injection based runtime JS injection toolkit for Electron(v8) apps on Windows Reverse Engineering · 64d ago NZ announces sanctions on malicious Russian cyber actors, online platforms For [Blue|Purple] Teams in Cyber Defence · 64d ago Update: Ongoing Checkmarx Supply Chain Security Incident For [Blue|Purple] Teams in Cyber Defence · 64d ago DFIR practitioner thinking about starting my own LLC to subcontract IR services to MSPs. Is there actually demand for this? cybersecurity · 64d ago Akamai bypass requires long session in wireshark, reversing header orders etc took me 12 months to develop Reverse Engineering · 64d ago cPanel & WHM Vulnerabilities Patched -DoS, Account Abuse & Security Risks Affect Hosting Servers cybersecurity · 64d ago 5 years as a Level 1 Security Analyst and wanting to transition into consulting cybersecurity · 64d ago How to download a RAT for myself Malware Analysis & Reports · 64d ago GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass cybersecurity · 64d ago New into network pentesting. cybersecurity · 64d ago Is it worth it to switching field to cybersecurity ? cybersecurity · 64d ago Neeed help to get cybersecurity internship. cybersecurity · 64d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 64d ago Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America Trend Micro Research, News, Perspectives · 64d ago Cybersecurity and ADHD cybersecurity · 64d ago Mythos, MOAK, CTEM and the End of CVE Chasing Technical Information Security Content & Discussion · 64d ago Autonomous Vulnerability Hunting with MCP hacking: security in practice · 64d ago Anyone dealt with a VulDB submission rejection? Resubmit or reply? cybersecurity · 64d ago GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass Reverse Engineering · 64d ago Building a Wasm-in-Wasm Virtualizer (with JIT decrypted paged memory) Reverse Engineering · 64d ago Autonomous Vulnerability Hunting with MCP Technical Information Security Content & Discussion · 64d ago GitHub - jesterfoidchopped/akamai-v3-sensor: Request based Akamai sensor bypass for version 3 Reverse Engineering · 64d ago ShinyHunters cashout fingerprint; on-chain trace of the May 2024 AT&T ransom payment, with persistent laundering-service hubs identified through 2025 For [Blue|Purple] Teams in Cyber Defence · 64d ago Unmanaged PowerShell Execution: Hunting Beyond powershell.exe For [Blue|Purple] Teams in Cyber Defence · 65d ago Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign For [Blue|Purple] Teams in Cyber Defence · 65d ago ISO 27001 certification: what auditors actually focus on versus what most teams spend time preparing cybersecurity · 65d ago Static Devirtualization of Themida For [Blue|Purple] Teams in Cyber Defence · 65d ago Now You See Me: AADGraphActivityLogs For [Blue|Purple] Teams in Cyber Defence · 65d ago I have a malware and need help removing it. someone please help me 🙏 cybersecurity · 65d ago [Write-up] CyberDefenders: Wiredive Lab For [Blue|Purple] Teams in Cyber Defence · 65d ago PE Entropy Visualizer with per-block RVA/VA mapping, locate packed payloads and encrypted blobs, then jump straight to them in IDA/Ghidra Reverse Engineering · 65d ago I'm starting to see a growth of apps in my org. I'd love to know how you defend against this/ secure it, and if it's happening to you too? cybersecurity · 65d ago EasySec - Update cybersecurity · 65d ago What is the cybersecurity equivalent of leaving your spare key under the doormat? cybersecurity · 65d ago ShinyHunters / AT&T ransom payment traced on-chain — paper draft, seeking arXiv cs.CR endorsement Technical Information Security Content & Discussion · 65d ago Hackers abuse Google ads, Claude.ai chats to push Mac malware BleepingComputer · 65d ago Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak cybersecurity · 65d ago VICE: Cyberwar | Full Season 2 | Blueprint cybersecurity · 65d ago Linux Kernel Killswitch Proposed After Recent Vulnerability Disclosures cybersecurity · 65d ago Email OTP as default (often ONLY) password isn’t the solution cybersecurity · 65d ago page_inject: CVE-2026-31431-killed page-cache exploit — code exec into containers sharing the same image layer For [Blue|Purple] Teams in Cyber Defence · 65d ago Soc analyse cybersecurity · 65d ago Police shut down reboot of Crimenetwork marketplace, arrest admin BleepingComputer · 65d ago AI DNS Resolver hacking: security in practice · 65d ago Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak cybersecurity · 65d ago Fighting Fire With Fire: Future-Proofing The Cybersecurity Workforce With AI Cyber Defense Magazine · 65d ago Price rising cybersecurity · 65d ago Data in Use Protection: How MPC Keeps Inputs Hidden from the Cloud - Stoffel - MPC Made Simple Technical Information Security Content & Discussion · 65d ago JDownloader — Website installer incident (May 2026) For [Blue|Purple] Teams in Cyber Defence · 65d ago AI Can Boost Cyber Defence But Poor Governance and Overreliance May Create New Risks, Warns WEF-KPMG Report cybersecurity · 65d ago Possible security incident against Arup Group cybersecurity · 65d ago Can honeypots be used this way? cybersecurity · 65d ago Is it true that the professionals have the worst setups? hacking: security in practice · 65d ago The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice. Technical Information Security Content & Discussion · 65d ago I think AI just quietly killed the 90-day disclosure window. cybersecurity · 65d ago TCM and Educate 360 are bugged cybersecurity · 65d ago The GNU MP Bignum Library - "We suspect that GMP's extremely tight loops around MULX make the Zen 5 cores use much more power than specified, making cooling solutions inadequate." For [Blue|Purple] Teams in Cyber Defence · 65d ago Got an alert from google what should I do? cybersecurity · 65d ago UK jobs cybersecurity · 65d ago AI in the Breach: How an Adversary Leveraged AI to Target a Water Utility’s OT For [Blue|Purple] Teams in Cyber Defence · 65d ago Need help debugging a school ZIP password-cracking lab setup pleaseeeee🙏 cybersecurity · 65d ago Outrunning SHA256 with Physics Technical Information Security Content & Discussion · 65d ago EventHawk v1.2 -open source Windows EVTX log analysis tool for DFIR (Juggernaut Mode, ATT&CK mapping, Sentinel anomaly engine) For [Blue|Purple] Teams in Cyber Defence · 65d ago Worst company cybersecurity · 65d ago Built a platform that combines phishing detection, encrypted file sharing, and cloud security scanning cybersecurity · 65d ago I made a rat that controls a pc thru telegram but overnight and all the time it sends this. What shall I do? I've already deleted the script from my pc and moved it to cloud based storage hacking: security in practice · 65d ago Msc Cybersecurity - dissertation ideas ( something that can be done in 3 or less months) cybersecurity · 65d ago Innovator Spotlight: Lineaje Cyber Defense Magazine · 65d ago ARGUS: 15 Production-Realistic Vulnerable AI Agent Targets for Red Teaming (Docker + Canary Scoring) cybersecurity · 65d ago App Store Question - Darato Sport / Dofu Sport / Kofu cybersecurity · 65d ago Help! - My Parents Computer is Hacked cybersecurity · 65d ago Refining hacking basics — scaling them aswell hacking: security in practice · 65d ago Ran lumma stealer from a recaptcha scam cybersecurity · 65d ago What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do Trend Micro Research, News, Perspectives · 65d ago Port 5986 question cybersecurity · 65d ago CVE-2026-44843: One Chat Message Steals Your Credentials. Then It Gets Worse! cybersecurity · 65d ago cyber security/ segurança da informação cybersecurity · 65d ago Jenkins honeypot reveals botnet exploiting scriptText to launch DDoS attacks on game servers For [Blue|Purple] Teams in Cyber Defence · 65d ago College student hacks Taiwan high-speed rail line with software defined radios, stopping four trains cybersecurity · 65d ago Help with an Escalating Cyber-Stalker cybersecurity · 65d ago RRW - Rick Roll WiFi cybersecurity · 65d ago Best resources to start learning python for cybersecurity and automation cybersecurity · 65d ago Writing a Naive LLVM-based Devirtualizer For [Blue|Purple] Teams in Cyber Defence · 65d ago Mythos AI is a cybersecurity threat, but it doesn’t rewrite the rules of the game. cybersecurity · 66d ago Memory Poisoning AI Agents via ChromaDB Technical Information Security Content & Discussion · 66d ago Defence in Depth: A Practical Secure Corporate Network Topology Technical Information Security Content & Discussion · 66d ago Where Have All the Complex Windows Malware and Their Analyses Gone? For [Blue|Purple] Teams in Cyber Defence · 66d ago JDownloader site hacked to replace installers with Python RAT malware cybersecurity · 66d ago JDownloader site hacked to replace installers with Python RAT malware BleepingComputer · 66d ago Technical Analysis of EagleSpy V6.0 (CraxsRAT Rebrand) Distributed Through Odysee and Telegram Technical Information Security Content & Discussion · 66d ago Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More) Technical Information Security Content & Discussion · 66d ago How can I fix my browser remembering what he had open last cybersecurity · 66d ago MS 360 CoPilot issues cybersecurity · 66d ago I run a malware and was wondering if its a rat or rootkit or dangerous stuff and how do i fix my pc (my dad gave ts to me can't lose it) i can give out any specific details cybersecurity · 66d ago ShinyHunters claims 275M records from Canvas LMS breach. 9,000 schools hit. Ransom deadline May 12. cybersecurity · 66d ago eBPF LSM runtime security agent for synchronous file/network denial — looking for technical feedback cybersecurity · 66d ago HackTheBox - Overwatch IppSec · 66d ago I keep seeing "what E8 maturity level should we target?" — here's the practical answer no one tells you cybersecurity · 66d ago AI Agent for Hacking, connects a brain to Kali (open-source & model-agnostic) hacking: security in practice · 66d ago Fake OpenAI repository on Hugging Face pushes infostealer malware BleepingComputer · 66d ago OWASP TOP 10 LLM 2026 Community voting cybersecurity · 66d ago When prompts become shells: RCE vulnerabilities in AI agent frameworks For [Blue|Purple] Teams in Cyber Defence · 66d ago Shift-Happens-Uncovering-to-builtin-command-injection-in-Windows-context-menus: Shift Happens: Uncovering two built-in command injections in Windows context menus For [Blue|Purple] Teams in Cyber Defence · 66d ago MOVEit Automation Critical Security Alert Bulletin – April 2026 – (CVE-2026-4670, CVE-2026-5174) For [Blue|Purple] Teams in Cyber Defence · 66d ago Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor For [Blue|Purple] Teams in Cyber Defence · 66d ago Let's Encrypt Status: Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate. This affects our "tlsserver" and "shortlived" ACME certificate profiles. For [Blue|Purple] Teams in Cyber Defence · 66d ago Second security incident at Instructure (Canvas) cybersecurity · 66d ago Wtf OPEN Ai Malware Analysis & Reports · 66d ago Bridging the Gap Between Vulnerabilities and Working Exploits hacking: security in practice · 66d ago um you guys is my hacker stupid? hacking: security in practice · 66d ago UK Advice Needed - VA+ Training? cybersecurity · 66d ago Gateweb - Secure Web Gateway cybersecurity · 66d ago Those who are in Detection engineering cybersecurity · 66d ago Can someone tell me of a trustable hacker? cybersecurity · 66d ago MSPs, how are you handling AI usage across your customer environments today? cybersecurity · 66d ago Shadow SSDT Hijacking: Achieving Kernel Code Execution via Read-Write cybersecurity · 66d ago How do i protect confidential data from unrestricted AI usage as a bank- what are good tools out there? cybersecurity · 66d ago ecpptv3 Exam in 3–4 Days — cybersecurity · 66d ago Analyse des DNS-Ausfalls vom 5. Mai 2026 - Analysis of the DNS outage of May 5, 2026 For [Blue|Purple] Teams in Cyber Defence · 66d ago Member of Prolific Russian Ransomware Group Sentenced to Prison For [Blue|Purple] Teams in Cyber Defence · 66d ago EasterBunny: advanced espionage artifacts attributed to APT29 For [Blue|Purple] Teams in Cyber Defence · 66d ago AI SECURITY: THE DEFINITIVE GUIDE — PART III | THE FINAL CHAPTER | COMMUNITY CISO SERIES cybersecurity · 66d ago Did CISA helped you land a job ? cybersecurity · 66d ago Tracking the "Sorry" Extortionist Campaign Against cPanel Websites For [Blue|Purple] Teams in Cyber Defence · 66d ago PositiveIntent: Evasive loader for .NET Framework assemblies For [Blue|Purple] Teams in Cyber Defence · 66d ago The Accidental C2: Exploring Dev Tunnels for Remote Access For [Blue|Purple] Teams in Cyber Defence · 66d ago Living of the Land - DISM Sandbox Provider Hijack For [Blue|Purple] Teams in Cyber Defence · 66d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode For [Blue|Purple] Teams in Cyber Defence · 66d ago CTO at NCSC Summary: week ending May 10th cybersecurity · 66d ago CTO at NCSC Summary: week ending May 10th For [Blue|Purple] Teams in Cyber Defence · 66d ago ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure For [Blue|Purple] Teams in Cyber Defence · 66d ago PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale For [Blue|Purple] Teams in Cyber Defence · 66d ago Copy_Fail2-Electric_Boogaloo: Copy Fail 2: Electric Boogaloo For [Blue|Purple] Teams in Cyber Defence · 66d ago pre pre junior needs help(guidance pls) cybersecurity · 66d ago DARWIS Taka - Web vulnerability scanner with Optional AI Validation For [Blue|Purple] Teams in Cyber Defence · 66d ago Trojan malware cybersecurity · 66d ago SANs Courses: How do people get their employers to pay? cybersecurity · 66d ago NIS2 Article 21: turning compliance controls into technical security evidence cybersecurity · 66d ago This GBA Rom is making is having a weird behavior in the Sandbox, why? cybersecurity · 66d ago This GBA ROM makes some weird things in the sanbox, would love to understand why hacking: security in practice · 66d ago Why AI agent governance feels harder than traditional security models cybersecurity · 66d ago Seclens: Role-specific Evaluation of LLM's for security vulnerablity detection Technical Information Security Content & Discussion · 66d ago Confused about what certs are important cybersecurity · 66d ago Would getting Security+ be worthless for me? cybersecurity · 66d ago [Update] QSLCL v2.0.2 - Universal SoC Framework with Encryption (A12-A17+, Qualcomm, MediaTek, Unisoc) Reverse Engineering · 66d ago Submit probe test — shadow DOM click cybersecurity · 66d ago Threat intelligence in OT (Power equipments) cybersecurity · 66d ago Why was he banned? hacking: security in practice · 66d ago Securing CI/CD for an open source project: lessons from Cilium Technical Information Security Content & Discussion · 66d ago LAB Setup hacking: security in practice · 66d ago SunnyDayBPF: eBPF telemetry integrity research for detection engineering For [Blue|Purple] Teams in Cyber Defence · 67d ago Ethical malware development community hacking: security in practice · 67d ago SOC Analyst cybersecurity · 67d ago PAWs, PAM and PIM..what is best practice? cybersecurity · 67d ago This is the most in-depth analysis I have found on the Instructure/Canvas breach so far. cybersecurity · 67d ago Poland says hackers breached water treatment plants, and the U.S. is facing the same threat cybersecurity · 67d ago Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments CyberScoop · 67d ago Has Instructure paid SH? hacking: security in practice · 67d ago Millions of students are locked out. Canvas is down. And the notorious hacker group ShinyHunters has given Instructure a terrifying ultimatum: Pay the ransom by May 12, 2026, or the private data of potentially millions of users will be leaked to the dark web. cybersecurity · 67d ago NVIDIA confirms GeForce NOW data breach affecting Armenian users BleepingComputer · 67d ago Quacc++: Automated Open Source Vulnerability Discovery cybersecurity · 67d ago Guys, this Canvas thing, this whole thing, ALL OF THIS… it’s all about me. hacking: security in practice · 67d ago 60% of MD5 password hashes are crackable in under an hour cybersecurity · 67d ago Built a correlation engine that chains AD findings into attack paths automatically. cybersecurity · 67d ago New trends (not mainstream) hacking: security in practice · 67d ago Why More Analysts Won’t Solve Your SOC’s Alert Problem BleepingComputer · 67d ago Ghidra-SNES: A Ghidra extension for reverse engineering SNES ROMs (first public release, feedback welcome!) Reverse Engineering · 67d ago Dirty Frag in Kubernetes: unset seccomp behaved like Unconfined in our EKS/GKE tests cybersecurity · 67d ago ShinyHunters claims nearly 9,000 schools affected by Canvas data breach CyberScoop · 67d ago Trellix source code breach claimed by RansomHouse hackers BleepingComputer · 67d ago Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI CyberScoop · 67d ago Why Vulnerability Scanning Is Not Penetration Testing, And Why Cisos Should Care Cyber Defense Magazine · 67d ago JDownloader's official website delivered Python RAT cybersecurity · 67d ago JDownloader's official website delivered Python RAT Malware Analysis & Reports · 67d ago Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854) cybersecurity · 67d ago ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12. cybersecurity · 67d ago ShinyHunters breached Canvas/Instructure — 275M student records stolen from 8,809 schools, ransom deadline May 12 Technical Information Security Content & Discussion · 67d ago Note taking apps and advice cybersecurity · 67d ago CISA gives feds four days to patch Ivanti flaw exploited as zero-day BleepingComputer · 67d ago Best tools to find exposed web services by HTML title / HTTP response? hacking: security in practice · 67d ago IMF Warns AI Could Trigger Global Financial Cyber Crisis cybersecurity · 67d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 67d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 67d ago New Linux 'Dirty Frag' zero-day gives root on all major distros cybersecurity · 67d ago Reverse-engineered DaVinci Resolve's activation check with Claude — Frida runtime tracing + radare2 Reverse Engineering · 67d ago Is the ISC2 Cybersecurity program still worth it? cybersecurity · 67d ago Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama For [Blue|Purple] Teams in Cyber Defence · 67d ago Zara data breach exposed personal information of 197,000 people BleepingComputer · 67d ago Canvas getting hit during finals week shows how fragile “critical SaaS” has become cybersecurity · 67d ago Are websites exposed to the internet under attack almost every hour, even if they're small? cybersecurity · 67d ago Needle crypto-stealer C2 analysis: API key embedded in plain text inside the Rust malware unlocked 1,932 victims and the operator's withdrawal config Technical Information Security Content & Discussion · 67d ago Massive Cyber Attack Exposes Millions 🚨 || starting my cybersecurity jou... For [Blue|Purple] Teams in Cyber Defence · 67d ago Devastating 'Dirty Frag' exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken cybersecurity · 67d ago Former govt contractor convicted for wiping dozens of federal databases BleepingComputer · 67d ago What the **** is happening in cybersecurity space ? cybersecurity · 67d ago New Linux 'Dirty Frag' zero-day gives root on all major distros BleepingComputer · 67d ago Canvas is back up, but now what? cybersecurity · 67d ago Copy Fail (CVE-2026-31431): A Technical Deep Dive Technical Information Security Content & Discussion · 67d ago Why wouldn’t the hackers already have our passwords if they infiltrated canvas potentially weeks ago? hacking: security in practice · 67d ago AI Agents Have a Security Problem. IronClaw is Fixing It. hacking: security in practice · 67d ago Instagram is getting rid of end to end encryption, what now? cybersecurity · 67d ago Student Arrested in Taiwan for using SDR and Handheld Radios to Halt Four High Speed Trains with TETRA Hack For [Blue|Purple] Teams in Cyber Defence · 67d ago Dirty Frag: Universal Linux LPE For [Blue|Purple] Teams in Cyber Defence · 67d ago Ivanti: We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication. For [Blue|Purple] Teams in Cyber Defence · 67d ago Two U.S. Nationals Sentenced for Facilitating Fraudulent Remote Information Technology Worker Schemes to Generate Revenue for the Democratic People’s Republic of Korea For [Blue|Purple] Teams in Cyber Defence · 67d ago New “Dirty Frag” Linux Kernel Vulnerability Could Lead to Root Escalation cybersecurity · 67d ago Reported a Broken Access Control bug to Instructure via bugcrowd 11 months ago, and also sent directly to canvas and instructure since I didn’t really care about the bounty. It was deemed "not applicable". cybersecurity · 67d ago Did I fu by opening an (archived) Onion .txt link posted by the cybercriminal group? cybersecurity · 67d ago SASS King Part 2: reverse-engineering ptxas heuristic decisions and what the compiled binary actually reveals Reverse Engineering · 67d ago Cushman and Wakefield confirms cyberattack cybersecurity · 67d ago Egnyte potential ransomware attack cybersecurity · 67d ago So canvas is down, what'll happen if they can't come to an argreement? cybersecurity · 67d ago Canvas (used by 275M students) was just hacked. Here's exactly what was stolen and what you need to do right now. cybersecurity · 67d ago I just released a C++ rewrite of **Minecraft rd-20090515** (May 15, 2009 — one of the earliest pre-Classic versions).If you find it interesting, a ⭐ on GitHub would mean a lot and help the project grow! Reverse Engineering · 67d ago /Why/ is Shinyhunters targeting Canvas? cybersecurity · 67d ago Canvas Hack - Any Guesses How? cybersecurity · 67d ago Should I build a virtual or physical lab? cybersecurity · 67d ago Instructure (Canvas) Breached by Shiny Hunters — 275M Records from ~9,000 Schools/Universities, Ransom Deadline May 12 cybersecurity · 67d ago Engineering a Zero-Trust Kubernetes SIEM: Bypassing NAT Blindness with eBPF, TC, and Suricata cybersecurity · 67d ago Audit/Cybersecurity cybersecurity · 67d ago Issues removing Trellix (and specifically solidifier) cybersecurity · 67d ago Pentagon eyes 3-year cyber training requirement, overriding new Army policy cybersecurity · 67d ago A hacker ran me over with a robot lawn mower - The Verge hacking: security in practice · 67d ago Revealed: Russia’s top secret spy school teaching hacking and election meddling | Russia For [Blue|Purple] Teams in Cyber Defence · 67d ago Canvas login portals hacked in mass ShinyHunters extortion campaign BleepingComputer · 67d ago How much personal info will be leaked by the recent Canvas hack?? cybersecurity · 67d ago OceanLotus suspected of distributing ZiChatBot malware via wheel packages in PyPI For [Blue|Purple] Teams in Cyber Defence · 67d ago Dirty Frag and canvas cybersecurity · 67d ago New TCLBanker malware self-spreads over WhatsApp and Outlook BleepingComputer · 67d ago Hackers deface school login pages after claiming another Instructure hack cybersecurity · 67d ago Happened today hacking: security in practice · 67d ago Ivanti customers confront yet another actively exploited zero-day CyberScoop · 67d ago Did I destroy my career by being loyal to an arguably good company? cybersecurity · 67d ago Kernel LPE Vulnerability Published Early Due To Third-Party Breaking Embargo Technical Information Security Content & Discussion · 67d ago V4bel/dirtyfrag - Universal Linux Local Privilege Escalation cybersecurity · 67d ago Searching for bulletproof detections in cPanel Land: Hunting for CVE-2026-41940: Building Detections for the exploit, not the PoC For [Blue|Purple] Teams in Cyber Defence · 67d ago What is CYBERRANT? cybersecurity · 67d ago Canvas is down as ShinyHunters hack forces outage cybersecurity · 67d ago Shinyhunters and Canvas hacking: security in practice · 67d ago New Dirty Frag Linux Bug Emerges in Wake of Copy Fail cybersecurity · 67d ago Heads up: AWS Educate Canvas login page may be compromised. Saw what looks like a ShinyHunters defacement page today. cybersecurity · 67d ago How is GRC work in a MSSP? cybersecurity · 67d ago SH and BF phishing console cybersecurity · 67d ago Trump officials are steering a cybersecurity scholarship program toward AI CyberScoop · 68d ago Finally switching over from Authy 2FA. What is the better alternative, 2FAS or Ente Auth? cybersecurity · 68d ago Dirty Frag - Linux LPE similiar to Copy Fail Technical Information Security Content & Discussion · 68d ago Socure authenticating AI identity as real. cybersecurity · 68d ago The first FREE online WebAssembly Reverse Engineering workbench (and how we built it) Reverse Engineering · 68d ago New PCPJack worm steals credentials, cleans TeamPCP infections BleepingComputer · 68d ago Automated SSL Certificate Renewals - What is your setup? cybersecurity · 68d ago Shinyhunters and Canvas cybersecurity · 68d ago What Cli execution do you use for a script file? cybersecurity · 68d ago Australia warns of ClickFix attacks pushing Vidar Stealer malware BleepingComputer · 68d ago Fiserv security incident - data breach notice cybersecurity · 68d ago Linux attacks seem to be shifting from “servers” to DevOps and supply chain environments cybersecurity · 68d ago Honey Tokens: Bait Credentials That Catch Breaches Technical Information Security Content & Discussion · 68d ago I graduate next year with a Cybersecurity degree. cybersecurity · 68d ago An unknown malware threat. There is no such thing as a 100% detection. Malware Analysis & Reports · 68d ago Asking about Cortex cybersecurity · 68d ago CVE-2026-42511 Breakdown: RCE in FreeBSD Technical Information Security Content & Discussion · 68d ago Apache Caldera cybersecurity · 68d ago What’s the “unsexy” problem in cyber that’s actually a total disaster? cybersecurity · 68d ago Critical vm2 Sandbox Escape Vulnerabilities Expose Node.js Apps to Full Host RCE cybersecurity · 68d ago Ivanti warns of new EPMM flaw exploited in zero-day attacks BleepingComputer · 68d ago As a developer, should I use AI to improve security? cybersecurity · 68d ago My company has an MSP that manages our employee endpoints but we cant access the software they use to manage cybersecurity · 68d ago Bypassing Bitlocker under 5 min using downgrade attack on CVE-2025-48804 Technical Information Security Content & Discussion · 68d ago Americans sentenced for running 'laptop farms' for North Korea cybersecurity · 68d ago Is my laptop hijacked ? cybersecurity · 68d ago The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls BleepingComputer · 68d ago American duo sentenced for hosting laptop farms for North Korean IT workers CyberScoop · 68d ago claude ai gave security beta to Enterprise plans only what can we do as pentesters? cybersecurity · 68d ago Massive .de DNSSEC Failure Took Large Parts of Germany’s Web Offline cybersecurity · 68d ago Americans sentenced for running 'laptop farms' for North Korea BleepingComputer · 68d ago Advice for path to land job SOC in France cybersecurity · 68d ago Bouncing Back from Cyberattacks: How Fast Recovery Is Mastered Cyber Defense Magazine · 68d ago Possible Major Vulnerability: Chromium used by current version of PRTG cybersecurity · 68d ago Mythos AI may be a cybersecurity threat, but it follows the rules of the game cybersecurity · 68d ago When AI Stops Assisting And Starts Discovering: What Claude Mythos Preview Means For Cybersecurity Cyber Defense Magazine · 68d ago Control Checks using AI. cybersecurity · 68d ago How do native password managers clear the clipboard? cybersecurity · 68d ago VLC Media Player MKV Exploit Analysis Reverse Engineering · 68d ago Graduating CS Student but Wanna Start my Career in Cybersecurity cybersecurity · 68d ago Crypto gang member gets 6.5 years for role in $230 million heist BleepingComputer · 68d ago An AI security auditor that red-teams PRs to find exploits, not just patterns (open-source + Ollama support) Technical Information Security Content & Discussion · 68d ago Webinar: Why modern attacks require both security and recovery BleepingComputer · 68d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 68d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 68d ago MAXHUB Pivot Client Application All CISA Advisories · 68d ago Approve Once, Exploit Forever: The Trust Persistence Problem in Claude Code, Codex and Gemini-CLI Technical Information Security Content & Discussion · 68d ago Claude-Themed Malware Campaigns cybersecurity · 68d ago DeepFake it till you make it. cybersecurity · 68d ago The 12 ways AI agents fail in production. A taxonomy for security teams reviewing agent deployments cybersecurity · 68d ago Palo Alto Networks firewall zero-day exploited for nearly a month BleepingComputer · 68d ago What niche in cybersecurity should I go for, with my background in Angular & .NET ? cybersecurity · 68d ago Successor for Kaspersky Endpoint Security cybersecurity · 68d ago Fake Claude AI website delivers new 'Beagle' Windows malware BleepingComputer · 68d ago One House Democrat is pressing Commerce on the government’s spyware use CyberScoop · 68d ago Fake call logs, real payments: How CallPhantom tricks Android users WeLiveSecurity · 68d ago Detecting BEC Persistence with KQL For [Blue|Purple] Teams in Cyber Defence · 68d ago Modify md5sum of a file hacking: security in practice · 68d ago Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago cybersecurity · 68d ago SOC Analyst tier 1 (Entry Level) ?? cybersecurity · 68d ago Unpacking Russian-Iranian Private-Sector Cyber Connections For [Blue|Purple] Teams in Cyber Defence · 68d ago Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this. cybersecurity · 68d ago Made cybersecurity merch as an infosec practitioner — honest feedback welcome cybersecurity · 68d ago Fixing the password problem is as easy as 123456 WeLiveSecurity · 68d ago As AI agents become users of company data - what is needed to keep data secure? cybersecurity · 68d ago Wrote an extremely detailed 11-article series on attacking and defending APIs - top 10 vulnerabilities. cybersecurity · 68d ago AI inference is quietly becoming a security problem cybersecurity · 68d ago is winrar 7.13 vulnerable to extraction exploits? cybersecurity · 68d ago Tried explaining internet encryption in a beginner-friendly but accurate way, feedback? cybersecurity · 68d ago Is the EC-Council CTIA Certification Worth It for Career Growth? cybersecurity · 68d ago POC Android vuln 2026 cybersecurity · 68d ago Credential caching is an unsolved architectural tradeoff, and we should stop pretending otherwise cybersecurity · 68d ago Opinions on Mimecast cybersecurity · 68d ago Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution For [Blue|Purple] Teams in Cyber Defence · 68d ago What's going on in the field of Cybersecurity 🫣. cybersecurity · 68d ago How do teams preserve institutional pentest knowledge when senior testers leave? cybersecurity · 68d ago CVE-2026-32710 MariaDB JSON_SCHEMA_VALID heap buffer overflow leading to RCE cybersecurity · 68d ago Sophos NDR on Proxmox cybersecurity · 68d ago Most of the antivirus websites redirect to microsoft defender website. I can’t access their websites Malware Analysis & Reports · 68d ago Quacc++: Automated Open Source Vulnerability Discovery Technical Information Security Content & Discussion · 68d ago Hackers abuse Google ads for GoDaddy ManageWP login phishing BleepingComputer · 68d ago A DOD contractor’s API flaw exposed military course data and service member records CyberScoop · 68d ago On today's earnings call, IONQ just said they expect to meet Q-Day requirements by 2028-2029. cybersecurity · 68d ago DOJ says ransomware gang tapped into Russian government databases cybersecurity · 68d ago DAEMON Tools devs confirm breach, release malware-free version cybersecurity · 68d ago Have there been instances where your SOC has suffered a cybersecurity attack? cybersecurity · 68d ago OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk For [Blue|Purple] Teams in Cyber Defence · 69d ago Inadvertent Injections For [Blue|Purple] Teams in Cyber Defence · 69d ago A critical Palo Alto PAN-OS zero-day is being exploited in the wild CyberScoop · 69d ago OpenCTI founder, Samuel Hassine, arrested and charged for buying child porn / CSAM hacking: security in practice · 69d ago OpenCTI founder, Samuel Hassine, arrested and charged with CSAM cybersecurity · 69d ago Deepfake Platform cybersecurity · 69d ago Critical vm2 sandbox bug lets attackers execute code on hosts BleepingComputer · 69d ago Innovators Spotlight: Badge (Part II) Cyber Defense Magazine · 69d ago Trellix Licence Query cybersecurity · 69d ago New Cisco DoS flaw requires manual reboot to revive devices BleepingComputer · 69d ago CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal For [Blue|Purple] Teams in Cyber Defence · 69d ago Getting this Trojans while open Cherax Loader: Malgent!MSR /Phonzy.A!ML Malware Analysis & Reports · 69d ago Instructure hacker claims data theft from 8,800 schools, universities cybersecurity · 69d ago Is AI generated code creating a non-linear security problem for AppSec teams? cybersecurity · 69d ago Jailbreaking my cars infotainment system and implementing my own custom software hacking: security in practice · 69d ago Binance fixed the IP whitelist gap — but the disclosure process is still broken Technical Information Security Content & Discussion · 69d ago D.H.S. Intelligence Office Did Not Properly Secure Smartphones, Watchdog Says cybersecurity · 69d ago DAEMON Tools devs confirm breach, release malware-free version BleepingComputer · 69d ago where is the original wormgpt hacking: security in practice · 69d ago Evaluating Microsoft 365 vs Third‑Party Tools for Email and Endpoint Security cybersecurity · 69d ago Norton Antivirus and Other Norton Software cybersecurity · 69d ago Would you take a promotion to work 100% in office that you’ve been working towards or same pay but work from home? cybersecurity · 69d ago We scanned 200 high-star MCP servers. 205 critical findings. Here are 4 novel attack classes. cybersecurity · 69d ago Download a malware a while ago, someone trying to log into my ios account cybersecurity · 69d ago Are there any chill hacking youtubers? hacking: security in practice · 69d ago Org Restructure cybersecurity · 69d ago Non-Determinism of Maps in Golang: Why, How, and the Consequences Technical Information Security Content & Discussion · 69d ago Does SOC 2 actually reduce questionnaires, or just change them? cybersecurity · 69d ago Google VRP dismissed a systemic Play Store bypass as "Intended Behavior" after 24 internal views cybersecurity · 69d ago Why ransomware attacks succeed even when backups exist BleepingComputer · 69d ago How do investigators or cybersecurity researchers correlate online accounts (like Instagram profiles) with IP/network information legally and ethically? cybersecurity · 69d ago pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI Reverse Engineering · 69d ago pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI Technical Information Security Content & Discussion · 69d ago Ran phishing awareness training for 200+ non-tech employees cybersecurity · 69d ago Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware For [Blue|Purple] Teams in Cyber Defence · 69d ago Proprietary Software, Hardware and Protocols Face AI-Driven Security Risk cybersecurity · 69d ago Vulnerability Garden Technical Information Security Content & Discussion · 69d ago Vulnerability Garden cybersecurity · 69d ago Palo Alto Firewall Zero-Day Under Active Exploitation cybersecurity · 69d ago MuddyWater hackers use Chaos ransomware as a decoy in attacks BleepingComputer · 69d ago Redefining Security Operations Through Seceon’s Open Threat Management Platform Cyber Defense Magazine · 69d ago Webinar: Why network incidents escalate and how to fix response gaps BleepingComputer · 69d ago Cyber Security Militias cybersecurity · 69d ago Hidden domain dependencies in AI stacks: expired domains, dangling DNS, and takeover risk cybersecurity · 69d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 69d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 69d ago Took me a decade to turn quantum computing into what programmers can easily learn, big announcement hacking: security in practice · 69d ago Lilygo T-Embed Glitching etc hacking: security in practice · 69d ago CyberSecurity Nightmares cybersecurity · 69d ago Can I use NanoKVM if it's just to turn on pc? cybersecurity · 69d ago got listbombed on my waitlist with 1000 fake adresses, i tried to make some security changes maybe i missed something? cybersecurity · 69d ago How to learn tools for cybersecurity? cybersecurity · 69d ago 'CopyFail' attackers start cashing in on Linux flaw cybersecurity · 69d ago Anybodybodybdown for a team/studygroup? cybersecurity · 69d ago Veteran hackers... which era did you prefer hacking in? 🟢 The 1980s 🟣 The 1990s 🔵 The 2000s 🔴 Or today? hacking: security in practice · 69d ago I was hacked due to sim card spoofing cybersecurity · 69d ago Palo Alto Networks warns of firewall RCE zero-day exploited in attacks BleepingComputer · 69d ago Chrome is quietly installing a 4GB AI model on your device cybersecurity · 69d ago Dev vs Security role cybersecurity · 69d ago Discord bot C2 infrastructure Malware Analysis & Reports · 69d ago Iranian-Nexus Operation Against Oman's Government: 12 Ministries Hit and 26,000 Citizen Records Exposed For [Blue|Purple] Teams in Cyber Defence · 69d ago A rigged game: ScarCruft compromises gaming platform in a supply-chain attack For [Blue|Purple] Teams in Cyber Defence · 69d ago UAT-8302 and its box full of malware For [Blue|Purple] Teams in Cyber Defence · 69d ago Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft cybersecurity · 69d ago Oracle Debuts Monthly Critical Security Patch Updates cybersecurity · 69d ago Sec engineer / developer? cybersecurity · 69d ago When doing bug bounty, do you usually immerse yourself in 2 or 3 specific domains (ones where vulnerabilities are likely to exist) and focus all your testing efforts on them? cybersecurity · 69d ago Are we actually seeing more vulnerabilities or just more noise? cybersecurity · 69d ago Cybersecurity jobs in red team cybersecurity · 69d ago Question cybersecurity · 69d ago What’s the biggest mistake people make even after installing antivirus? cybersecurity · 69d ago CVE-2026-0073 Android adbd TLS client-authentication bypass For [Blue|Purple] Teams in Cyber Defence · 69d ago One KQL query you should have saved in your toolkit (most don’t) For [Blue|Purple] Teams in Cyber Defence · 69d ago New dashboard tracks ransomware groups by their reliance on Infostealer credentials cybersecurity · 69d ago ant4g0nist/pyre: Ghidra decompiler in your browser Reverse Engineering · 69d ago CVE-2026-31431 hit KEV after 9 days, what are you using to catch that earlier? For [Blue|Purple] Teams in Cyber Defence · 69d ago Found a possibly interesting live attack hacking: security in practice · 69d ago What would you say if your security lead said this... cybersecurity · 69d ago What would be the goto setup in AWS for security purposes? cybersecurity · 69d ago CREST CRT Exam 2025/2026 Experiences cybersecurity · 69d ago Built a Cowboy Bebop-themed threat hunting lab with Splunk and Sysmon — writeup inside For [Blue|Purple] Teams in Cyber Defence · 69d ago Microsoft Edge stores your passwords in plaintext RAM... on purpose cybersecurity · 69d ago Supporting the National Cyber Strategy: How TrendAI™ Helps Trend Micro Research, News, Perspectives · 69d ago Export/Backup ChatGPT chats hacking: security in practice · 69d ago Como começar? cybersecurity · 69d ago Possible Password Leak? Curious if Anyone Has Seen This Before cybersecurity · 69d ago Resident Evil: Code Veronica X is able to play the opening FMV from the decompiled PS2 source! Reverse Engineering · 69d ago Not a Hack. A Handout. Inside the GTFOice.org Data Exposure cybersecurity · 69d ago Besoin de conseils sur une DMZ automatisée cybersecurity · 69d ago Microsoft, Google and xAI will let the government test their AI models before launch cybersecurity · 69d ago Android ADB Auth Bypass Proof-of-Concept: CVE-2026-0073 cybersecurity · 69d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode Reverse Engineering · 69d ago New stealthy Quasar Linux malware targets software developers BleepingComputer · 69d ago SMB Header Signature for Tagging in Firewall cybersecurity · 69d ago Question regarding VDP cybersecurity · 69d ago Working on what i should do for the next 3 years cybersecurity · 69d ago Question for Security Professionals cybersecurity · 69d ago Do tech companies lifecycle-manage public DNS records to prevent dangling DNS? cybersecurity · 69d ago Instructure hacker claims data theft from 8,800 schools, universities BleepingComputer · 69d ago Vulnerability Summary for the Week of April 27, 2026 cybersecurity · 69d ago Scan. Secure. Simplify. — Free Web Tools Platform Technical Information Security Content & Discussion · 70d ago Cisco releases open-source ‘DNA test for AI models’ cybersecurity · 70d ago Cybersecurity is becoming too AI dependent is that a problem cybersecurity · 70d ago Foxconn Wisconsin outage raises cyber questions cybersecurity · 70d ago How stressful is GRC? cybersecurity · 70d ago News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market The Last Watchdog · 70d ago Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026–7482) Technical Information Security Content & Discussion · 70d ago Salesforce pentesting novel techniques- how to be an apex predator Technical Information Security Content & Discussion · 70d ago DAEMON Tools trojanized in supply-chain attack to deploy backdoor BleepingComputer · 70d ago Anyone remember areyoufearless.com / “Free Gobo”? Early 2000s hacker forum nostalgia cybersecurity · 70d ago Have CEH certification – looking for free cybersecurity bootcamps or resources to land a job in India cybersecurity · 70d ago Archer for a non-regulated medium sized company? cybersecurity · 70d ago Cybersecurity statistics of the week (April 27th - May 3rd) cybersecurity · 70d ago Reverse-engineering the 1998 Ultima Online demo server Reverse Engineering · 70d ago Well, I'm wondering about working on a RAG pentesting bot. Comment down the best data source to feed LLM. cybersecurity · 70d ago One-Click Refunds Are Not as Hard as You Think Blog – Forter · 70d ago Student hacked Taiwan high-speed rail to trigger emergency brakes BleepingComputer · 70d ago 🇮🇷 Iranian-Nexus Campaign Against Oman's Government: 12 Ministries, 26,000 Records For [Blue|Purple] Teams in Cyber Defence · 70d ago Where to find reliable vendors? cybersecurity · 70d ago DigiCert: Misissued code signing certificates Technical Information Security Content & Discussion · 70d ago Just got into cybersecurity with no prior experience and feeling intimidated. Thoughts? cybersecurity · 70d ago We wrote a guide on securing Claude across the enterprise — here's the core framework (with download) cybersecurity · 70d ago Over 5 months: Payment bypass marked OOS, moved to VDP, and downgraded to Medium. cybersecurity · 70d ago Hardware reverse enginnering first project. Love some advice cybersecurity · 70d ago Microsoft Edge Stores Passwords in Process Memory, Posing Risk cybersecurity · 70d ago Currently working on cybersecurity, looking for advice cybersecurity · 70d ago Open-source scanner for MCP servers and skill files : attack chain detection and server-card scanning cybersecurity · 70d ago Major AI Clients Shipping With Broken OAuth Implementations Technical Information Security Content & Discussion · 70d ago CISO course valuation cybersecurity · 70d ago Inside Faxanadu series — deep dive into how this NES title works Reverse Engineering · 70d ago EMBA v2.0.1 with interactive firmware dependency map available - Check it out and let us know what you are missing Reverse Engineering · 70d ago Popular DAEMON Tools software compromised For [Blue|Purple] Teams in Cyber Defence · 70d ago A rigged game: ScarCruft compromises gaming platform in a supply-chain attack For [Blue|Purple] Teams in Cyber Defence · 70d ago Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise For [Blue|Purple] Teams in Cyber Defence · 70d ago GRC Path to CISO (Certifications) cybersecurity · 70d ago Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities For [Blue|Purple] Teams in Cyber Defence · 70d ago CISOs and pentest buyers, what's the worst thing you've seen in a pentest report? cybersecurity · 70d ago FTC to ban data broker Kochava from selling Americans’ location data BleepingComputer · 70d ago How to enforce M365 Sign-in frequency on corporate laptops? cybersecurity · 70d ago CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs cybersecurity · 70d ago The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check. BleepingComputer · 70d ago The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss BleepingComputer · 70d ago Built an independent directory of AI Act / AI governance tools, feedback? cybersecurity · 70d ago ScarCruft APT group compromises gaming platform in a supply-chain attack cybersecurity · 70d ago Just curious cybersecurity · 70d ago 'Copy Fail' is a real Linux security crisis wrapped in AI slop cybersecurity · 70d ago Analysis malicious DLL cybersecurity · 70d ago Cyber security free course cybersecurity · 70d ago Vimeo data breach exposes personal information of 119,000 people BleepingComputer · 70d ago The Insurance Industry Is Rewriting Cybersecurity Strategy Cyber Defense Magazine · 70d ago Does certification expires? cybersecurity · 70d ago HN Security - Extending Burp Suite for fun and profit – The Montoya way – Part 10 Technical Information Security Content & Discussion · 70d ago IOCX v0.7.1 — robustness update focused on malformed PEs, hostile strings, and static‑analysis hardening Malware Analysis & Reports · 70d ago Panicking Malware Analysis & Reports · 70d ago ABB B&R Automation Studio All CISA Advisories · 70d ago ABB B&R Automation Runtime All CISA Advisories · 70d ago Hitachi Energy PCM600 All CISA Advisories · 70d ago Johnson Controls CEM AC2000 All CISA Advisories · 70d ago ABB B&R PVI All CISA Advisories · 70d ago How the Story of a USB Penetration Test Went Viral darkreading · 70d ago We get paid to break into buildings for a living. Ask us anything! cybersecurity · 70d ago Pay2Key ransomware — any recovery path that’s actually worked? cybersecurity · 70d ago Google now offers up to $1.5 million for some Android exploits BleepingComputer · 70d ago Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison cybersecurity · 70d ago Microsoft just documented an AiTM phishing campaign that hit 35,000 users across 13,000 orgs in 3 days, the lure was a fake "code of conduct review" PDF cybersecurity · 70d ago Ghosts of Encryption Past – How we Read All Your Emails in Salesforce Marketing Cloud Technical Information Security Content & Discussion · 70d ago How have you kept growing your knowledge in security when the job stops pushing you? cybersecurity · 70d ago Supply chain attack: DAEMON Tools Lite now contains a backdoor. Malware Analysis & Reports · 70d ago Accelerating Vulnerability Detection and Response at Oracle For [Blue|Purple] Teams in Cyber Defence · 70d ago The Danger of Multi-SSO AWS Cognito User Pools Technical Information Security Content & Discussion · 70d ago Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison BleepingComputer · 70d ago CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs BleepingComputer · 70d ago Copilot Cowork: From conversation to action across skills, integrations, and devices Microsoft 365 Blog · 70d ago Microsoft 365 Copilot, human agency, and the opportunity for every organization Microsoft 365 Blog · 70d ago The UK’s Age Verification Law Is Producing Compliance Theater cybersecurity · 70d ago Microsoft Edge: Passwords end up in memory as plaintext cybersecurity · 70d ago Do people still get viruses in 2026, or is that mostly a myth now? cybersecurity · 70d ago Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026 Technical Information Security Content & Discussion · 70d ago Mitigation script for Copy Fail vulnerability CVE-2026-31431 cybersecurity · 70d ago Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026 cybersecurity · 70d ago Is this fake too?🤣 hacking: security in practice · 70d ago Copy.fail: Why Internal LLMs Are Non-Negotiable for Security Reverse Engineering · 70d ago The cPanel Zero-Day Was Active for 64 Days Before Anyone Knew For [Blue|Purple] Teams in Cyber Defence · 70d ago Critical Apache HTTP Server RCE (CVE-2026-23918) - Millions of Servers Potentially Exposed. Patches released cybersecurity · 70d ago ScarCruft hackers push BirdCall Android malware via game platform BleepingComputer · 70d ago A rigged game: ScarCruft compromises gaming platform in a supply-chain attack WeLiveSecurity · 70d ago DigiCert breached via malicious screensaver file cybersecurity · 70d ago I just figured out my dad use to be a Phreaker in the 1980s hacking: security in practice · 70d ago Caido Payloads and Scanner of Endpoints cybersecurity · 70d ago Proton Pass: Second-Password Bypass Through Emergency Access Technical Information Security Content & Discussion · 70d ago What of my favorite videos🙂 hacking: security in practice · 70d ago CISO Security Mind Map 2026 cybersecurity · 70d ago Interview with Chris Kubecka, Cybersecurity Expert, Journalist and Volunteer Rescue Worker cybersecurity · 70d ago Best tools for blocking spam calls and spam links? hacking: security in practice · 70d ago Amazon SES increasingly abused in phishing to evade detection cybersecurity · 70d ago someone else’s UI appearing on screen for split second— possible hacker?? hacking: security in practice · 70d ago AI Security Trainings cybersecurity · 70d ago Ai help cybersecurity · 70d ago ByDesign: observed behavior where file URLs remain accessible after unshare/delete cybersecurity · 70d ago Can Kali Linux still compete in cyber security or is it outdated? cybersecurity · 70d ago We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don't bother Technical Information Security Content & Discussion · 70d ago Avoiding rouge AP detection in enterprise networks hacking: security in practice · 70d ago Who are your favorite cybersecurity YouTubers? cybersecurity · 70d ago CISOs, how are you balancing AI adoption with security risks these days? cybersecurity · 70d ago GIDR: A behavioral intrusion detection system for Windows. Files are innocent until proven guilty at runtime. When malicious behavior is detected, the entire attack chain is traced to root and eliminated. For [Blue|Purple] Teams in Cyber Defence · 70d ago dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025 For [Blue|Purple] Teams in Cyber Defence · 70d ago N-Day Research with AI: Using Ollama and n8n For [Blue|Purple] Teams in Cyber Defence · 70d ago San Diego Community College District fighting major cyberattack cybersecurity · 70d ago GoHPTS (go-http-proxy-to-socks) v1.13.0 - New update with DNS spoofing and filtering hacking: security in practice · 70d ago San Diego Community College District fighting major cyberattack hacking: security in practice · 70d ago After 5 months of mental hell and ghosting, today I finally landed a role. To those struggling: Don't give up cybersecurity · 70d ago Free resource: searchable archive of every BSides conference talk cybersecurity · 70d ago Lightning PyPI Compromise: Bun-Based Stealer cybersecurity · 70d ago Too much mother instinct? cybersecurity · 70d ago InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise Trend Micro Research, News, Perspectives · 70d ago L1 SOC Analyst for ~2 years - Should I still get the Security + Certification? cybersecurity · 70d ago Do CTFs help real world security skills, or just teach patterns? cybersecurity · 70d ago Compré una cuenta rusa en g2a pensando que era una ley, se hizo administradora de mi ordenador, he cambiado todas las contraseñas y estoy haciendo un reset del ordenador pero sigo estando inseguro, muchísimo miedo me atraviesa ahora mismo cybersecurity · 70d ago Should I do Security + or Network + or A+? For CompTia cybersecurity · 70d ago Weaver E-cology critical bug exploited in attacks since March BleepingComputer · 70d ago Bug bounty is ruining how people learn exploitation cybersecurity · 70d ago ISO/IEC 27701:2025 Scope and Location cybersecurity · 70d ago Cybersecurity's 2026 Wild Ride cybersecurity · 70d ago We built a free multiplayer game that scores prompts on AI code security. cybersecurity · 70d ago RMM Tools Fuel Stealthy Phishing Campaign darkreading · 70d ago Production Usecases cybersecurity · 70d ago Reverse-engineering Final Fantasy X (PS3) trophy system with Ghidra Reverse Engineering · 70d ago How does vCISO work? cybersecurity · 71d ago Amazon SES increasingly abused in phishing to evade detection BleepingComputer · 71d ago Researchers report Amazon SES abused in phishing to evade detection BleepingComputer · 71d ago Trellix discloses data breach after source code repository hack cybersecurity · 71d ago CyberDefenders SOC L1 Track vs HackTheBox SOC Analyst Path cybersecurity · 71d ago Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability darkreading · 71d ago Trellix confirms source code repo access incident cybersecurity · 71d ago Where do i find reverse engineers for actuators? Ideally in Shenzhen Reverse Engineering · 71d ago Employer Offering to Pay for my Certification test - Which one do I choose? cybersecurity · 71d ago John Strand Pay What You Can Information Security Core Skills live starting May 11th cybersecurity · 71d ago [CrackMe] PyVMP v6 : The Fortress. I dare you to break it (again x2). Reverse Engineering · 71d ago Canvas Breach May Put 275M Users, 9,000 Schools at Risk cybersecurity · 71d ago Backdoored PyTorch Lightning package drops credential stealer BleepingComputer · 71d ago Is this not such a big deal cybersecurity · 71d ago 38 CVEs in Healthcare Software Used by 100,000 Medical Providers For [Blue|Purple] Teams in Cyber Defence · 71d ago Do email link checkers need to be 100%? cybersecurity · 71d ago Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 cybersecurity · 71d ago Built a PE Malware Analysis Pipeline to Learn Why Most Detection Tools Suck at Correlation Malware Analysis & Reports · 71d ago Recs for pen testing and vulnerability solutions cybersecurity · 71d ago Identify telegram account holders cybersecurity · 71d ago AI Code Security Study: 6 LLMs vs OWASP Top 10 cybersecurity · 71d ago BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers hacking: security in practice · 71d ago Recursively fuzzing MS-RPC structures and monitoring using ETW For [Blue|Purple] Teams in Cyber Defence · 71d ago BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers cybersecurity · 71d ago Trellix discloses data breach after source code repository hack BleepingComputer · 71d ago Iwas developing a hacker game that transports the feeling of the 90s hacking: security in practice · 71d ago We are insider risk researchers focused on agentic AI, endpoint activity, and emerging threats. AMA cybersecurity · 71d ago Azure IaaS: Defense in depth built on secure-by-design principles Security | Microsoft Azure Blog | Microsoft Azure · 71d ago Cortex XDR Cloud Compromise Alerting cybersecurity · 71d ago Norton.com Verification Email out of the blue cybersecurity · 71d ago Atomic Red Team is now aligned with MITRE ATT&CK v19! cybersecurity · 71d ago Claude Security is in beta for Enterprise users — is this a real AppSec shift or just AI wrapper + UX? cybersecurity · 71d ago Who are you guys using for your PCI ASV Scanning? cybersecurity · 71d ago Just passed my Security+ exam. Now what? cybersecurity · 71d ago I am so sick of being hired to do Info Sec work just to do basic IT and Engineering work. cybersecurity · 71d ago Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this. cybersecurity · 71d ago [PoC] Defeating Behavioral Biometric WAFs using "Entropy Cloning" (Local LLMs + OS-Level Injection) cybersecurity · 71d ago Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia darkreading · 71d ago Analysis of CVE-2026-1995: Linking a Privilege Escalation Vulnerability to IP Theft (RCMP #CT-2026-335350) cybersecurity · 71d ago An another open door to IoT devices cybersecurity · 71d ago Ideas on how to have personal google-like account synchronization system cybersecurity · 71d ago Lateral Movement - Cross-Session Activation Technical Information Security Content & Discussion · 71d ago Lateral Movement - Cross-Session Activation cybersecurity · 71d ago How did this guy even access another person's privated YouTube video without wayback machine? hacking: security in practice · 71d ago What MCP servers have actually made it into your day-to-day toolkit? cybersecurity · 71d ago CISA says ‘Copy Fail’ flaw now exploited to root Linux systems hacking: security in practice · 71d ago They don’t hack, they borrow: How fraudsters target credit unions BleepingComputer · 71d ago Cyber Security Education as Self-Defence classes cybersecurity · 71d ago OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk cybersecurity · 71d ago Use.ai cybersecurity · 71d ago Educational tech giant Instructure confirms data breach, ShinyHunters claims attack cybersecurity · 71d ago [WIP] Resolve indirect calls in Binary Ninja with DynamoRIO instrumentation Reverse Engineering · 71d ago CISA says ‘Copy Fail’ flaw now exploited to root Linux systems cybersecurity · 71d ago Securing The AI-Enabled Workforce: The Next Evolution Of Human Risk Management Cyber Defense Magazine · 71d ago Stop Using AI Connectors Until You Watch This NahamSec · 71d ago One ChatGPT connector. One email. Full AI agent hijack. #BugBounty #PromptInjection #ai #hacking NahamSec · 71d ago IPod Nano Gets Three Monitors hacking: security in practice · 71d ago IDA-MCP Is Now RE-MCP With Ghidra Support Reverse Engineering · 71d ago Progress warns of critical MOVEit Automation auth bypass flaw BleepingComputer · 71d ago Webinar: Why MSPs must rethink security and backup strategies BleepingComputer · 71d ago Reverse-engineered the BLE protocol of the LuckPrinter-SDK family of thermal pocket printers (DP-L1S) — Python CLI + Web Bluetooth client + full command reference Reverse Engineering · 71d ago CISA says ‘Copy Fail’ flaw now exploited to root Linux systems BleepingComputer · 71d ago Chrome "Best AdBlocker" trojanized extension - 100k downloads. hacking: security in practice · 71d ago How Dark Reading Lifted Off the Launchpad in 2006 darkreading · 71d ago Browsers making connection on port 3389 from loopback cybersecurity · 71d ago Microsoft confirms April Windows updates cause backup failures BleepingComputer · 71d ago Defender Flagged DigiCert Root Certs as Malware cybersecurity · 71d ago VanGuard — open-source single-binary DFIR toolkit (Velociraptor, Hayabusa, Chainsaw, Loki, YARA) with TUI, air-gap support, and 28 pre-built use cases For [Blue|Purple] Teams in Cyber Defence · 71d ago Another breach just hit Canvas (Instructure), and this one is worth a closer look. cybersecurity · 71d ago Over 40% of UK firms suffered cyber attack last year, survey finds cybersecurity · 71d ago EU should seek access to Anthropic's Mythos, Bundesbank says cybersecurity · 71d ago Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha cybersecurity · 71d ago CVE-2026-31431:我用 DeepSeek 复现了 AI 发现Copy Fail 提权的全过程 - CVE-2026-31431: I used DeepSeek to reproduce the entire process of AI detecting Copy Fail privilege escalation. For [Blue|Purple] Teams in Cyber Defence · 71d ago 《APT高级威胁研究报告》(2026 版)- Advanced Threat Research Report (2026 Edition) For [Blue|Purple] Teams in Cyber Defence · 71d ago nginxpulse: 轻量级 Nginx 访问日志分析与可视化面板,提供实时统计、PV 过滤、IP 归属地与客户端解析。- A lightweight Nginx access log analysis and visualization dashboard, providing real-time statistics, PV filtering, IP geolocation, and client resolution. For [Blue|Purple] Teams in Cyber Defence · 71d ago 蔓灵花组织使用NUITKA打包的python样本进行投递 - The Manlinghua organization used Python samples packaged in NUITKA for delivery. For [Blue|Purple] Teams in Cyber Defence · 71d ago IBM subsidiary managing Italy's PA infrastructure breached and attackers were inside for 2 weeks cybersecurity · 71d ago People in cybersecurity, tell us what was the most epic moment in your career? cybersecurity · 71d ago Prerequisites for CARTP cybersecurity · 71d ago gdrv3.sys - Reverse Engineering a Signed Kernel Driver with 13 Hardware Access Primitives For [Blue|Purple] Teams in Cyber Defence · 71d ago Claude Mythos Cyber Wake Up cybersecurity · 71d ago [ Removed by Reddit ] cybersecurity · 71d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 71d ago is trellix from mcafee good to use in 2026? cybersecurity · 71d ago Linux has had a silent root exploit hiding in it since 2017 and it just hit CISA's must-patch list cybersecurity · 71d ago Added new vulnerable samples for IoBitUnlocker, Zemana and TfSysMon For [Blue|Purple] Teams in Cyber Defence · 71d ago AMSI Page Guard Bypass (Rust PoC) For [Blue|Purple] Teams in Cyber Defence · 71d ago Any good open sources that bypass modern heuristic analysis? hacking: security in practice · 71d ago Meet Bluekit: The AI-Powered All-in-One Phishing Kit For [Blue|Purple] Teams in Cyber Defence · 71d ago Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI For [Blue|Purple] Teams in Cyber Defence · 71d ago A hacker group was detained in Lviv Oblast, which hacked game accounts and received almost UAH 10 million in profit from their sale in Russia For [Blue|Purple] Teams in Cyber Defence · 71d ago IRQL - Incident Response Query Language - A collection of Kusto (KQL) functions that unify security logs behind a consistent, analyst-friendly dialect For [Blue|Purple] Teams in Cyber Defence · 71d ago Nuclei template CVE-2026-41940.yaml - cPanel & WHM - Authentication Bypass via Session-File CRLF Injection For [Blue|Purple] Teams in Cyber Defence · 71d ago ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution… For [Blue|Purple] Teams in Cyber Defence · 71d ago Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia For [Blue|Purple] Teams in Cyber Defence · 71d ago [2603.28728] Study of Post Quantum status of Widely Used Protocols For [Blue|Purple] Teams in Cyber Defence · 71d ago Malicious Intercom PHP Package Spreads Mini Shai-Hulud Attack to Packagist via Composer Plugin For [Blue|Purple] Teams in Cyber Defence · 71d ago Free apex hacks? hacking: security in practice · 71d ago Possible supply chain attack on version 2.6.3 · Issue #21689 · Lightning-AI/pytorch-lightning For [Blue|Purple] Teams in Cyber Defence · 71d ago Paypal Accesed by malware me being Stupid cybersecurity · 71d ago How was someone in another country able to read all my private messages without my password or clicking a link? cybersecurity · 71d ago code-needle: A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint. For [Blue|Purple] Teams in Cyber Defence · 71d ago Secure Boot Inventory Data In Configuration Manager For [Blue|Purple] Teams in Cyber Defence · 71d ago EventLogExpert: Can be used as a replacement for Event Viewer to view live event logs. Choose Continuously Update on the View menu and watch new events appear in real time. For [Blue|Purple] Teams in Cyber Defence · 71d ago MicroSMT: IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning. For [Blue|Purple] Teams in Cyber Defence · 71d ago "AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts Technical Information Security Content & Discussion · 71d ago AI-powered honeypots: Turning the tables on malicious AI agents For [Blue|Purple] Teams in Cyber Defence · 71d ago Career Transition Help cybersecurity · 71d ago Alguien para hablar de cyberseguridad cybersecurity · 71d ago copy.golf — golf your exploits - smaller copy.fail exploits.. For [Blue|Purple] Teams in Cyber Defence · 71d ago DragonBreath: Dragon in the Kernel For [Blue|Purple] Teams in Cyber Defence · 71d ago What is this cybersecurity · 71d ago Your vibe-coded app is probably violating GDPR right now Technical Information Security Content & Discussion · 71d ago [SHOWCASE] Cascavel v3 hacking: security in practice · 71d ago Feeling lost and disappointed about finding a job just venting cybersecurity · 71d ago Slow at Learning/Cyber Security? cybersecurity · 71d ago Pokemon machine hacking: security in practice · 71d ago Suspicious traffic from web server cybersecurity · 71d ago Cyber security internship cybersecurity · 71d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 71d ago Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities Trend Micro Research, News, Perspectives · 71d ago Isn't Windows Defender a crap anymore? cybersecurity · 71d ago GitHub - 03DSmoothie/minecraft-cpp-versions: Minecraft recoded in C++ (multiple versions) Reverse Engineering · 71d ago Learning Cyber cybersecurity · 71d ago Instructure confirms data breach, ShinyHunters claims attack BleepingComputer · 71d ago Vishing simulator cybersecurity · 71d ago Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others cybersecurity · 71d ago Worried about being tracked/banned for using an educational app on MuMu Player - Need advice cybersecurity · 71d ago Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks cybersecurity · 71d ago Banking-Style Model Risk Management Is Becoming a Practical Template for AI Governance cybersecurity · 71d ago Prompt Injection in 2026: The Five Attack Patterns That Actually Matter cybersecurity · 71d ago I did a scan on windows bc I accidentally downloaded something weird then removed it and now I keep getting Trojan:Win32/Cerdigent.Alpha even after I quarantine cybersecurity · 71d ago Random trojan detected? cybersecurity · 71d ago CRTA second attempt cybersecurity · 71d ago What’s the hardest thing to learn in cybersecurity? cybersecurity · 72d ago What MCP servers are you integrating into your workflow (not exclusive to security)? cybersecurity · 72d ago Holy-Grail-PCAP: "Holy Grail PCAP" is a capture file offering exceptional coverage across nearly all tcpdump/Wireshark encapsulation types and dissectors. For [Blue|Purple] Teams in Cyber Defence · 72d ago WhatsApp malware campaign delivers VBScript and MSI backdoors | Microsoft Security Blog cybersecurity · 72d ago What are like the top but unknown Cybersecurity firms? cybersecurity · 72d ago Can HTTP POST bodies be intercepted without network or host access? hacking: security in practice · 72d ago Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha BleepingComputer · 72d ago Need professionals or expert on cybersecurity related to dark web for interview cybersecurity · 72d ago A new and super fast CVE Lite CLI Vulnerability Scanner (OWASP) cybersecurity · 72d ago Impacket-IoCs: This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library For [Blue|Purple] Teams in Cyber Defence · 72d ago North Korea calls US cyber threat claims a fabrication, warns of countermeasures Worldcategory cybersecurity · 72d ago VirusTotal has one flag for this sus site Malware Analysis & Reports · 72d ago Automated RASP Bypass with Frida + AI Agent | nutcracker & aipwn demo Reverse Engineering · 72d ago Telegram Mini Apps abused for crypto scams, Android malware delivery BleepingComputer · 72d ago Puzzle: Set of PoC to abuse Windows minifilters functionality For [Blue|Purple] Teams in Cyber Defence · 72d ago Ai Didn’t Break Cybersecurity, It Revealed It Cyber Defense Magazine · 72d ago Acoustic Keystroke Recovery: Reconstructing Typed Text from a Laptop Microphone (85% success rate) cybersecurity · 72d ago Acoustic Keystroke Recovery - Reconstructing Typed Text from a Laptop Microphone (Full Guide, 85% success rate) Technical Information Security Content & Discussion · 72d ago Please critique my reverse engineering ctf platform. It is meant for beginners but I would like input from serious reverse engineers. It is functionally done but I need criticism for further refinements, thank you! Reverse Engineering · 72d ago built a PE packer where every packed file has a different instruction set – custom VM with randomized opcodes, single C++ file (Want suggestions for future updates past v4) hacking: security in practice · 72d ago Credential Dumping: Local Security Authority (LSA|LSASS.EXE) cybersecurity · 72d ago A “Psychological Warfare” to Show Off Cyber Capabilities: A Comprehensive Analysis of SentinelOne’s Exposure of fast16 For [Blue|Purple] Teams in Cyber Defence · 72d ago Dump sql time based is too slow hacking: security in practice · 72d ago Trojan:Win32/Cerdigent.A!dha cybersecurity · 72d ago Active exploitation of cPanel/WHM critical vulnerability For [Blue|Purple] Teams in Cyber Defence · 72d ago Important Update From Trellix - "Trellix recently identified unauthorized access to a portion of our source code repository. " For [Blue|Purple] Teams in Cyber Defence · 72d ago MDE flagging digi cert certificate as malicious everywhere ? cybersecurity · 72d ago North Korea rejects US cybercrime claims as 'absurd slander' hacking: security in practice · 72d ago "AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts Reverse Engineering · 72d ago 5 Qilin ransomware servers exposed over 7 months For [Blue|Purple] Teams in Cyber Defence · 72d ago is credential stuffing using openbullet2 dead in 2026? hacking: security in practice · 72d ago Anyone wanna learn the CEH or OSCP red teaming free Malware Analysis & Reports · 72d ago South-East Asian Military Entities Targeted via cPanel (CVE-2026-41940) For [Blue|Purple] Teams in Cyber Defence · 72d ago Russian Charged in Oil and Gas Facility Hacks Pleads Guilty For [Blue|Purple] Teams in Cyber Defence · 72d ago Hacking Wired Analog CCTV cameras going to a DVR (BNC and Coax) hacking: security in practice · 72d ago Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks BleepingComputer · 72d ago How to build .NET obfuscator - Part II Reverse Engineering · 73d ago VECT ransomware: small files decrypt, large files lose their nonces For [Blue|Purple] Teams in Cyber Defence · 73d ago CTO at NCSC Summary: week ending May 3rd For [Blue|Purple] Teams in Cyber Defence · 73d ago April 27th - What happened with our feature flag configuration | The ClickUp Blog For [Blue|Purple] Teams in Cyber Defence · 73d ago Adobe-Clawback — bulk-download every PDF from your Adobe Creative Cloud account (Python, resumable, MIT) hacking: security in practice · 73d ago How to exfiltrate data using only numeric outputs Technical Information Security Content & Discussion · 73d ago ConsentFix v3 attacks target Azure with automated OAuth abuse BleepingComputer · 73d ago libghidra - SDK for automating Ghidra from Python, Rust, and C++ Reverse Engineering · 73d ago Blog: Evolving the Android & Chrome VRPs for the AI Era For [Blue|Purple] Teams in Cyber Defence · 73d ago Release: Open-source CAN bus reverse engineering suite tailored for offline ML signal decoding, MitM injection, and UDS analysis. Reverse Engineering · 73d ago RSAC 2026: The Power of Community Cyber Defense Magazine · 73d ago Seven Queries to Audit the Sentinel Detections Your SOC May Have Missed. For [Blue|Purple] Teams in Cyber Defence · 73d ago VECT: Ransomware by design, Wiper by accident For [Blue|Purple] Teams in Cyber Defence · 73d ago VisualSploit: Backdoor Visual Studio project files with custom shellcode, which executes whenever the project is opened or built. For [Blue|Purple] Teams in Cyber Defence · 73d ago Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison For [Blue|Purple] Teams in Cyber Defence · 73d ago Agentic Malware Analysis: From Task Automation to Deep Analysis For [Blue|Purple] Teams in Cyber Defence · 73d ago pydep-vector-runner: A lightweight runner that guards against weird startup behaviors in python. Lightweight version of PyDepGuard's coderunner. For [Blue|Purple] Teams in Cyber Defence · 73d ago month-of-bypasses: Proof-of-Concepts for Detection Engineering Purposes Only For [Blue|Purple] Teams in Cyber Defence · 73d ago Microsoft tests modern Windows Run, says it's faster than legacy dialog BleepingComputer · 73d ago Edu tech firm Instructure discloses cyber incident, probes impact BleepingComputer · 73d ago For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall. Technical Information Security Content & Discussion · 73d ago Small models are better at cost-to-recall than large models like Mythos for vulnerability research hacking: security in practice · 73d ago Every incident public companies have disclosed to the SEC, in one searchable database Technical Information Security Content & Discussion · 73d ago 76% of All Crypto Stolen in 2026 Is Now in North Korea darkreading · 73d ago Bluetooth Spoofed Disconnect? hacking: security in practice · 74d ago Why my macOS Messages badge lied to me (and the one-line fix) Reverse Engineering · 74d ago 15-year-old detained over French govt agency data breach BleepingComputer · 74d ago Fake Tailscale site on Google Ads uses ClickFix to get you to execute malware yourself Malware Analysis & Reports · 74d ago Story retracted BleepingComputer · 74d ago Running Adobe’s 1991 PostScript Interpreter in the Browser Reverse Engineering · 74d ago Hello! Here is my Oura Ring 4 pure Python driver! Let me know what you think :) Reverse Engineering · 74d ago If AI's So Smart, Why Does It Keep Deleting Production Databases? darkreading · 74d ago Minecraft Malware C2 Tracking Malware Analysis & Reports · 74d ago Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations BleepingComputer · 74d ago r/netsec monthly discussion & tool thread Technical Information Security Content & Discussion · 74d ago Inside RSAC 2026 Cyber Defense Magazine · 74d ago Microsoft fixes Remote Desktop warnings displaying incorrectly BleepingComputer · 74d ago Name That Toon: Mark of (Security) Progress darkreading · 74d ago 20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage darkreading · 74d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 74d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 74d ago Careful Adoption of Agentic AI Services All CISA Advisories · 74d ago Microsoft now lets admins choose pre-installed Store apps to uninstall BleepingComputer · 74d ago wM-Buster - Flipper Zero app to analyze smart meters for gas, electricity, water. ... hacking: security in practice · 74d ago Windows 11 KB5083631 update released with 34 changes and fixes BleepingComputer · 74d ago Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster Technical Information Security Content & Discussion · 74d ago US ransomware negotiators get 4 years in prison over BlackCat attacks BleepingComputer · 74d ago /r/ReverseEngineering's Triannual Hiring Thread Reverse Engineering · 74d ago In-circuit NAND acquisition for edge devices (Raspberry Pi GPIO, no chip-off) Reverse Engineering · 74d ago TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack darkreading · 74d ago 🚀🔥 Evil-Cardputer v1.5.3 - TagTinker ESL 🔥🚀 hacking: security in practice · 74d ago Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug darkreading · 74d ago Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber darkreading · 75d ago New Bluekit phishing service includes an AI assistant, 40 templates BleepingComputer · 75d ago Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM Security | Microsoft Azure Blog | Microsoft Azure · 75d ago Innovator Spotlight: The Open Group Cyber Defense Magazine · 75d ago Revealing NVIDIA Closed-Source Driver Command Streams for CPU-GPU Runtime Behavior Insight Reverse Engineering · 75d ago SHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agents The Last Watchdog · 75d ago I made a lightweight breach intelligence search engine (fully client-side) looking for feedback hacking: security in practice · 75d ago Oracle Red Bull Racing Team Revs Up Automation to Boost Security darkreading · 75d ago Bringing back the 80s terminal aesthetic: GLYPHIS_IO BBS, a cyberpunk hacking sim set in alternate 1989 Japan... hacking: security in practice · 75d ago Preparing For Hybrid Warfare: Actions To Take When The Cloud Goes Dark Cyber Defense Magazine · 75d ago Short and easy to understand: "Copy-Fail CVE-2026-31431" What is it and how do I mitigate it with an Open Source Tool hacking: security in practice · 75d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 75d ago ABB AWIN Gateways All CISA Advisories · 75d ago ABB Ability OPTIMAX All CISA Advisories · 75d ago ABB PCM600 All CISA Advisories · 75d ago ABB Edgenius Management Portal All CISA Advisories · 75d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 75d ago ABB Ability Symphony Plus Engineering All CISA Advisories · 75d ago ABB System 800xA, Symphony Plus IEC 61850 All CISA Advisories · 75d ago Seventeen vulnerabilities in Omi, fourteen days of silence Technical Information Security Content & Discussion · 75d ago High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940) Technical Information Security Content & Discussion · 75d ago This month in security with Tony Anscombe – April 2026 edition WeLiveSecurity · 75d ago HexDig 1.0.0 a lightweight binwalk alternative working both on Windows and Linux, written in C++, give it a try! Reverse Engineering · 75d ago GitHub - iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail: Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter). Reverse Engineering · 75d ago Copy Fail — 732 Bytes to Root hacking: security in practice · 75d ago ZDI-CAN-30796: Docker ZDI: Upcoming Advisories · 75d ago Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia Trend Micro Research, News, Perspectives · 75d ago Claude Mythos Fears Startle Japan's Financial Services Sector darkreading · 75d ago Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root Technical Information Security Content & Discussion · 75d ago Reverse Engineering With AI Unearths High-Severity GitHub Bug darkreading · 76d ago AI Finds 38 Security Flaws in Electronic Health Record Platform darkreading · 76d ago The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs Technical Information Security Content & Discussion · 76d ago The Thymeleaf Template Injection That Only Hurts If You Let It Technical Information Security Content & Discussion · 76d ago Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error darkreading · 76d ago GitHub fixes RCE flaw that gave access to millions of private repos hacking: security in practice · 76d ago Minirat malware deployed via NPM targeting macOS machines Malware Analysis & Reports · 76d ago Set up automated dependency scanning after the recent npm/PyPI supply chain attacks Technical Information Security Content & Discussion · 76d ago Operationalizing Cyber Resilience: A Practitioner’s Framework for Real-World Security Constraints Cyber Defense Magazine · 76d ago Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities darkreading · 76d ago I built a free open-source CAN bus reverse engineering workstation in Python — 15 tabs, offline ML, dual AI engines, MitM gateway Reverse Engineering · 76d ago Adapting Zero Trust Principles to Operational Technology All CISA Advisories · 76d ago How to download Kaggle dataset safely...? hacking: security in practice · 76d ago VECT Ransomware Is Actually a Wiper Malware Analysis & Reports · 76d ago VECT Ransomware Is Actually a Wiper hacking: security in practice · 76d ago Toys“R”Us Japan Implements Forter’s Fraud Management and Payment Optimization Solutions Blog – Forter · 76d ago DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West DEFCONConference · 76d ago The Malware Factory: GLASSWORM Forensics in Open VSX Malware Analysis & Reports · 76d ago A Route to Root in a 4G Industrial Router Technical Information Security Content & Discussion · 76d ago Kuse Web App Abused to Host Phishing Document Trend Micro Research, News, Perspectives · 76d ago BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures darkreading · 76d ago NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later darkreading · 76d ago Feuding Ransomware Groups Leak Each Other's Data darkreading · 76d ago Vidar Rises to Top of Chaotic Infostealer Market darkreading · 77d ago Phishing-to-RMM Attacks: The Remote Access Blind Spot Businesses Can't Ignore Malware Analysis & Reports · 77d ago Innovator Spotlight: Puneet Bhatnagar Cyber Defense Magazine · 77d ago Flipper Blackhat April Roundup! hacking: security in practice · 77d ago Building a perfect clone of 1993 game SimTower (via RE) Reverse Engineering · 77d ago [ Removed by Reddit ] Malware Analysis & Reports · 77d ago [VulnPath Update] Automated Email Alerting & CISA KEV Feed hacking: security in practice · 77d ago Ikeja Electric Distribution Ransomware Malware Analysis & Reports · 77d ago Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain darkreading · 77d ago [Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses) Technical Information Security Content & Discussion · 77d ago How I reverse-engineered a SQLite WAL database inside a VS Code extension - custom merge engine, header byte patching, and protobuf decoding without a schema Reverse Engineering · 77d ago AI solved our CTF in 6min Reverse Engineering · 77d ago The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords Technical Information Security Content & Discussion · 77d ago Cybersecurity Risks in 2026 Cyber Defense Magazine · 77d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 77d ago NSA GRASSMARLIN All CISA Advisories · 77d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 77d ago Recently updated a authentic minecraft mod launcher called Modrinth Malware Analysis & Reports · 77d ago GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control The Last Watchdog · 77d ago More of What Matters: Forter’s April Product Release Blog – Forter · 77d ago 89 vulnerabilities in XAPI / Citrix XenServer Technical Information Security Content & Discussion · 77d ago Example structure for evidence-based vulnerability reports Reverse Engineering · 77d ago Retro-Coding and the Roots of Logic: Why The Byte Brothers: Program a Problem Still Matters Cyber Defense Magazine · 77d ago [ Removed by Reddit ] Technical Information Security Content & Discussion · 77d ago UNC6692 Combines Social Engineering, Malware, Cloud Abuse darkreading · 77d ago Innovator Spotlight: TokenCore Cyber Defense Magazine · 78d ago Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025) Technical Information Security Content & Discussion · 78d ago Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary Technical Information Security Content & Discussion · 78d ago This appeared on scan today no downloads Vulnerabledriver:WinNT/Winring0 Malware Analysis & Reports · 78d ago Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation darkreading · 78d ago FIRESIDE CHAT: Leaked secrets are now the go-to attack vector — and AI is accelerating exposures The Last Watchdog · 78d ago Platform Engineering: The Rise of a Disciplinary Rethink Cyber Defense Magazine · 78d ago Ransomware is getting uglier as cybercriminals fake leaks and skip encryption entirely Malware Analysis & Reports · 78d ago 60% Of Cyberattacks Are Identity Based — Is Identity First A Bad Idea? Cyber Defense Magazine · 78d ago MCPwned: a Burp Suite extension for auditing MCP servers Technical Information Security Content & Discussion · 78d ago From Threat Detection To Decision Intelligence: Rethinking Modern Cyber Defense Cyber Defense Magazine · 79d ago New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses Malware Analysis & Reports · 80d ago HackTheBox - Sorcery IppSec · 80d ago Save time and use Zig to write your Malware POC Malware Analysis & Reports · 80d ago Cracking CastleLoader’s Inno Setup Password Malware Analysis & Reports · 80d ago I built a C2 framework that uses Discord and Telegram for communication Malware Analysis & Reports · 80d ago CISA Adds Four Known Exploited Vulnerabilities to Catalog Alerts · 81d ago CISA Adds Four Known Exploited Vulnerabilities to Catalog All CISA Advisories · 81d ago The calm before the ransom: What you see is not all there is WeLiveSecurity · 81d ago fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet. Malware Analysis & Reports · 81d ago Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet Malware Analysis & Reports · 81d ago PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs Malware Analysis & Reports · 81d ago Budgiekit - gdi malware maker (for educational purporses only) Malware Analysis & Reports · 82d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 82d ago SpiceJet Online Booking System All CISA Advisories · 82d ago Carlson Software VASCO-B GNSS Receiver All CISA Advisories · 82d ago Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera All CISA Advisories · 82d ago Milesight Cameras All CISA Advisories · 82d ago Defending Against China-Nexus Covert Networks of Compromised Devices All CISA Advisories · 82d ago Yadea T5 Electric Bicycle All CISA Advisories · 82d ago Intrado 911 Emergency Gateway (EGW) All CISA Advisories · 82d ago GopherWhisper: A burrow full of malware WeLiveSecurity · 82d ago News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category The Last Watchdog · 83d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 83d ago 19 confirmed repos tied to the same GitHub malware campaign Malware Analysis & Reports · 83d ago Defending Against China-Nexus Covert Networks of Compromised Devices CISA Cybersecurity Advisories · 84d ago IOCX v0.7.0 — deterministic heuristics + adversarial PE samples Malware Analysis & Reports · 84d ago New NGate variant hides in a trojanized NFC payment app WeLiveSecurity · 84d ago Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one The Last Watchdog · 85d ago Supply Chain Compromise Impacts Axios Node Package Manager Alerts · 85d ago CISA Adds Eight Known Exploited Vulnerabilities to Catalog Alerts · 85d ago What the ransom note won’t say WeLiveSecurity · 85d ago HackTheBox - AirTouch IppSec · 87d ago That data breach alert might be a trap WeLiveSecurity · 88d ago Business Fraud at Network Scale: What the $3.5B Medicare Hospice Crisis Reveals About Know Your Business Blog Articles - Identity Insights | Trulioo · 89d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 89d ago Supply chain dependencies: Have you checked your blind spot? WeLiveSecurity · 89d ago News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security The Last Watchdog · 89d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 91d ago GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags The Last Watchdog · 91d ago CISA Adds Seven Known Exploited Vulnerabilities to Catalog Alerts · 92d ago HackThebox - Eighteen IppSec · 94d ago Recovery scammers hit you when you’re down: Here’s how to avoid a second strike WeLiveSecurity · 95d ago News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk The Last Watchdog · 95d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 97d ago FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense The Last Watchdog · 98d ago As breakout time accelerates, prevention-first cybersecurity takes center stage WeLiveSecurity · 98d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 99d ago Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure CISA Cybersecurity Advisories · 99d ago HackTheBox - DarkZero IppSec · 101d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 103d ago Azure IaaS: Keep critical applications running with built-in resiliency at scale Security | Microsoft Azure Blog | Microsoft Azure · 104d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 104d ago Digital assets after death: Managing risks to your loved one’s digital estate WeLiveSecurity · 104d ago This month in security with Tony Anscombe – March 2026 edition WeLiveSecurity · 105d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 106d ago HackTheBox - Browsed IppSec · 108d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 109d ago RSAC 2026 wrap-up – Week in security with Tony Anscombe WeLiveSecurity · 109d ago A cunning predator: How Silver Fox preys on Japanese firms this tax season WeLiveSecurity · 109d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 110d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 111d ago Virtual machines, virtually everywhere – and with real security gaps WeLiveSecurity · 111d ago Cloud workload security: Mind the gaps WeLiveSecurity · 112d ago What is Customer Due Diligence (CDD) Blog Articles - Identity Insights | Trulioo · 113d ago Why Legacy Identity Verification Can’t Stop AI-Enabled Fraud Blog Articles - Identity Insights | Trulioo · 115d ago CISA Adds Five Known Exploited Vulnerabilities to Catalog Alerts · 116d ago Move fast and save things: A quick guide to recovering a hacked account WeLiveSecurity · 116d ago EDR killers explained: Beyond the drivers WeLiveSecurity · 117d ago Face value: What it takes to fool facial recognition WeLiveSecurity · 123d ago Cyber fallout from the Iran war: What to have on your radar WeLiveSecurity · 124d ago AML, KYC and Identity Verification in Australia Blog Articles - Identity Insights | Trulioo · 124d ago SSL/TLS Certificate Lifespans Are Decreasing to 200 Days InfoSec Insights · 125d ago AI in Tax Season: Risks, Scams, and How to Protect Your Data Fraud Prevention Archives - Alloy Silverstein · 131d ago Security-driven Rapid Release - Pwn2Own Documentary (Part 4) LiveOverflow · 132d ago Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure Security | Microsoft Azure Blog | Microsoft Azure · 132d ago Firefox JIT Bug - Pwn2Own Documentary (Part 3) LiveOverflow · 135d ago Tax Season Scams to Watch For This Year Fraud Prevention Archives - Alloy Silverstein · 138d ago The First Exploit - Pwn2Own Documentary (Part 2) LiveOverflow · 139d ago The World's Hardest Hacking Competition - Pwn2Own Documentary (Part 1) LiveOverflow · 142d ago I built a kernel-level EDR and hit architectural walls I didn’t expect Malware Analysis & Reports · 145d ago DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon DEFCONConference · 145d ago DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth DEFCONConference · 145d ago DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine DEFCONConference · 145d ago Update your detection rules: New remote access Trojan Malware Analysis & Reports · 146d ago Criminals are using AI website builders to clone major brands Malware Analysis & Reports · 146d ago Open-source Windows utility to recover files from prefix-based USB shortcut worms (Grenam/CPGE variants) Malware Analysis & Reports · 146d ago Azure reliability, resiliency, and recoverability: Build continuity by design Security | Microsoft Azure Blog | Microsoft Azure · 147d ago PE Loader For Fileless Malware Malware Analysis & Reports · 147d ago Numero Malware : A Stealthy Saboteur Targeting AI Tool Installers Malware Analysis & Reports · 147d ago AWAKE - Android Wiki of Attacks, Knowledge & Exploits Malware Analysis & Reports · 147d ago I built a Chrome extension that scans for malicious extensions (yes, I see the irony) Malware Analysis & Reports · 148d ago Questions regarding malicious pdf's Malware Analysis & Reports · 150d ago AV persistence bypass techniques Malware Analysis & Reports · 150d ago Avalon Linux Bot Malware Analysis Malware Analysis & Reports · 151d ago Leveling up in Windows malware research Malware Analysis & Reports · 152d ago Emerging Ransomware: BQTLock and GREENBLOOD Malware Analysis & Reports · 153d ago Malware Development POCs Malware Analysis & Reports · 153d ago Suspicious code in Up-work linked repository. Malware Analysis & Reports · 153d ago We hid backdoors in binaries — Opus 4.6 found 49% of them Malware Analysis & Reports · 154d ago 👨💻 North Korean Malware Analysis 🚨 ROKRAT KillChain 📡 Malware Analysis & Reports · 155d ago Analysis of Suspected Malware Linked to APT-Q-27 (GoldenEyeDog) Targeting Financial Institutions Malware Analysis & Reports · 155d ago Malware analysis - Signed job search application deploys a Proxyware, ClipBanker and XMRig cryptominer Malware Analysis & Reports · 157d ago Nyxara Malware Analysis & Reports · 159d ago When Fraud Becomes Background Noise: The Industrialization of Digital Deception Blog Articles - Identity Insights | Trulioo · 190d ago The Efficiency Era of KYC: Reverification and Reusable Identity Take Center Stage Blog Articles - Identity Insights | Trulioo · 190d ago The End of Static KYB: Business Identity in Constant Motion Blog Articles - Identity Insights | Trulioo · 190d ago Know Your Agent: The Next Chapter in Digital Trust Blog Articles - Identity Insights | Trulioo · 190d ago When Rules Move Faster Than Readiness: Regulatory Adaptability as a Competitive Advantage Blog Articles - Identity Insights | Trulioo · 190d ago DEF CON 33 Recon Village - How to Become One of Them: Deep Cover Ops - Sean Jones, Kaloyan Ivanov DEFCONConference · 195d ago DEF CON 33 Recon Village - Inside the Shadows Tracking RaaS Groups, Cyber Threats - John Dilgen DEFCONConference · 195d ago DEF CON 33 Recon Village - Autonomous Video Hunter AI Agents for Real Time OSINT - Kevin Dela Rosa DEFCONConference · 195d ago DEF CON 33 Recon Village - A Playbook for Integration Servers - Ryan Bonner, Guðmundur Karlsson DEFCONConference · 195d ago DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov DEFCONConference · 195d ago DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino DEFCONConference · 195d ago DEF CON 33 Recon Village - OSINT & Modern Recon Uncover Global VPN Infrastructure - Vladimir Tokarev DEFCONConference · 195d ago DEF CON 33 Recon Village - Pretty Good Pivot - Simwindie DEFCONConference · 195d ago DEF CON 33 Recon Village - enumeraite: AI Assisted Web Attack Surface Enumeration - Özgün Kültekin DEFCONConference · 195d ago DEF CON 33 Recon Village - OSINT Signals Pop Quiz - Master Chen DEFCONConference · 195d ago DEF CON 33 Recon Village - Investigating Foreign Tech from Online Retailers - Michael Portera DEFCONConference · 195d ago Digital Identity Trends 2026: AI Fraud, Compliance, and Orchestration Blog Articles - Identity Insights | Trulioo · 209d ago Beware of Misleading Tax Advice on Social Media Fraud Prevention Archives - Alloy Silverstein · 306d ago Scammers Up Their Game With AI Fraud Prevention Archives - Alloy Silverstein · 308d ago Life in the Nordics 🌲 | Foraging Blueberries, Mushrooms & Nosework Training with Our Dogs STÖK · 324d ago The Essential Guide to Safeguarding Your Online Passwords Fraud Prevention Archives - Alloy Silverstein · 385d ago How FIN6 Exfiltrates Files Over FTP HackerSploit · 461d ago From Zero to Zero Day (and beyond) - Life of a Hacker: Jonathan Jacobi LiveOverflow · 462d ago The German Hacking Championship LiveOverflow · 487d ago Beware: Tax Season is Scam Season Fraud Prevention Archives - Alloy Silverstein · 496d ago Do you know this common Go vulnerability? LiveOverflow · 501d ago Stop Scams: Fraud Prevention Starts with Your Employees Fraud Prevention Archives - Alloy Silverstein · 510d ago Emulating FIN6 - Active Directory Enumeration Made EASY HackerSploit · 512d ago The SECRET to Embedding Metasploit Payloads in VBA Macros HackerSploit · 517d ago Offensive VBA 0x4 - Reverse Shell Macro with Powercat HackerSploit · 525d ago Offensive VBA 0x3 - Developing PowerShell Droppers HackerSploit · 531d ago Offensive VBA 0x2 - Program & Command Execution HackerSploit · 536d ago Offensive VBA 0x1 - Your First Macro HackerSploit · 538d ago Emulating FIN6 - Gaining Initial Access (Office Word Macro) HackerSploit · 543d ago FIN6 Adversary Emulation Plan (TTPs & Tooling) HackerSploit · 547d ago Developing An Adversary Emulation Plan HackerSploit · 547d ago Introduction To Advanced Persistent Threats (APTs) HackerSploit · 552d ago Introduction To Adversary Emulation HackerSploit · 573d ago ‘Tis the Season for Holiday Shopping Scams Fraud Prevention Archives - Alloy Silverstein · 582d ago Mastering Persistence: Using an Apache2 Rootkit for Stealth and Defense Evasion HackerSploit · 582d ago Google's Mobile VRP Behind the Scenes with Kristoffer Blasiak (Hextree Podcast Ep.1) LiveOverflow · 636d ago My theory on how the webp 0day was discovered #short LiveOverflow · 652d ago My theory on how the webp 0day was discovered (BLASTPASS) LiveOverflow · 653d ago Learn Android Hacking! - University Nevada, Las Vegas (2024) LiveOverflow · 679d ago My Trip to Las Vegas for DEFCON & Black Hat LiveOverflow · 693d ago Planning Red Team Operations | Scope, ROE & Reporting HackerSploit · 722d ago Mapping APT TTPs With MITRE ATT&CK Navigator HackerSploit · 726d ago IRS Issues “Dirty Dozen” Fraud Warnings Fraud Prevention Archives - Alloy Silverstein · 767d ago IRS Identity Theft Season Begins Now Fraud Prevention Archives - Alloy Silverstein · 896d ago Finding The .webp Vulnerability in 8s (Fuzzing with AFL++) LiveOverflow · 904d ago Winter vanlife = good times STÖK · 926d ago What an experience! Getting a Christmas tree from our own piece of land. #movingupnorth! STÖK · 933d ago A Vulnerability to Hack The World - CVE-2023-4863 LiveOverflow · 936d ago Had to much GLÖGG and lost my camera during - 13371122 - Intigriti + Visma STÖK · 939d ago Reinventing Web Security LiveOverflow · 967d ago IS THIS THE END? STÖK · 999d ago Escaping the grind and decompiling python 3.9 pyc files to find vulnerabilites STÖK · 1153d ago The World’s Identity Platform Blog Articles - Identity Insights | Trulioo · 1260d ago How to turn bugs into a "passive" income stream! ft Detectify's Almroot STÖK · 1394d ago HOW DID THIS HAPPEN!? (13370822 LHE VLOG) STÖK · 1407d ago Student Loan Breach Exposes 2.5M Records Threatpost · 1413d ago Watering Hole Attacks Push ScanBox Keylogger Threatpost · 1414d ago Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms Threatpost · 1415d ago Ransomware Attacks are on the Rise Threatpost · 1418d ago Cybercriminals Are Selling Access to Chinese Surveillance Cameras Threatpost · 1419d ago Twitter Whistleblower Complaint: The TL;DR Version Threatpost · 1420d ago Firewall Bug Under Active Attack Triggers CISA Warning Threatpost · 1421d ago Fake Reservation Links Prey on Weary Travelers Threatpost · 1422d ago iPhone Users Urged to Update to Patch 2 Zero-Days Threatpost · 1425d ago Google Patches Chrome’s Fifth Zero-Day of the Year Threatpost · 1426d ago Q: How to write a BUG BOUNTY report that actually gets paid? STÖK · 1524d ago KYC: 3 Steps to Achieving Know Your Customer Compliance Blog Articles - Identity Insights | Trulioo · 1531d ago facts: Bug Bounty hunters has made ridiculous amounts of $$ from known DNS techniques.. STÖK · 1538d ago AML Compliance Checklist: Best Practices for Anti-Money Laundering Blog Articles - Identity Insights | Trulioo · 1546d ago Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!) STÖK · 1552d ago Q: HOW do you get started in bug bounty?? How do you build your automation?! STÖK · 1566d ago Q: PENTEST VS BUGBOUNTY? (Bounty Thursday's - ON AIR) STÖK · 1580d ago BOUNTY THURSDAYS - LIVE #2 (NEWS/TOOLS and Community Questions with Jason Haddix) STÖK · 1594d ago
Latest
The Record from Recorded Future NewsUS unseals indictment against alleged operators of Russian bulletproof hosting serviceLatest newsI tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for meKrebs on SecurityMicrosoft Patches a Record 570 Security FlawsSecurityWeekMicrosoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-DaysBleepingComputerMicrosoft releases Windows 10 KB5099539 extended security updateLatest newsThe only Apple Watch strap you'll ever need is down to its lowest price yetSecurityWeekSynopsys Finds No Evidence of Data Breach Amid Bosch Hack ClaimsThe Hacker NewsSAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify DataBleepingComputerMicrosoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysJohn HammondBackdoored TortoiseSVN InstallerLatest newsHow to download iPadOS 27 right now - and which models support itLatest newsEvery iPhone model that supports iOS 27 (and which older ones don't)David BombalIs Cat7 a SCAM?BleepingComputerWindows 11 KB5101650 & KB5099414 cumulative updates releasedHelp Net SecuritySonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)Blog – ForterThe Gray Area in Your Checkout Is Costing You More Than You ThinkThe Record from Recorded Future NewsFinland issues wanted notice for hacker behind massive psychotherapy data breachThe Hacker NewsResearchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail ReadsLatest newsHow to download iOS 27 right now (and which iPhone models support it)Latest newsGoogle is training AI on even more of your data now, unless you opt out - here's howThe Record from Recorded Future NewsUS unseals indictment against alleged operators of Russian bulletproof hosting serviceLatest newsI tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for meKrebs on SecurityMicrosoft Patches a Record 570 Security FlawsSecurityWeekMicrosoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-DaysBleepingComputerMicrosoft releases Windows 10 KB5099539 extended security updateLatest newsThe only Apple Watch strap you'll ever need is down to its lowest price yetSecurityWeekSynopsys Finds No Evidence of Data Breach Amid Bosch Hack ClaimsThe Hacker NewsSAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify DataBleepingComputerMicrosoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysJohn HammondBackdoored TortoiseSVN InstallerLatest newsHow to download iPadOS 27 right now - and which models support itLatest newsEvery iPhone model that supports iOS 27 (and which older ones don't)David BombalIs Cat7 a SCAM?BleepingComputerWindows 11 KB5101650 & KB5099414 cumulative updates releasedHelp Net SecuritySonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)Blog – ForterThe Gray Area in Your Checkout Is Costing You More Than You ThinkThe Record from Recorded Future NewsFinland issues wanted notice for hacker behind massive psychotherapy data breachThe Hacker NewsResearchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail ReadsLatest newsHow to download iOS 27 right now (and which iPhone models support it)Latest newsGoogle is training AI on even more of your data now, unless you opt out - here's how
By Source
Feeds organized so you can skim by site.
Density
Sort
LN
Latest news
1h ago · 20 items
I tested the Ultrahuman Ring Pro: It's a biohacker's dream that's not for me
1h ago
It's not a bad smart ring, but it's both larger and more expensive than the previous version.
The only Apple Watch strap you'll ever need is down to its lowest price yet
1h ago
I have multiple Apple Watch straps, but I keep coming back to the Nomad Stratos Band for its classy looks and sporty comfort.
How to download iPadOS 27 right now - and which models support it
2h ago
Apple just released the iPadOS 27 public beta, offering early access to an upgraded Siri, new Safari features, and more.
Every iPhone model that supports iOS 27 (and which older ones don't)
2h ago
Here's a breakdown of which iPhone models will support the next iOS update - and which ones Apple is leaving behind.
How to download iOS 27 right now (and which iPhone models support it)
2h ago
Apple's WWDC 2026 was full of updates for the overall iPhone user experience - here's how you can try iOS 27 early for free.
Google is training AI on even more of your data now, unless you opt out - here's how
2h ago
Images, videos and voice searches can be used to train Google's LLMs. You can disable this feature to retain your privacy.
5 smart home gadgets I actually recommend, after years of testing
3h ago
I've tested dozens of smart home devices, but only a select few truly stand out. Here are the smart home gadgets I wholeheartedly recommend.
Google Search will let you instantly generate AI images for free - here's how
4h ago
With the latest update to Google Images, you can generate your own images directly inside the AI Overviews.
I'm a serial Linux distro hopper - these 7 signs mean it's time to switch
4h ago
If you're looking to try a different Linux distribution, it's time you do the 'distro hop.' But why does this phenomenon seem inevitable for so many users?
These 5 gadgets will upgrade your Apple Watch - and I recommend them
5h ago
These are my tried-and-true favorite Apple Watch accessories, and some of them are on sale now.
How to install the MacOS 27 public beta on your Mac today - it's live now
6h ago
Windows Search just got a faster, cleaner overhaul - how to try it today
7h ago
12 YouTube default settings to change right now for a more enjoyable experience
7h ago
Don't let an AI chatbot pick your password, ever
7h ago
SEO is not dead: 5 ways to win more citations from AI search
9h ago
I tried Google Maps' new 3D Immersive View for Android Auto, and it fixed my biggest navigation problems
13h ago
I tested COSMIC's new Frosted Glass effect, and it's way better than MacOS' Liquid Glass
23h ago
Is that QR code a trap? How to spot quishing scams before it's too late
1d ago
Windows questions? How Copilot can analyze your PC settings now
1d ago
How I tag my files to avoid endless searching and disorganized folders
1d ago
20 loaded
KO
Krebs on Security
1h ago · 10 items
Microsoft Patches a Record 570 Security Flaws
1h ago
Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesd...
Lessons Learned from CISA’s Recent GitHub Leak
1d ago
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys -- in a public GitHub repository for almos...
Felons, Fraudsters Flog Offensive Cybersecurity Startup
6d ago
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intellige...
FBI Seizes NetNut Proxy Platform, Popa Botnet
12d ago
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technolo...
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
21d ago
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The ...
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
26d ago
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers ...
Who Runs the Ransomware Group ‘The Gentlemen?’
34d ago
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of...
A Record-Breaking Patch Tuesday for June 2026
34d ago
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bug...
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
43d ago
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how ...
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
50d ago
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the Euro...
SE
SecurityWeek
1h ago · 10 items
Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
1h ago
Synopsys Finds No Evidence of Data Breach Amid Bosch Hack Claims
1h ago
Adobe Patches Critical ColdFusion Vulnerabilities
3h ago
7 Severe Vulnerabilities Patched in VMware Avi Load Balancer
6h ago
Unpatched Claude for Chrome Flaw Lets Extensions Read Gmail, Calendar
7h ago
SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud
8h ago
US, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure Routers
9h ago
Valarian Raises $50 Million for Sovereign Infrastructure Control Layer
10h ago
Multiple Jscrambler Packages Impacted by Supply Chain Attack
11h ago
Pentagon Suspends CMMC Phase 2 as It Rethinks Contractor Cybersecurity Rules
13h ago
BL
BleepingComputer
1h ago · 534 items
Microsoft releases Windows 10 KB5099539 extended security update
1h ago
Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, along with additional security fixes.
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
2h ago
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploited in attacks and one publicly disclosed.
Windows 11 KB5101650 & KB5099414 cumulative updates released
2h ago
Microsoft has released Windows 11 KB5101650 and KB5099414 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features.
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
4h ago
Progress Software has confirmed that a high-severity zero-day vulnerability is behind the emergency shutdown of ShareFile Storage Zone Controllers last week and has released security updates to patch the flaw.
LastPass, Bitwarden users targeted with fake security alerts
4h ago
LastPass is warning users about an ongoing phishing campaign that is using fake security notices to direct them to fraudulent websites.
You Don't Have to Run an Exploit to Know If You're Vulnerable
6h ago
Many vulnerabilities cannot be safely validated with live exploits, either because no exploit exists or the affected systems are too critical to test. Picus explains how TTP chaining helps organizations determine exploitability by validatin...
Microsoft Entra ID gets passkeys default authentication starting September
7h ago
Microsoft has announced that passkeys will become the default authentication method for the Entra ID enterprise identity service starting September 2026.
New phishing kits target Microsoft 365 accounts, evade MFA
7h ago
Two new phishing kits, Jalisco and OmegaLord, have been discovered in attacks targeting Microsoft 365 accounts, using techniques that defeat multi-factor authentication (MFA).
SAP warns of critical flaws in NetWeaver and Commerce Cloud
8h ago
SAP has addressed 16 vulnerabilities across multiple products as part of its July 2026 security updates, including three critical flaws in NetWeaver, Commerce Cloud, and AppRouter.
Microsoft starts testing cleaner Windows Search without ads
9h ago
Microsoft is now testing a cleaner and faster version of Windows Search that should prioritize relevant results over ads and promotional content.
US sanctions VPN, malware providers for enabling ransomware attacks
10h ago
Japan's largest taxi operator shuts systems after cyberattack
23h ago
Hackers backdoor Jscrambler npm package with infostealer malware
1d ago
New CrashStealer malware poses as Apple crash reporting tool
1d ago
CISA warns of actively exploited RCE flaws in Joomla extensions
1d ago
Lidl discloses online shop breach after service provider hack
1d ago
Breach at the Beach: Play the Ultimate Entra ID CTF
1d ago
UK charges suspects linked to Russian Coms call spoofing platform
1d ago
EU sanctions Russian GRU military hackers over cyberattacks
1d ago
US and allies warn of Russian critical infrastructure attacks
1d ago
OpenAI temporarily relaxes GPT-5.6 Sol usage limits
1d ago
Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time
2d ago
RedHook Android malware now uses Wireless ADB for shell access
2d ago
Australia warns of global campaign targeting vulnerable CMS platforms
3d ago
'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets
3d ago
New U-Boot flaws could enable stealthy firmware attacks
3d ago
Ryuk ransomware member pleads guilty in the US, faces 15 years in prison
4d ago
Police suspects Dutch hackers were involved in Odido breach
4d ago
Progress urges ShareFile admins to shut down servers over “credible” threat
4d ago
Hackers exploit critical auth bypass in Gitea Docker image
4d ago
Money launderer accused of stealing seized crypto while in prison
4d ago
The Replicant in Your Directory: AI Agents and the Identity Security Gap
4d ago
Zimbra urges customers to patch critical web client XSS flaw
4d ago
Former ransomware negotiator gets 4 years for BlackCat attacks
4d ago
OpenMandriva Linux says contributor tried to sabotage the project
4d ago
Injective SDK on npm infected with cryptocurrency wallet stealer
4d ago
New Helix vishing group emerges in SharePoint data theft attacks
5d ago
Microsoft expects more Windows security updates from AI-discovered flaws
5d ago
New Forg365 phishing platform uses AI to target Microsoft 365 accounts
5d ago
The Hidden Security Risks of Reduced Summer IT Coverage
5d ago
Microsoft to retire the OWA Light client in Exchange Server
5d ago
Police arrests 5,800 suspects in global anti-fraud crackdown
5d ago
AssuranceAmerica data breach exposes records of 6.9 million drivers
5d ago
Microsoft patches RoguePlanet Defender zero-day vulnerability
5d ago
Mount Royal University confirms breach as hackers claim attack
5d ago
Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
6d ago
Hackers exploit Roundcube flaw to spy on academic researchers
6d ago
Entra passkey enrollment vishing targets Microsoft 365 users
6d ago
3 Ways AI Powers Service Desk Attacks and How to Prevent Them
6d ago
DuckDuckGo browser now blocks YouTube video ads
6d ago
Telco giant KDDI says data breach affects over 12 million people
6d ago
CISA orders feds to prioritize patching Langflow auth bypass flaw
6d ago
Ubiquiti warns of new max severity UniFi OS vulnerability
6d ago
CISA orders feds to patch max severity ColdFusion flaw by Friday
6d ago
Accenture confirms breach after hacker offers stolen data for sale
6d ago
Chinese hackers develop LONGLEASH malware to expand ORB network
7d ago
Hidden backdoor in Tenda router firmware grants admin access
7d ago
Spain arrests suspected member of pro-Russian hacktivist groups
7d ago
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
7d ago
Webinar tomorrow: Why modern email attacks require a new approach to defense
7d ago
New Januscape Linux flaw allows VM escape on Intel, AMD devices
7d ago
Microsoft to enable Windows settings backup by default for orgs
7d ago
BeyondTrust warns of critical flaws in remote access software
7d ago
Microsoft testing new Cloud Rebuild Windows 11 recovery feature
7d ago
Phishing poses as big-brand job interview to steal Google accounts
7d ago
Fake IT support calls on Microsoft Teams push EtherRAT malware
7d ago
Vietnam arrests suspects behind HiAnime anime piracy service
8d ago
Software Is Now Written at the Speed of Thought. Security Isn't.
8d ago
Max severity Adobe ColdFusion flaw now exploited in attacks
8d ago
Flipper Zero firmware development continues with community help
9d ago
JadePuffer ransomware used AI agent to automate entire attack
10d ago
NetNut proxy network disrupted, 2 million infected devices cut off
11d ago
ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
11d ago
Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
11d ago
Claude Fable relaunch disappoints users with nerfed performance
11d ago
Google loses final appeal to overturn €4.1 billion EU fine
12d ago
ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
12d ago
Microsoft fixes bug that removed Copilot buttons in Outlook
12d ago
Cisco finally confirms attackers exploiting Unified CM flaw
12d ago
CISA: Microsoft SharePoint RCE flaw now actively exploited
12d ago
Opera rolls out Paste Protect feature to fight ClickFix attacks
12d ago
Alleged Scattered Spider hacker extradited to the United States
12d ago
Medtronic notifies customers impacted by ShinyHunters data breach
12d ago
FortiBleed credential-theft campaign linked to Lynx ransomware
12d ago
Kubota says hackers had month-long access to network systems
12d ago
ChocoPoc malware delivered via trojanized exploits on GitHub
13d ago
New ChocoPoC malware targets researchers via trojanized PoC exploits
13d ago
DHS confirms hackers breached HSIN info-sharing platform
13d ago
Webinar: Why traditional email security is no longer enough
13d ago
Hackers target Microsoft 365 accounts with 81 million login attempts
13d ago
Turning Indicators into Intelligence in OpenCTI with Criminal IP
13d ago
Over 900 Oracle E-Business instances exposed to ongoing attacks
13d ago
Microsoft fixes GIF functionality in the Windows Emoji Panel
13d ago
Amazon fined $2.25M for withholding evidence from fraud victims
13d ago
Adobe patches seven max severity ColdFusion, Campaign flaws
13d ago
Anthropic to restore Claude Fable access on Wednesday
13d ago
Anthropic rolls out Sonnet 5 with near-Opus 4.8 performance at a lower price
13d ago
New BioShocking attack manipulates AI browser into data theft
13d ago
Microsoft accelerates quantum-safe roadmap as risks grow
13d ago
Malicious PyPI packages give hackers control of Telegram bot servers
13d ago
Fake Perplexity extension on Chrome Web Store tracked searches
14d ago
Lessons from the Underground: How to Combat Business Email Compromise
14d ago
Insurance giant Aflac discloses data breach after subsidiary hack
14d ago
Mircosoft adds smarter bot protection to Teams meetings
14d ago
Microsoft adds smarter bot protection to Teams meetings
14d ago
Kali Linux 2026.2 released with 9 new tools, NetHunter updates
14d ago
Blackfield ransomware asks Nidec Corporation for $2 million ransom
14d ago
CISA: Windows BlueHammer flaw now exploited by ransomware gangs
14d ago
Nissan discloses employee data breach linked to Oracle zero-day attacks
14d ago
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
14d ago
WhatsApp rolls out usernames to help users hide their phone number
15d ago
Microsoft extends Windows Server 2022 hotpatching until October 2027
15d ago
U.S. offers $10 million for hackers targeting WhatsApp, Signal users
15d ago
Agentic AI Has an Identity Problem and Attackers Know It
15d ago
Critical SimpleHelp flaw exploited to deploy new stealer malware
15d ago
Hackers now exploit critical Oracle E-Business flaw in attacks
15d ago
Webinar: Why business email compromise attacks keep succeeding
15d ago
US seizes hundreds of FIFA World Cup illegal streaming domains
15d ago
Data breach exposes up to 14.2 million email logins at six ISPs
16d ago
Clean GitHub repo tricks AI coding agents into running malware
17d ago
FBI: Russian hackers now target Signal backup recovery keys
17d ago
CISA sets urgent deadline to fix Cisco flaw exploited in attacks
18d ago
Polymarket customers lose $3 million in supply-chain attack
18d ago
Cybersecurity firms targeted by fraudulent OpenAI organization invites
18d ago
Your First GRC Agent: A Red Teamer's Walkthrough
18d ago
Anthropic is testing desktop-like Claude Cowork for mobile
18d ago
Poland busts SIM-swapping gang tied to millions in crypto theft
18d ago
Order-tracking app Shop abused to push callback phishing attacks
19d ago
Microsoft quietly extends free Windows 10 ESU support to October 2027
19d ago
New macOS malware embeds fake errors to confuse AI analysis tools
19d ago
PirloTV sports piracy network disrupted as 44 domains seized
19d ago
Bluekit phishing kit adopts browser-in-the-middle for login theft
19d ago
The Four Elevations of Effective Fraud Prevention
19d ago
Webinar: Why account takeovers remain one of the hardest threats to stop
19d ago
Google releases new privacy controls for activity history, personalization
19d ago
DraftKings hacker 'Snoopy' sentenced to 18 months in prison
19d ago
Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
19d ago
Malicious Edge extension abuses Native Messaging as bridge to malware
19d ago
CISA warns of max severity Ubiquiti flaws exploited in attacks
20d ago
Amadey, StealC malware operations disrupted in Operation Endgame action
20d ago
Securing the service desk: Why social engineering attacks keep succeeding
20d ago
Stealthy Mistic backdoor linked to ransomware access broker KongTuke
20d ago
Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
20d ago
Tata Electronics confirms cyberattack as hackers leak data
20d ago
Windows 11 KB5095093 update rolls out new Point-in-Time restore feature
20d ago
Healthtech firm Xolis suffers data breach impacting 1.4 million people
21d ago
New macOS ClickFix attack silently mounts DMGs to push infostealer
21d ago
Scattered Spider members plead guilty to hacking Transport for London
21d ago
The Exploit Doesn't Exist. You Can Still Prove It Works Against You
21d ago
LastPass confirms data breach in Klue supply chain attack
21d ago
Webinar: Why email security teams are drowning in alerts
21d ago
WhatsApp phishing attack uses fake business docs to hack PCs
21d ago
JaredFromSubway MEV bot hacked in $15 million crypto theft
21d ago
FFmpeg fixes PixelSmash flaw in widely used video decoder
21d ago
FortiBleed campaign used custom FortiGate sniffer to steal credentials
22d ago
Microsoft says Windows 11 26H2 is coming soon, details upgrade process
22d ago
Microsoft fixes AutoGen Studio flaw that enabled code execution
22d ago
A Glimpse into the “Search Your Target” Market for Stolen Credentials
22d ago
AryStinger botnet infected thousands of D-Link routers worldwide
23d ago
New Prinz Eugen ransomware prioritizes recent files for encryption
24d ago
Microsoft links Mastra AI supply chain attack to North Korean hackers
24d ago
Klue OAuth breach victim list grows as Icarus hackers claim attack
24d ago
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
24d ago
Texas govt data breach exposes over 3 million driver’s licenses
25d ago
Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way
25d ago
Webinar: How attackers bypass MFA and how defenders can respond
25d ago
Microsoft: June 2026 Windows updates break Recycle Bin prompts
25d ago
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
25d ago
NY man charged after harassing college student with AI-generated nudes
25d ago
CISA warns Fortinet users to secure devices after FortiBleed leak
25d ago
Gentlemen ransomware uses multiple EDR killers to disable defenses
25d ago
Nintendo confirms data stolen in WebMD subsidiary cyberattack
26d ago
USB worm spreads crypto-stealing malware via Windows shortcut files
26d ago
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
26d ago
5 reasons Microsoft 365 backup isn’t enough for business data protection
26d ago
Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp
26d ago
ShapedPlugin update flow hacked to infect WordPress sites
26d ago
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
26d ago
Telegram admits it couldn't police exam-leak channels, India tells court
26d ago
F5 issues out-of-band patches for critical NGINX vulnerabilities
26d ago
Microsoft fixes Windows Server 2016 security update failures
26d ago
Leak confirms OpenAI is testing a ChatGPT for Science subscription
26d ago
Google to use UK and EU user IP addresses for ad personalization
26d ago
FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
27d ago
Why Account Takeovers Are Rising and How to Stop Them
27d ago
India's Telegram ban hit the UAE too. Here's how to get around it
27d ago
Microsoft confirms Office apps launch issues after June updates
27d ago
CISA orders feds to patch max severity Joomla plugin flaw by Friday
27d ago
Microsoft working on Defender patch for RoguePlanet zero-day
27d ago
Kodak confirms data breach claimed by ShinyHunters extortion gang
27d ago
Malicious JetBrains Marketplace plugins steal AI API keys from developers
27d ago
New Rokarolla Android malware targets 217 banking, crypto apps
28d ago
Steam Workshop abused to spread malware via Wallpaper Engine app
28d ago
UK to require ID or face scan before you can make social media accounts
28d ago
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
28d ago
FTC warns of record $3.5 billion losses to imposter scams in 2025
28d ago
CISA warns of another cPanel plugin flaw exploited in attacks
28d ago
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
28d ago
Critical Fortinet FortiSandbox flaws now exploited in attacks
28d ago
Windows version of SprySOCKS Linux malware used to attack govt orgs
28d ago
iRhythm discloses data breach, says hackers stole patient info
28d ago
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
28d ago
SimpleHelp bug lets hackers create rogue remote support accounts
29d ago
OptinMonster WordPress plugin hacked in CDN supply-chain attack
29d ago
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
29d ago
Council of Europe investigates ShinyHunters data breach claims
29d ago
FBI: Fraudsters use couriers to steal money in crypto scams
29d ago
Vibe coders are gonna vibe code: How CISOs are tackling code sprawl
29d ago
Chinese hackers breach REDCap servers, steal medical research
29d ago
New attack turned Microsoft 365 Copilot into 1-click data theft tool
29d ago
Infinite Campus data breach affects 137,000 school staff accounts
29d ago
Webinar: How behavioral AI stops phishing and account takeovers
29d ago
FBI disrupts massive AI-powered phishing service using a million URLs
30d ago
Ex-school district employee jailed for hacks on former employer
30d ago
Chinese hackers hijack auth flow, spy on isolated network for a decade
31d ago
US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos
31d ago
Maine disables data breach notification portal after fake disclosures
32d ago
phpBB forum fixes auth bypass bug lurking for a decade
32d ago
Ukrainian national pleads guilty to role in Conti ransomware operation
32d ago
Over 400 Arch Linux packages compromised to push rootkit, infostealer
32d ago
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
32d ago
Microsoft fixes Windows update failures linked to WUSA installer
32d ago
Pharma giant Novo Nordisk discloses breach of clinical trials data
32d ago
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
32d ago
Over 73,000 French govt employees affected in Tchap messenger breach
32d ago
Japanese energy firm loses drive with data of 10.9 million clients
32d ago
Maine breach portal abused to publish fake data breach disclosures
32d ago
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
33d ago
Authorities dismantle 'AudiA6' ransomware crypto-laundering service
33d ago
Why AI-driven threats are exposing the limits of MSP security stacks
33d ago
Coupang hit with record $409 million data breach fine in Korea
33d ago
CISA tells govt agencies to patch critical exploited flaws in 3 days
33d ago
Microsoft fixes BitLocker recovery bug on Windows Server 2025
33d ago
Nottingham University data breach affects over 450,000 students
33d ago
Max severity Ivanti Sentry vulnerability now exploited in attacks
33d ago
Path traversal flaw in AI dev platform Langflow exploited in attacks
33d ago
The ‘Miasma’ worm source code briefly leaked on GitHub
33d ago
GitHub announces npm security changes to tackle supply-chain attacks
34d ago
Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks
34d ago
China-linked JDY botnet expands targeting of U.S. military networks
34d ago
The 5 Best Practices for Secure Identity Verification
34d ago
Microsoft patches Exchange Server zero-day exploited in attacks
34d ago
Microsoft: Some Windows PCs fail to install latest monthly updates
34d ago
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
34d ago
Ivanti: Max severity Sentry flaw allows code execution as root
34d ago
Anthropic rolls out Claude Fable 5, but it's available for a limited time
34d ago
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges
34d ago
ServiceNow discloses security incident exposing customer data
34d ago
OpenClaw AI agent found falling for phishing attacks, spills user data
34d ago
SAP fixes critical flaws in NetWeaver and Commerce Cloud
35d ago
Microsoft releases Windows 10 KB5094127 extended security update
35d ago
Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
35d ago
Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws
35d ago
Windows 11 KB5094126 & KB5093998 cumulative updates released
35d ago
XBOW tests Anthropic's Mythos Preview for offensive security
35d ago
GitHub disables Microsoft repos pushing password-stealing malware
35d ago
New Veeam vulnerability exposes backup servers to RCE attacks
35d ago
French govt messaging service breached in account hijacking attack
35d ago
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
35d ago
Google patches new Chrome zero-day flaw exploited in the wild
35d ago
NFCShare Android malware spreads via fake banking app updates on GitHub
35d ago
SoFi confirms third-party data breach at Hong Kong subsidiary
35d ago
New Apple feature automatically changes your compromised passwords
35d ago
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
35d ago
WhatsApp says it disrupted new NSO spyware phishing attacks
36d ago
Gogs patches critical zero-day enabling remote code execution
36d ago
Critical UniFi OS bug lets hackers gain root without authentication
36d ago
Reducing security operations complexity with Wazuh Cloud
36d ago
Check Point links VPN zero-day attacks to Qilin ransomware gang
36d ago
Oxford University discloses data breach after careers platform hack
36d ago
Over 20,000 Instagram accounts stolen in Meta AI support hack
36d ago
Hands on with Intelligent Terminal, an AI-powered Windows Terminal
36d ago
C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
37d ago
Silent Ransom Group targets law firms with fake IT support calls
37d ago
Critical Everest Forms Pro flaw exploited to take over WordPress sites
38d ago
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
38d ago
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
39d ago
Chinese APT deploys new malware to keep access to hacked networks
39d ago
Dark web Nemesis Market vendor gets 26 years for selling drugs
39d ago
Over 900 US gas station tank gauge systems exposed to attacks
39d ago
What 2026 DBIR Confirms: Attacks Are Living in the Browser
39d ago
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
39d ago
Brave Software releases Origin for a paid, bloat-free browsing experience
39d ago
Hola Browser for Windows compromised to deliver cryptominer
39d ago
Credit card theft campaign abuses Stripe to host stolen payment info
39d ago
DentaQuest data breach exposed info of 2.6 million accounts
40d ago
UN food agency discloses breach affecting 600,000 Gaza households
40d ago
New IronWorm malware hits 36 packages in npm supply-chain attack
40d ago
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
40d ago
Microsoft blames unexpected Windows driver updates on caching issue
40d ago
Police dismantles fake ID marketplace used by migrant smugglers
40d ago
Cisco warns of critical Unified CM flaw with PoC exploit code
40d ago
Chinese hackers use new Atlas RAT malware in European cyberattacks
40d ago
The U.S. sanctions Nobitex crypto exchange used by ransomware
40d ago
CISA warns of cyberattacks targeting fuel tank monitoring systems
40d ago
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
41d ago
CISA warns of active attacks exploiting Android, Linux bugs
41d ago
What 345 Days of Untested Exposure Looks Like at a Bank
41d ago
Acer working to patch max severity zero-days in Wave 7 routers
41d ago
Police dismantles 9 crime groups in illegal streaming crackdown
41d ago
Google adds Android protection against AI deepfake scam calls
41d ago
VS Code zero-day lets hackers steal GitHub tokens in one click
41d ago
Microsoft's Coreutils project brings Linux commands to Windows
41d ago
OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models
41d ago
Critical Kirki flaw exploited to hijack WordPress admin accounts
41d ago
Over 116,000 Mincraft systems infected in WeedHack malware campaign
41d ago
Over 116,000 Minecraft systems infected in WeedHack malware campaign
41d ago
AI-built ransomware toolkit automates EDR evasion, AD discovery
42d ago
Microsoft Exchange Online outage causes email delays, failures
42d ago
Instagram users locked out after Meta AI abused to steal accounts
42d ago
Why the browser is now the front line for AI security
42d ago
CISA flags two-year-old Oracle flaw as actively exploited in attacks
42d ago
Google fixes one actively exploited Android zero-day, 124 flaws
42d ago
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
42d ago
Red Hat npm packages compromised to steal developer credentials
42d ago
Spain arrests doxer leaking sensitive data of govt employees
42d ago
Dashlane password manager users locked out by brute force attacks
43d ago
WordPress malware campaign hides payloads in Steam profiles
43d ago
Microsoft investigates Office Apps, Teams file access issues
43d ago
Race Against Time: Why Faster Vulnerability Alerts Matter
43d ago
Critical Windows Netlogon RCE flaw now exploited in attacks
43d ago
Webinar tomorrow: From alert to resolution in network incident response
43d ago
Microsoft confirms outage affecting MFA, My Sign-Ins platform
43d ago
Microsoft fixes outage affecting MFA setup, MySignIn service
43d ago
Microsoft fixes KB5089549 Windows security update install issues
43d ago
WP Maps Pro bug exploited to create admin accounts on WordPress sites
44d ago
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
45d ago
New CIFSwitch Linux flaw gives root on multiple distributions
45d ago
ChatGPT share links abused to host fake outage pages to deliver malware
46d ago
California AG sues 23andMe over 2023 breach exposing health data
46d ago
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
46d ago
Dutch govt disrupts malware botnet with 17 million infected devices
46d ago
Google Chrome adds session cookie theft protection for all users
46d ago
Man sent to prison for selling data of 7 millions elderly Americans
46d ago
US charges Google security engineer with Polymarket insider trading
46d ago
Charter Communications data breach affects 4.9 million accounts
46d ago
Anthropic confirms Claude Mythos-class models will roll out to the public
46d ago
GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
46d ago
BTMOB Android malware service generates custom phishing payloads
46d ago
FBI warns of fake FIFA websites running World Cup fraud schemes
47d ago
Hackers exploit FortiClient EMS flaw to push infostealer malware
47d ago
New Gogs zero-day flaw lets hackers get remote code execution
47d ago
How SIEM helps MSPs reduce noise and stop threats faster
47d ago
Romanian gets 5 years in prison for hacking Oregon govt network
47d ago
Webinar: Why network incidents take too long to resolve
47d ago
Carnival Cruise confirms data breach affecting nearly 6 million people
47d ago
Sextortionist sentenced to 33 years for targeting 145 children
47d ago
GPU mining malware spreads via SEO poisoning, AI chatbots
47d ago
Can you enforce strong Active Directory password rules without frustrating users?
48d ago
Glassworm botnet disrupted after resilient C2 infrastructure takedown
48d ago
FBI warns of in-person data theft attacks from extortion gang
48d ago
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
48d ago
Dutch police arrests suspect linked to Ajax football club hack
48d ago
Windows 11 KB5089573 update released with performance improvements
48d ago
KnowledgeDeliver flaw exploited as a zero-day to install web shells
49d ago
Charter confirms data breach after ShinyHunters extortion threat
49d ago
How Varonis Atlas integrates Claude Compliance API for AI governance
49d ago
Microsoft Defender can now automatically isolate hacked endpoints
49d ago
Webinar: Too many tools are slowing network incident response
49d ago
CISA orders feds to patch actively exploited Drupal vulnerability
49d ago
Microsoft: Domain Controller lookup may fail on Windows Server 2016
49d ago
7-Eleven data breach exposes personal information of 185,000 people
49d ago
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
50d ago
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
50d ago
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
51d ago
Laravel Lang packages hijacked to deploy credential-stealing malware
51d ago
Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
52d ago
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
53d ago
Former US execs plead guilty to aiding tech support scammers
53d ago
Trend Micro warns of Apex One zero-day exploited in the wild
53d ago
Drupal: Critical SQL injection flaw now targeted in attacks
53d ago
Why Chargebacks are Just One Piece of the Fraud Puzzle
53d ago
Ubiquiti patches three max severity UniFi OS vulnerabilities
53d ago
US and Canada arrest and charge suspected Kimwolf botnet admin
53d ago
Google accidentally exposed details of unfixed Chromium flaw
54d ago
Apple blocked over $11 billion in App Store fraud in 6 years
54d ago
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
54d ago
Chinese hackers target telcos with new Linux, Windows malware
54d ago
Max severity Cisco Secure Workload flaw gives Site Admin privileges
54d ago
Police seize “First VPN” service used in ransomware, data theft attacks
54d ago
Flipper One project needs community help to build open Linux platform
54d ago
Microsoft warns of new Defender zero-days exploited in attacks
54d ago
GitHub links repo breach to TanStack npm supply-chain attack
54d ago
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
54d ago
Hackers bypass SonicWall VPN MFA due to incomplete patching
54d ago
Grafana breach caused by missed token rotation after TanStack attack
55d ago
Identity Alone Isn't Enough: Why Device Security Has to Share the Load
55d ago
Drupal critical update to fix bug with high exploitation risk
55d ago
Exploit released for new PinTheft Arch Linux root escalation flaw
55d ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
55d ago
Microsoft shares mitigation for YellowKey Windows zero-day
55d ago
GitHub investigates internal repositories breach claimed by TeamPCP
55d ago
Max-severity flaw in ChromaDB for AI apps allows server hijacking
55d ago
Cybercrime service disrupted for abusing Microsoft platform to sign malware
55d ago
Discord rolls out end-to-end encryption on voice, video calls
55d ago
FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
56d ago
Microsoft Self-Service Password Reset abused in Azure data theft attacks
56d ago
Microsoft plans to improve Windows 11 driver quality in 2026
56d ago
Microsoft blames macOS update for undismissible Teams location prompts
56d ago
New Shai-Hulud malware wave compromises 600 npm packages
56d ago
7-Eleven confirms data breach claimed by the ShinyHunters gang
56d ago
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
56d ago
Webinar: The hidden bottlenecks in network incident response
56d ago
Microsoft confirms patching issues in restricted Windows networks
56d ago
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
56d ago
SHub macOS infostealer variant spoofs Apple security updates
56d ago
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
57d ago
Leaked Shai-Hulud malware fuels new npm infostealer campaign
57d ago
Grafana says stolen GitHub token let hackers steal codebase
57d ago
Microsoft testing adjustable taskbar, Start menu in Windows 11
57d ago
Microsoft confirms Windows 11 security update install issues
57d ago
Exploit available for new DirtyDecrypt Linux root escalation flaw
57d ago
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
57d ago
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
57d ago
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
58d ago
Microsoft rejects critical Azure vulnerability report, no CVE issued
58d ago
Russian hackers turn Kazuar backdoor into modular P2P botnet
59d ago
Funnel Builder WordPress plugin bug exploited to steal credit cards
60d ago
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
60d ago
Popular node-ipc npm package compromised to steal credentials
60d ago
Avada Builder WordPress plugin flaws allow site credential theft
60d ago
Microsoft backpedals: Edge to stop loading passwords into memory
60d ago
Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
60d ago
Microsoft to automatically roll back faulty Windows drivers
60d ago
Microsoft warns of Exchange zero-day flaw exploited in attacks
60d ago
TeamPCP hackers advertise Mistral AI code repos for sale
60d ago
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
60d ago
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
60d ago
OpenAI confirms security breach in TanStack supply chain attack
61d ago
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
61d ago
18-year-old NGINX vulnerability allows DoS, potential RCE
61d ago
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
61d ago
KongTuke hackers now use Microsoft Teams for corporate breaches
61d ago
Dell confirms its SupportAssist software causes Windows BSOD crashes
61d ago
US charges suspected Dream Market admin arrested in Germany
61d ago
New Fragnesia Linux flaw lets attackers gain root privileges
61d ago
West Pharmaceutical says hackers stole data, encrypted systems
61d ago
Iranian hackers targeted major South Korean electronics maker
61d ago
New critical Exim mailer flaw allows remote code execution
61d ago
Windows BitLocker zero-day gives access to protected drives, PoC released
62d ago
Webinar tomorrow: Why security alone won't stop modern attacks
62d ago
Microsoft fixes BitLocker recovery issue only for Windows 11 users
62d ago
Microsoft fixes Windows Autopatch bug installing restricted drivers
62d ago
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
62d ago
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
62d ago
Microsoft says some users can't install Office on Windows 365 devices
62d ago
US govt seeks Instructure testimony on massive Canvas cyberattack
62d ago
UK fines water supplier $1.3M for exposing data of 664k customers
62d ago
Webinar: Fixing the gaps in network incident response
63d ago
Signal adds security warnings for social engineering, phishing attacks
63d ago
Microsoft releases Windows 10 KB5087544 extended security update
63d ago
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
63d ago
Windows 11 KB5089549 & KB5087420 cumulative updates released
63d ago
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
63d ago
Škoda warns of customer data breach after online shop hack
63d ago
Android 17 to expand banking scam call and privacy protections
63d ago
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
63d ago
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
63d ago
Instructure reaches 'agreement' with ShinyHunters to stop data leak
63d ago
GM agrees to $12.75M California settlement over sale of drivers’ data
63d ago
Official CheckMarx Jenkins package compromised with infostealer
63d ago
New GhostLock tool abuses Windows API to block file access
63d ago
Instructure confirms hackers used Canvas flaw to deface portals
64d ago
Why Changing Passwords Doesn’t End an Active Directory Breach
64d ago
Google: Hackers used AI to develop zero-day exploit for web admin tool
64d ago
Webinar this week: Prevention alone is not enough against modern attacks
64d ago
TrickMo Android banker adopts TON blockchain for covert comms
64d ago
Hackers abuse Google ads, Claude.ai chats to push Mac malware
65d ago
Police shut down reboot of Crimenetwork marketplace, arrest admin
65d ago
JDownloader site hacked to replace installers with Python RAT malware
66d ago
Fake OpenAI repository on Hugging Face pushes infostealer malware
66d ago
NVIDIA confirms GeForce NOW data breach affecting Armenian users
67d ago
Why More Analysts Won’t Solve Your SOC’s Alert Problem
67d ago
Trellix source code breach claimed by RansomHouse hackers
67d ago
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
67d ago
Zara data breach exposed personal information of 197,000 people
67d ago
Former govt contractor convicted for wiping dozens of federal databases
67d ago
New Linux 'Dirty Frag' zero-day gives root on all major distros
67d ago
Canvas login portals hacked in mass ShinyHunters extortion campaign
67d ago
New TCLBanker malware self-spreads over WhatsApp and Outlook
67d ago
New PCPJack worm steals credentials, cleans TeamPCP infections
68d ago
Australia warns of ClickFix attacks pushing Vidar Stealer malware
68d ago
Ivanti warns of new EPMM flaw exploited in zero-day attacks
68d ago
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
68d ago
Americans sentenced for running 'laptop farms' for North Korea
68d ago
Crypto gang member gets 6.5 years for role in $230 million heist
68d ago
Webinar: Why modern attacks require both security and recovery
68d ago
Palo Alto Networks firewall zero-day exploited for nearly a month
68d ago
Fake Claude AI website delivers new 'Beagle' Windows malware
68d ago
Hackers abuse Google ads for GoDaddy ManageWP login phishing
68d ago
Critical vm2 sandbox bug lets attackers execute code on hosts
69d ago
New Cisco DoS flaw requires manual reboot to revive devices
69d ago
DAEMON Tools devs confirm breach, release malware-free version
69d ago
Why ransomware attacks succeed even when backups exist
69d ago
MuddyWater hackers use Chaos ransomware as a decoy in attacks
69d ago
Webinar: Why network incidents escalate and how to fix response gaps
69d ago
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
69d ago
New stealthy Quasar Linux malware targets software developers
69d ago
Instructure hacker claims data theft from 8,800 schools, universities
69d ago
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
70d ago
Student hacked Taiwan high-speed rail to trigger emergency brakes
70d ago
FTC to ban data broker Kochava from selling Americans’ location data
70d ago
The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
70d ago
The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss
70d ago
Vimeo data breach exposes personal information of 119,000 people
70d ago
Google now offers up to $1.5 million for some Android exploits
70d ago
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
70d ago
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
70d ago
ScarCruft hackers push BirdCall Android malware via game platform
70d ago
Weaver E-cology critical bug exploited in attacks since March
70d ago
Amazon SES increasingly abused in phishing to evade detection
71d ago
Researchers report Amazon SES abused in phishing to evade detection
71d ago
Backdoored PyTorch Lightning package drops credential stealer
71d ago
Trellix discloses data breach after source code repository hack
71d ago
They don’t hack, they borrow: How fraudsters target credit unions
71d ago
Progress warns of critical MOVEit Automation auth bypass flaw
71d ago
Webinar: Why MSPs must rethink security and backup strategies
71d ago
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
71d ago
Microsoft confirms April Windows updates cause backup failures
71d ago
Instructure confirms data breach, ShinyHunters claims attack
71d ago
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
72d ago
Telegram Mini Apps abused for crypto scams, Android malware delivery
72d ago
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
72d ago
ConsentFix v3 attacks target Azure with automated OAuth abuse
73d ago
Microsoft tests modern Windows Run, says it's faster than legacy dialog
73d ago
Edu tech firm Instructure discloses cyber incident, probes impact
73d ago
15-year-old detained over French govt agency data breach
74d ago
Story retracted
74d ago
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
74d ago
Microsoft fixes Remote Desktop warnings displaying incorrectly
74d ago
Microsoft now lets admins choose pre-installed Store apps to uninstall
74d ago
Windows 11 KB5083631 update released with 34 changes and fixes
74d ago
US ransomware negotiators get 4 years in prison over BlackCat attacks
74d ago
New Bluekit phishing service includes an AI assistant, 40 templates
75d ago
534 loaded
TH
The Hacker News
1h ago · 20 items
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
1h ago
Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
2h ago
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
3h ago
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
6h ago
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
7h ago
Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
8h ago
How Pentera Turns AI Security Workflows into Validation Engines
8h ago
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
8h ago
Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
11h ago
U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
12h ago
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
13h ago
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
13h ago
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
1d ago
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
1d ago
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
1d ago
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email
1d ago
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
1d ago
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling
1d ago
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots
1d ago
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
1d ago
20 loaded
JH
John Hammond
2h ago · 15 items
Backdoored TortoiseSVN Installer
2h ago
Payload Podcast 009 - Steven Flores
1d ago
NEW AI Hacking Challenges with Andrew Bellini!
3d ago
Fake Microsoft Installer
4d ago
See you at Black Hat USA 2026!
5d ago
TeamPCP Attention
6d ago
Open Source Malware
8d ago
THE MOD WORKS! lets improve it
8d ago
the vibe continues
9d ago
let's vibe
10d ago
Beyond Usernames
13d ago
Beyond CTF Labs
14d ago
ConsentFix Exposed
15d ago
Facebook Phishing Fails
18d ago
Disable SmartScreen Fast
19d ago
15 loaded
DB
David Bombal
2h ago · 15 items
Is Cat7 a SCAM?
2h ago
Cisco's Agents Reason Like a CCIE
1d ago
Install GrapheneOS Before Your Phone Becomes the Checkpoint
2d ago
Unveiled: Cisco Deep Reasoning
8d ago
Why Apple Hide My Email FAILS
9d ago
New to Linux? This is the best place to start!
9d ago
WARNING: AI tracks your face
11d ago
Is DEFCON for you?
14d ago
2026 home lab setup to test malicious links safely for FREE (step by step)
16d ago
Which is Ethernet? What's the difference?
18d ago
Europe’s 800 Exaflop SUPERCOMPUTERS
20d ago
They Created a Supercomputer in a Rack?
22d ago
Build a Complete Free CCNA Home Lab in 2026 With No Gear
23d ago
Broken access control demo
24d ago
Will this replace PoE (Power over Ethernet)?
25d ago
15 loaded
HN
Help Net Security
2h ago · 10 items
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)
2h ago
SonicWall has patched two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) in its SMA 1000 Series appliances.
New macOS malware steals passwords by posing as Apple’s crash-reporting tool
6h ago
Jamf Threat Labs has uncovered a new macOS infostealer named CrashStealer that disguises itself as Apple's crash-reporting tool.
Download: The ultimate guide to network operations management
7h ago
“Context bombs” can frustrate AI-driven attacks, researchers found
7h ago
Researchers have tested defensive prompt injection via canaries with "context bombs" against offensive AI agents.
Google adds FIDO2 keys and phone passkeys to Windows login via GCPW
9h ago
Need a security key for Windows login? Google's GCPW now supports FIDO2 keys and phone passkeys as a second factor.
No one knows how many old shims can still bypass UEFI Secure Boot
9h ago
Eleven forgotten Microsoft-signed shims enabled a UEFI Secure Boot bypass on nearly any PC. Microsoft revoked them in June 2026.
UK charges five persons linked to fraud platform behind more than a million scam calls
10h ago
Five people were charged in an NCA investigation into Russian Coms, a caller ID spoofing platform tied to millions in scam call losses.
Microsoft Entra ID authentication overhaul to start in September 2026
11h ago
Microsoft will make passkeys the default authentication experience in Entra ID and phase out native SMS and voice authentication.
New tutorials on underground hacking forums have roughly doubled
13h ago
Underground hacking forums are producing more original tutorials again, with growing attention on financial fraud.
The best defense against AI attacks turns out to be a skeptical human
14h ago
AI attacks now hit most organizations, and the 2026 SANS AI Survey finds the best defense is still a skeptical human analyst.
BF
Blog – Forter
2h ago · 10 items
The Gray Area in Your Checkout Is Costing You More Than You Think
2h ago
Your Payment Routing Rules Are Making Decisions Without You
5d ago
New at Forter: AI Agents Built to Amplify Your Team
20d ago
Can AI Agents Find, Trust, and Choose Your Brand?
21d ago
IMPACT Roadshow Recap: Getting Ready for Agentic Commerce
34d ago
Agent-Ready: How to Prepare Your Site for AI-Driven Commerce
40d ago
Japan’s 3DS Mandate: One Year In
60d ago
One-Click Refunds Are Not as Hard as You Think
70d ago
Toys“R”Us Japan Implements Forter’s Fraud Management and Payment Optimization Solutions
76d ago
More of What Matters: Forter’s April Product Release
77d ago
BH
Black Hat
3h ago · 15 items
What to Expect at Black Hat USA 2026
3h ago
Black Hat Europe 2025 | Compromising The AI Agent Ecosystem Via Its "Universal Connector"
1d ago
Black Hat Europe 2025 | Millions of Intranet Devices Are Facing Silent Takeover (On-Demand Only)
2d ago
Black Hat Europe 2025 | Bootstrapping Trust: From Isolated Build Machines to Enclaved CI Pipelines
3d ago
Black Hat Europe 2025 | Pwning .NET Framework Applications Through HTTP Client Proxies And WSDL
4d ago
Black Hat Intercepted | Olivia Gallucci, Security Engineer at Datadog
5d ago
Black Hat Europe 2025 | Ghost In The Stack: Evolving Call Stack Spoofing In A Post-CET Era
5d ago
Black Hat Europe 2025 | ORMageddon: Leaking More Than You Joined For
6d ago
Black Hat Europe 2025 | Breaking AI Inference Systems: Lessons From Pwn2Own Berlin
6d ago
Black Hat Intercepted | Anurag Swarnim Yadav, Co-Founder & CTO of QubitAC
7d ago
Black Hat Europe 2025 | Nation-Scale SecOps: How CERT PL Scans Poland
7d ago
Black Hat Europe 2025 | Not Just Victims: The Hidden Villains Inside Infostealer Logs
8d ago
Black Hat Europe 2025 | Taking Control Over Legacy And ERTMS/ETCS Railroad Signaling Systems
9d ago
Black Hat Europe 2025 | Slashing QUIC's Performance With A Hash DoS
10d ago
Black Hat Europe 2025 | Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
11d ago
15 loaded
FP
Fraud Prevention – Riskified
4h ago · 1 items
MS
MSRC Security Update Guide
6h ago · 20 items
CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability
6h ago
CVE-2026-48561 Microsoft Copilot Remote Code Execution Vulnerability
6h ago
CVE-2026-42982 Windows Secure Kernel Mode Elevation of Privilege Vulnerability
6h ago
CVE-2026-47296 Microsoft SQL Server Elevation of Privilege Vulnerability
6h ago
CVE-2026-34349 Windows Media Information Disclosure Vulnerability
6h ago
CVE-2026-34346 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
6h ago
CVE-2026-42900 Microsoft Windows App Store Elevation of Privilege Vulnerability
6h ago
CVE-2026-42975 Windows Bluetooth Port Driver Remote Code Execution
6h ago
CVE-2026-47300 ASP.NET Core Elevation of Privilege Vulnerability
6h ago
CVE-2026-47302 .NET Denial of Service Vulnerability
6h ago
CVE-2026-47303 ASP.NET Core Elevation of Privilege Vulnerability
6h ago
CVE-2026-42990 SQL Server ODBC driver Elevation of Privilege Vulnerability
6h ago
CVE-2026-48572 Windows App Package Installer Elevation of Privilege Vulnerability
6h ago
CVE-2026-48571 Windows App Package Installer Elevation of Privilege Vulnerability
6h ago
CVE-2026-49162 Microsoft Brokering File System Elevation of Privilege Vulnerability
6h ago
CVE-2026-49164 Windows Active Directory Domain Services Remote Code Execution Vulnerability
6h ago
CVE-2026-49165 Microsoft Windows App Store Information Disclosure Vulnerability
6h ago
CVE-2026-49166 Windows Print Configuration Elevation of Privilege Vulnerability
6h ago
CVE-2026-49167 Windows Kernel Elevation of Privilege Vulnerability
6h ago
CVE-2026-49168 Storage Spaces Direct Elevation of Privilege Vulnerability
6h ago
20 loaded
RF
Recorded Future
20h ago · 20 items
The FBI Warned About Fake Permit Fees. The Harder Question Is Where the Money Goes. | Recorded Future
20h ago
June 2026 CVE Landscape
4d ago
RiskX interview video featuring Colin Mahony and Mastercard's Aditi Sawhney
5d ago
The Threat Isn’t the Frontier Model
6d ago
Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool
13d ago
Where Expertise Meets Algorithm: The Insikt Group® Intelligence Edge
19d ago
Discover how Recorded Future’s Insikt Group combines human expertise with automated analysis to turn raw data into actionable, industry-leading threat intelligence.
Evaluating Mexico’s New Cybersecurity Plan
19d ago
Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan. Discover how Mexico is addressing critical threats like ransomware, organized crime, and AI-driven attacks while preparing its digital infrastructure for the 2026 FIFA W...
FortiBleed Campaign Exposing Credentials for 73,932 FortiGate Systems
20d ago
A dataset containing valid administrative and VPN credentials for tens of thousands of Fortinet FortiGate firewalls, Recorded Future recommends organizations patch their systems immediately.
The Purchase Scam Tactic Headed for the World Cup | Recorded Future
21d ago
A purchase scam tactic hijacks organic search through compromised sites, and it’s built to scale into 2026 FIFA World Cup fraud. How it works and how to respond.
State Digital Surveillance Risk Landscape
27d ago
Explore the state digital surveillance risk landscape. Learn how governments use spyware, AI, and network interception to monitor travelers and how to mitigate these risks.
The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine
28d ago
Recorded Future Launches Impact and Metrics Dashboard
33d ago
Cyber-Enabled Maritime Sanctions Evasion
33d ago
2026 FIFA World Cup: What Public Safety Officials Need to Know
34d ago
China's Noncombatant Evacuation Operations: 2005–2025
34d ago
Russia’s Defense-Based Economy Risks Forcing Putin to Fight Wars
35d ago
May 2026 CVE Landscape
36d ago
Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantage
39d ago
Threats to the 2026 FIFA World Cup
40d ago
Remembering Sir Alex Younger
40d ago
20 loaded
MS
Microsoft Security Blog
22h ago · 10 items
Defending SaaS-based applications against ShinyHunters OAuth abuse
22h ago
Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ShinyHunters, including voice phishing (vishing), supply-chain compromise, and misconfigured guest access targeting SaaS-bas...
Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
1d ago
Starting September 1, 2026, passkeys will become the default authentication experience in Microsoft Entra. Read more about how to prepare.
Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative
4d ago
Microsoft’s latest Secure Future Initiative report outlines progress on secure foundations, AI-powered defense, and future-ready cybersecurity.
GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
5d ago
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational platform. This blog analyzes how the malware incorporates code from several previously separate malware families an...
Protecting Microsoft at AI speed: How SFI proactively hardens our cloud
6d ago
Learn how Microsoft uses AI to proactively harden its own cloud services through the Secure Future Initiative (SFI).
5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management
8d ago
Read five key learnings from the Frost & Sullivan 2025 Frost Radar™ for CSPM to learn how CSPM is evolving from point-in-time compliance to continuous risk management.
Improving security posture across the Microsoft partner ecosystem
12d ago
Read how Microsoft strengthens partner ecosystem security with CSP vetting, least privilege access, monitoring, and risk management best practices.
Microsoft named a leader in the Frost Radar for cloud and application runtime security
13d ago
Frost Radar recognizes Microsoft leadership in cloud and application runtime security, helping teams prioritize and reduce exploitable risk.
Accelerating the quantum-safe timeline
14d ago
We’re accelerating quantum-safe readiness—and sharing what organizations can do now to transition earlier and with confidence.
What’s new in Microsoft Security: June 2026
14d ago
This month’s updates help security and IT teams strengthen identity and multicloud foundations, protect data wherever it lives, and secure the developer workflows powering AI innovation.
SA
Security - Ars Technica
23h ago · 20 items
The US government warns that Russia state hackers are coming after your router
23h ago
Now, defenders are embracing the prompt injection, too
1d ago
Patch for Windows Defender 0-day could allow attackers to fill hard disk
4d ago
Google pays $250K for Linux vulnerability allowing guest VM escapes
6d ago
Hackers can use 9 of the most popular AI tools to assemble massive botnets
6d ago
Newly discovered PamStealer isn't your typical macOS malware
12d ago
NASA inspector general suggests Boeing's Starliner will now be a decade late
13d ago
New attack provides one more reason why AI browsers are a bad idea
14d ago
US offers $10 million for info on group behind Signal and WhatsApp hacking spree
14d ago
One-two punch delivered in global operation disrupts cybercrime "assembly line"
19d ago
White House drastically shortens deadline for dropping quantum-vulnerable crypto
20d ago
Following user outcry, AMD reinstates memory encryption in consumer CPUs
22d ago
Microsoft discovers new lightweight backdoor that steals cryptocurrency
25d ago
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
26d ago
Massive breach spills credentials for thousands of sensitive networks
27d ago
"Dangerous" AI models are coming no matter what
27d ago
Windows and Linux users: The deadline to update Secure Boot keys is near
27d ago
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
28d ago
Users cry foul after AMD stripped memory crypto from its consumer CPUs
29d ago
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
32d ago
20 loaded
NA
NahamSec
1d ago · 15 items
This Hacker Made $8,000 Hacking a Major Retailer's AI Chatbot Over DNS (Live Demo!)
1d ago
I Made an AI Agent That Reverses CVEs While I Sleep
8d ago
This Hacker Got Paid $50,000+ to Break Frontier AI Models
22d ago
This hacker made $500,000+ hacking google in just a few months. #hacking #bugbounty #cybersecurity
27d ago
How I Made $30,000 Hacking Broken Access Control
29d ago
$30K from one bug class: broken access control. Here's how 3 "lows" chain into account takeover
29d ago
Content creations was both a blessing and a curse. #bugbounty
36d ago
This Hacker Made $7,000 Hacking AI With One Email
36d ago
How I Found My First $3,000 AI Vulnerability
43d ago
This GitHub README Hijacks Your AI and Spreads Like a Virus
57d ago
New video: hacking AI coding assistants and IDEs. #bugbounty #ai
57d ago
The Bug Bounty Roadmap I'd Follow If I Started Over (With AI)
64d ago
Is the AI hype helping or killing your bug bounty dreams? #hacking #bugbounty
64d ago
Stop Using AI Connectors Until You Watch This
71d ago
One ChatGPT connector. One email. Full AI agent hijack. #BugBounty #PromptInjection #ai #hacking
71d ago
15 loaded
SL
Security Latest
1d ago · 20 items
A Leak of San Francisco Police Drone Footage Exposes the New Reality of Urban Surveillance
1d ago
AI Found a Root Bug in Linux That Everyone Missed for 15 Years
3d ago
A Majority of European Lawmakers Voted Against Letting Big Tech Read Our Messages. They’re Going to Anyway
5d ago
Madison Square Garden Kept a List of Gay Celebrities
5d ago
OnlyFans Models Are Accidentally Making Hacked Government Websites Disappear
6d ago
What Happens if China Hacks the US Water Supply? I Went to a Secret War Game to Find Out
6d ago
ICE’s Internal Watchdog Is Now Investigating Online Critics
8d ago
Security Roundup: Apple’s Hide My Email Service Fails to Hide Your Email
10d ago
EU Politicians Investigated Pegasus Spyware. Then It Ended Up on One of Their Phones
11d ago
Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival
13d ago
Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs
14d ago
Top Google Security Staff Warn Search Data Could Be Hacked if EU Rules Change
15d ago
Security News This Week: LastPass Users Had Their Data Stolen—Again
17d ago
The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials
18d ago
British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted
19d ago
Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed
21d ago
OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos
22d ago
World Cup Scams Are Getting Harder to Spot
22d ago
A Critical Deadline Is Approaching for Windows and Linux Security
23d ago
Hackers Claim to Leak Stolen Madison Square Garden Data
24d ago
20 loaded
TI
Technical Information Security Content & Discussion
3d ago · 281 items
Scanning malicious websites with arbitrary number of VPN tunnels (Part 2)
3d ago
Can AI-generated adversaries break TTP-based attribution? (arXiv 2026)
4d ago
Towards CSI: What's the best harness? (arXiv 2026)
4d ago
Suspected Russian Threat Actor Impersonates Legitimate Crypto Wallets to Deploy Remote Utilities
5d ago
1 in 2 devices sold in Africa exfiltrate data to China
6d ago
Inside an AI coal mine security camera network powered by plaintext passwords
6d ago
Drift Corpus: binary diffs of 240+ 2026 Windows kernel patches
6d ago
Bad Epoll: The bug missed by Mythos
6d ago
GitLost: a public GitHub issue can steer an org's Agentic Workflow into leaking private repo contents, and a one-word prefix ("Additionally") bypassed the threat-detection guardrail
7d ago
New OST2 class: "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!"
8d ago
Playing Around With ADIDNS RPC Internals
8d ago
Windows Service - Playbook & Detection Strategies
8d ago
It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza) - watchTowr Labs
12d ago
FIFA was saved this time
12d ago
/r/netsec's Q3 2026 Information Security Hiring Thread
12d ago
Privilege escalation to root in Lima QEMU guests via a world-writable agent socket (CVE-2026-53657)
13d ago
r/netsec monthly discussion & tool thread
13d ago
CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) - watchTowr Labs
14d ago
Auditing OpenReception: 16 CVEs in an end-to-end encrypted appointment booking platform (unauthenticated admin creation, account takeover, E2E bypass)
14d ago
Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs
15d ago
I tried a Local AI model (Qwen 3.6 27b) for security research and it works surprisingly well.
16d ago
Dissecting Apple's Sparse Image Format (ASIF)
16d ago
A peek into Reddit's anti-spam internals
17d ago
CVE-2025-52465 geoserver arbitrary file write vulnerability
19d ago
CargoWise WebTracker - The keys were in the cargo
19d ago
Exploiting vulnerabilities in Johnson & Johnson web apps
20d ago
Cloudflare patches Copy-Fail across every server in two days
21d ago
New Cisco RCE was fixed
21d ago
CVE-2026-25860 turn XSS to RCE
22d ago
Exploiting Auth0 Defaults in XSS Attacks - elttam
22d ago
Scanning malicious websites with 'infinite' number of VPN tunnels (Part 1)
23d ago
Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530
25d ago
OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099)
25d ago
Squidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration
25d ago
CVE-2026-5667: Unauthenticated Remote Control of Mitsubishi MAC-577IF-2E WiFi Adapters via Probe Request Reconnaissance
26d ago
Would you like some malware served at the very top of DuckDuckGo?
26d ago
Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update
26d ago
QoS Policies to Restrict EDR Traffic and Detection Strategies
27d ago
Getting a CVE Without Shipping Slop
27d ago
PrizeBuzz phishing network analysis
27d ago
27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth Bypass
27d ago
Empty-ciphertext panic in aws-encryption-provider (CVD with AWS)
28d ago
Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE
29d ago
SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon
29d ago
Researcher accidentally gained access to a threat actor-controlled phishing website
30d ago
PromptSnatcher: AdBlocker stealing Ai Chats - 90k installs
30d ago
MeshCentral: From XSS to RCE
30d ago
Getting the PID from random numbers in PHP
31d ago
The Axios npm compromise was visible in registry metadata before anyone ran npm install
31d ago
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) - watchTowr Labs
31d ago
Free Compromise Detection for GitHub Repos - Tracebit Community Edition
32d ago
Major AI Clients Shipping With Broken OAuth Implementations (JUNE 2026 UPDATE)
32d ago
Old Passwords Die Hard: Abusing CREDHIST for offline credential recovery
32d ago
Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751) - watchTowr Labs
32d ago
Detecting AI-specific threats in Claude Enterprise from the Compliance API: a prefilter + LLM-as-judge pipeline with Sigma rules
33d ago
Claude Fable 5: mid-tier results on coding tasks
33d ago
Fable 5 and the analyst-AI threat model: what a Mythos-class model changes for security work
33d ago
Hacking Google with A.I. for $500,000
33d ago
Prompt injection: attacking the analyst's AI
33d ago
Pre-auth XXE → HTTP SSRF on ArubaOS 8.13.2 closed as "theoretical / no valid PoC" despite TCP pcap, sshd localhost log, and internal port scan — documenting for community review
34d ago
We post-trained a model for offensive security instead of teaching it to refuse
34d ago
How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026
34d ago
FedRAMP Penetration Testing: How to Pass Your ATO Review and Get Cloud Authorized Faster
34d ago
certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA"
34d ago
BlackSun - Defender for Endpoint on macOS
34d ago
GhostTrace – a Windows forensic scanner that finds what "Uninstall" leaves behind (22 modules, read-only, offline)
34d ago
Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam
34d ago
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
34d ago
Apple’s Siri-AI, or more shouting into the void about “private” agents
35d ago
Entra Agent ID from a Security Perspective
35d ago
X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection
35d ago
WinGet - Code Execution, Persistence and Detection Strategies
35d ago
I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue
35d ago
I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information
35d ago
AI Agents May Always Fall for Prompt Injections
35d ago
Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it
36d ago
EDRChoker: Choking The Telemetry Stream to Bypass Defenses
37d ago
PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware
37d ago
CVE-2026-46640: Developing payloads for Twig sandbox bypass
37d ago
Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption
39d ago
Keeping Secrets Out of Logs
39d ago
Unauthenticated RCE as QSECOFR via IBM i Management Central — port 5555, client-controlled verify flag, no credentials required (V7R4 and earlier)
39d ago
System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models
40d ago
Empty-ciphertext panic in aws-encryption-provider (CVD with AWS)
40d ago
Re:CACHE - Excessive reflection, type confusion, and 0-click SXSS on Next.js
40d ago
Enter the WasmForge: Compiling Sliver into WebAssembly
40d ago
Season VI of the US Games launches TOMORROW!
41d ago
EU CRA mandatory vulnerability reporting enters into force September 11, 2026 — what the 24-hour obligation requires
41d ago
Interesting- What LLM vuln research looks like
41d ago
Hacking your PC using your speaker without ever touching it
41d ago
Abusing iDEAL (Wero): how criminals weaponise legitimate payment links in phishing
41d ago
Golang code review notes II - elttam
41d ago
Using AI to Secure Its Generated Code Is a Ponzi Scheme
41d ago
Four coordinated npm supply chain campaigns active in May–June 2026 — TTPs, IOCs, and detection notes
42d ago
We Added a Detection Rule. We Were Not Expecting This.
42d ago
1-Click GitHub Token Stealing via a VSCode Bug
42d ago
Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild
42d ago
NuGet Code Execution As A Service
42d ago
Blind POST SSRF in phpBB 4.0.0-alhpa1 Web Push (CVD with phpBB)
42d ago
Dutch Police and NCSC dismantle 17-million-device botnet running on 200 servers seized from local hosting provider
43d ago
r/netsec monthly discussion & tool thread
43d ago
Poisoning Claude Code: One GitHub Issue to Break the Supply Chain
43d ago
Stealing Passwords via HTML Injection Under a Strict CSP
43d ago
Subnet discovery through multi-protocol TTL tracing
43d ago
ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding
44d ago
LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions
44d ago
Digital Trap: Iran Uses Selective Internet Restoration to Track and Arrest January Protesters
45d ago
A practical checklist for evaluating npm packages (supply chain attacks, slopsquatting, etc.)
45d ago
Introducing Keyhog: The First GPU Accelerated secret scanner
46d ago
OffensiveCon26 YouTube Playlist released
46d ago
1,001 IPs, 64 countries, one operation: mapping a botnet by its back end · HoneyLabs blog
46d ago
I evaluated 5 LLM agents on patching real-world CVEs. Here is what I found.
46d ago
Fooling around with encrypted reasoning blobs
46d ago
CALIF: An AI audit of FreeBSD
46d ago
CoreEvent GraphQL API – BOLA/IDOR exposing 10k+ records (PII, ticket QR codes) via unauthenticated queries
46d ago
The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN
47d ago
Visual Studio Extensions Revisited
47d ago
Threat Intel: Kemper Corporation Hit by ShinyHunters Salesforce Extortion Campaign (269k Accounts Ingested by HIBP)
47d ago
Drupal PostgreSQL SQL Injection: From SELECT-Only to RCE
47d ago
What scanners are actually trying against AI infrastructure
47d ago
Defense by accumulation
47d ago
New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault
48d ago
MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
48d ago
A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate
48d ago
HN Security - AI Reporter - Let's automate reporting in Burp Suite!
48d ago
Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records
48d ago
RCE in Strix Agent(Sandbox): A practical guide to prompt injections with impact
48d ago
Navigating Lax Load Balancers: When an Intersection Gets You Inside
49d ago
Encrypted DNS in 2026: DoH, DoT, DoQ and DoH3 protocol comparison — including DNS hijacking attack vectors and what each protocol actually prevents
49d ago
OTP lockout state leaked valid-code signal, enabling OLX account takeover
49d ago
How journalists rely on VPNs to protect press freedom
49d ago
Analyzing the Taiwan High-Speed Rail (THSR) TETRA incident (part 1)
49d ago
Update Starlette Now. New severe vulnerability dropped.
49d ago
The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire
49d ago
How credential brokering prevents AI agents from compromising credentials via prompt injection
50d ago
CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth
50d ago
Threat Intel: ShinyHunters Leaks 9.4GB Database of 7-Eleven Franchisee Systems Post-Extortion Refusal
50d ago
nmap on Linux: Guide to Network Scanning and Discovery
50d ago
Prompt Injection finally broke my brain a little. My first article as a security student.
51d ago
How to Use Claude AI: A Complete Technical Beginner's Guide
51d ago
Pardon MIE?: how Mythos did not bypass Apple MIE
52d ago
CVE-2026-9256 - "nginx-poolslip", another new vulnerability in the rewrite module
53d ago
AI Security CTF (free, open) - prompt injection, agent workflow hijacking, guardrail bypass - June 17-22
53d ago
Just added an interactive security map to my project NoEyes showing exactly what the server sees (and doesn't)
53d ago
Restoring Testability: Handling Complex Scenarios in Burp Suite with a Custom Extension
53d ago
Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets
53d ago
Data breach in name of protest
53d ago
pnpm 11 Might Finally Be a Better Default Than npm
53d ago
durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP | same Mini Shai-Hulud payload as last week's TanStack wave
54d ago
[Analysis] CISA contractor left AWS GovCloud admin keys, plaintext passwords, SAML certs, and Kubernetes configs on a public GitHub repo for 183 days — with secret scanning deliberately disabled
54d ago
GitHub Actions Cache Poisoning is eating open source
54d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
54d ago
CVE-2026-34474: Pre-auth credential disclosure in ZTE H298A / H108N via ETHCheat
54d ago
FatGid - FreeBSD 14.x kernel LPE
54d ago
Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082)
54d ago
GitHub ~3,800 internal repos compromised through a malicious VS Code extension
54d ago
The IBM X-Force Index 2026 explains all three in one finding.
54d ago
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era
55d ago
CVE-2026-45585: Windows BitLocker — YellowKey Recovery Bypass Analysis
55d ago
[ Removed by Reddit ]
55d ago
CVE-2026-34472: Pre-auth credential exposure and auth bypass in ZTE H188A V6 routers
55d ago
Iran Wants to Tax the Internet Flowing Through the Strait of Hormuz While Restricting Its Own Citizens Online
55d ago
The IBM X-Force Index 2026 explains all three in one finding.
55d ago
GitHub hit by a compromised VSCode extension
55d ago
When Filenames Become Attack Surfaces: Weaponizing NASA's CFITSIO Extended Filename Syntax
55d ago
We audited 12K n8n templates: most have critical vulnerabilities
55d ago
Veilgate - Deception proxy
55d ago
Sleeping Agent: Silent persistent C2 through Web Push
55d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
56d ago
How Storm-2949 turned a compromised identity into a cloud-wide breach
56d ago
Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments
56d ago
CVE-2026-34473: Pre-auth ZTE H-series router DoS via CGILua request-body parsing
56d ago
RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields
56d ago
New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)
56d ago
The quiet death of behavioral anti-bot and the pivot to hardware ZKPs
56d ago
AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems
57d ago
ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12.
57d ago
The down fall of bug bounties
57d ago
TanStack Supply Chain Attack (And How to Lock Down GitHub Actions)
57d ago
Attacking Cloud Service Providers (ACSP) - An interactive textbook on control-plane intrusion and breaking cross-tenant isolation
57d ago
Autonomous AI Penetration Testing with Consent-First Ethical Framework — Research Paper + Working Implementation
57d ago
Ansible security and compliance guide
58d ago
Instrumenting QT6 desktop apps with Frida - Part 2: Building the Bypass Chain
58d ago
AI-assisted cyberattacks are changing the threat landscape faster than most organizations realize.
59d ago
Microsoft MDASH found 16 Windows RCEs — here's exactly how the 100-agent pipeline works
59d ago
Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live
59d ago
North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems
60d ago
Automating code security reviews with Claude Mythos-level capabilities
60d ago
Instrumenting QT6 desktop apps with Frida - Part 1
60d ago
From Vercel Typosquatting to an Obfuscated macOS Malware Loader
60d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
61d ago
Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state
61d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
61d ago
CVE-2026-44338: Scanners Target PraisonAI Within Four Hours of Disclosure
61d ago
How to Check Computer Activity: 2026 Guide for Windows and Mac
61d ago
CVE-2026-42945 : NGINX Heap Buffer Overflow in rewrite module - Writeup and PoC
61d ago
Hunting the Behavior Behind npm Supply Chain Attacks
61d ago
WaSteal: 126 Chrome extensions, 148K installs, one Brazilian operator silently sending WhatsApp user data and ad cookies to its servers
61d ago
Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live
61d ago
On vendor disclosure timelines, bounty programme incentive misalignment, and the psychological contract
61d ago
/sbin/ping -G sweepmax has no bounds check on macOS: deterministic BSS out-of-bounds write, confirmed by Apple
61d ago
Apple's smbd has no FSCTL_SRV_COPYCHUNK limit enforcement: 256 bytes in, 64 GiB disk I/O out
61d ago
On-prem vs IaaS vs PaaS vs SaaS for self-hosted IAM (Keycloak case study)
62d ago
A stealth approach to Process Injection - EntryPoint Hijacking
62d ago
A year of Apple Security Bounty research — 16 closed findings, full disclosure
62d ago
AI-Coded App Vulnerability Checklist - 33 LLM-specific items with detection methods
62d ago
Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
63d ago
The Algorithm Goes to War: Inside the AI Cyberweapon Revolution That Governments Cannot Stop
63d ago
Malicious Coding Agent Skills and the Risk of Dynamic Context | Datadog Security Labs
63d ago
AI Vulnerability Research and the Fuzzer Era Déjà Vu
63d ago
I spent a weekend trying to get OpenClaw to leak my own personal data and it caught me immediately...
63d ago
Curl lead developer Daniel Stenberg provides insightful feedbacks from Mythos analysis results
63d ago
New ipTIME Pre-Auth RCE in CWMP
63d ago
Postmortem: TanStack npm supply-chain compromise
63d ago
How do Fortune 10 SOCs handle incident response with 15 people instead of 150? Energy-Based Models.
63d ago
OpenAI announces Daybreak, "frontier AI for defenders"
63d ago
GhostLock: SMB Deny-Share Handles as a Zero-Privilege Availability Weapon
63d ago
How I Defeat Passkeys Nearly Every Time in Phishing Assessments
64d ago
MyAudi app:Security issues in Audi Connected Vehicle experience
64d ago
Giving Claude Code Full Control of a Hardware Fault Injection Setup to Bypass Secure Boot
64d ago
Mythos, MOAK, CTEM and the End of CVE Chasing
64d ago
Autonomous Vulnerability Hunting with MCP
64d ago
ShinyHunters / AT&T ransom payment traced on-chain — paper draft, seeking arXiv cs.CR endorsement
65d ago
Data in Use Protection: How MPC Keeps Inputs Hidden from the Cloud - Stoffel - MPC Made Simple
65d ago
The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.
65d ago
Outrunning SHA256 with Physics
65d ago
Memory Poisoning AI Agents via ChromaDB
66d ago
Defence in Depth: A Practical Secure Corporate Network Topology
66d ago
Technical Analysis of EagleSpy V6.0 (CraxsRAT Rebrand) Distributed Through Odysee and Telegram
66d ago
Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More)
66d ago
Seclens: Role-specific Evaluation of LLM's for security vulnerablity detection
66d ago
Securing CI/CD for an open source project: lessons from Cilium
66d ago
ShinyHunters breached Canvas/Instructure — 275M student records stolen from 8,809 schools, ransom deadline May 12
67d ago
Needle crypto-stealer C2 analysis: API key embedded in plain text inside the Rust malware unlocked 1,932 victims and the operator's withdrawal config
67d ago
Copy Fail (CVE-2026-31431): A Technical Deep Dive
67d ago
Kernel LPE Vulnerability Published Early Due To Third-Party Breaking Embargo
67d ago
Dirty Frag - Linux LPE similiar to Copy Fail
68d ago
Honey Tokens: Bait Credentials That Catch Breaches
68d ago
CVE-2026-42511 Breakdown: RCE in FreeBSD
68d ago
Bypassing Bitlocker under 5 min using downgrade attack on CVE-2025-48804
68d ago
An AI security auditor that red-teams PRs to find exploits, not just patterns (open-source + Ollama support)
68d ago
Approve Once, Exploit Forever: The Trust Persistence Problem in Claude Code, Codex and Gemini-CLI
68d ago
Quacc++: Automated Open Source Vulnerability Discovery
68d ago
Binance fixed the IP whitelist gap — but the disclosure process is still broken
69d ago
Non-Determinism of Maps in Golang: Why, How, and the Consequences
69d ago
pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI
69d ago
Vulnerability Garden
69d ago
Scan. Secure. Simplify. — Free Web Tools Platform
70d ago
Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026–7482)
70d ago
Salesforce pentesting novel techniques- how to be an apex predator
70d ago
DigiCert: Misissued code signing certificates
70d ago
Major AI Clients Shipping With Broken OAuth Implementations
70d ago
HN Security - Extending Burp Suite for fun and profit – The Montoya way – Part 10
70d ago
Ghosts of Encryption Past – How we Read All Your Emails in Salesforce Marketing Cloud
70d ago
The Danger of Multi-SSO AWS Cognito User Pools
70d ago
Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
70d ago
Proton Pass: Second-Password Bypass Through Emergency Access
70d ago
We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don't bother
70d ago
Lateral Movement - Cross-Session Activation
71d ago
"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts
71d ago
Your vibe-coded app is probably violating GDPR right now
71d ago
Acoustic Keystroke Recovery - Reconstructing Typed Text from a Laptop Microphone (Full Guide, 85% success rate)
72d ago
How to exfiltrate data using only numeric outputs
73d ago
For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall.
73d ago
Every incident public companies have disclosed to the SEC, in one searchable database
73d ago
r/netsec monthly discussion & tool thread
74d ago
Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster
74d ago
Seventeen vulnerabilities in Omi, fourteen days of silence
75d ago
High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)
75d ago
Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root
75d ago
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs
76d ago
The Thymeleaf Template Injection That Only Hurts If You Let It
76d ago
Set up automated dependency scanning after the recent npm/PyPI supply chain attacks
76d ago
A Route to Root in a 4G Industrial Router
76d ago
[Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses)
77d ago
The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords
77d ago
89 vulnerabilities in XAPI / Citrix XenServer
77d ago
[ Removed by Reddit ]
77d ago
Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025)
78d ago
Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary
78d ago
MCPwned: a Burp Suite extension for auditing MCP servers
78d ago
281 loaded
IP
IppSec
3d ago · 15 items
HackTheBox - CCTV
3d ago
HackTheBox - DevArea
10d ago
HackTheBox - WingData
17d ago
HackTheBox - Nanocorp
24d ago
HackTheBox - VariaType
31d ago
HackTheBox - Facts
38d ago
HackTheBox - Interpreter
45d ago
HackTheBox - MonitorsFour
52d ago
HackTheBox - Pterodactyl
59d ago
HackTheBox - Overwatch
66d ago
HackTheBox - Sorcery
80d ago
HackTheBox - AirTouch
87d ago
HackThebox - Eighteen
94d ago
HackTheBox - DarkZero
101d ago
HackTheBox - Browsed
108d ago
15 loaded
TC
The Cyber Mentor
4d ago · 15 items
Soft Skills for the Job Market: Applying for Jobs
4d ago
LIVE: 1 Million Subscribers | DEF CON/Summer Camp Giveaway
6d ago
Celebrating 1 Million Subscribers on July 8th!
12d ago
Real Folks of Cyber | Pearce Barry | Day in the Life
18d ago
Getting Started with the TCM Security Academy
19d ago
Soft Skills for the Job Market: Resume Writing
25d ago
TCM Security Summer Sale is Here!
28d ago
LIVE: 🕵️ CTF Prize Draw | Cybersecurity
33d ago
Secrets to PNPT Debrief Success
35d ago
TCM Security CTF Walkthrough
39d ago
Top 5 Active Directory Pentesting Tools
42d ago
Real Folks of Cyber | Dan Berger | Day in the Life
47d ago
Soft Skills for the Job Market: Communication
53d ago
LIVE: 🕵️ HTB Sherlocks! | Cybersecurity | Blue Team
61d ago
A Quick Way to Prove Your Cybersecurity Skillset!
63d ago
15 loaded
HS
Heimdal Security Blog
4d ago · 15 items
Top 6 Managed Detection and Response Providers
4d ago
There are several major managed detection and response (MDR) companies to choose from. We’ve compared the main offerings of the best MDR providers to help you decide which is right for your organisation. Maybe it was a near miss, or a secur...
Cyber-Aware Customers Are Raising the Bar for MSPs and Other Vendors
6d ago
Your client is no longer just buying your security advice. They’re auditing whether you live by it. That was a clear message from my exclusive interview with Heather MacDonald Alford, an MSP finance specialist and owner of Counting Creators...
How to scale your patches without scaling your team (the patch wave)
11d ago
Most breaches don’t start with a vulnerability nobody knew about. They start with one nobody patched in time. Vulnerability exploitation is now the single biggest way attackers get into a network. It has overtaken stolen credentials for the...
AI didn’t break patching. It showed us patching was already broken.
11d ago
Claude Mythos, an AI model from Anthropic, has found 23,019 software vulnerabilities in the past month. Fewer than 1% of them have been patched. That gap is the story. Finding a vulnerability used to be the hard part, the thing that limited...
Heimdal Launches MSP Onboarding Wizard to Help Partners Onboard Microsoft CSP Customers in 2 Minutes
13d ago
New feature reduces manual setup, speeds up customer activation, and helps MSPs scale Microsoft CSP estates with less operational work.
How Dynamic Defense shuts an attacker out without shutting down the business
18d ago
AI has handed hackers a resource advantage. Winning it back means spending your own resources far more precisely, and that’s the strategy we call Dynamic Defense. The principle is simple. Contain the threat just enough, for just long enough...
Static security has run out of road. The case for Dynamic Defense
18d ago
AI has flipped the economics of cybersecurity in the attacker’s favor. For most of the last decade, defenders held the cost advantage, buying down their risk with a stack of largely static controls. That advantage is gone, and winning it ba...
Breaking the MSP Echo Chamber: The Power of Community
20d ago
MSPs spend too much time talking to other MSPs and not enough time talking to the people they’re supposed to serve. That’s Paul Croker’s view of some of the channel’s biggest growth problems. While most industry events bring technology prof...
How attackers built a RAT on a Windows machine using its own .NET compiler
22d ago
In May 2026 an attacker compromised a UK medical practice endpoint without delivering a single malicious file. They used PowerShell and the .NET compiler built into Windows to build a Remcos remote access trojan on the machine itself, so si...
Attacker enables RDP, creates admin, erases evidence in ten seconds
22d ago
At 06:34am on 2 June 2026, an attacker logged on to a customer’s network. In a single automated burst, they switched on remote desktop and created a rogue administrator account. And deleted the evidence behind them. The intrusion reached 34...
The State of AI Risk Management in 2026
28d ago
Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It
29d ago
Your Next Insider Threat May Be an AI Coworker
32d ago
The OSI Model and Its Two Missing Layers
32d ago
Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification
36d ago
15 loaded
CY
CyberScoop
4d ago · 130 items
Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail
4d ago
Interpol cybercrime crackdown nets 5,800 arrests across 97 countries
5d ago
764 splinter group leader sentenced to 40 years in jail
5d ago
French nonprofit starts global intelligence and research hub for AI cyber threats
6d ago
Found fast, fixed slow: The gap the AI clearinghouse must close
6d ago
Spain arrests suspected hacker linked to Russian hacktivist campaign
6d ago
Deepfake CSAM lawsuit against xAI, Grok expands
6d ago
Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities
7d ago
Proofpoint researchers said attackers targeted physics and engineering departments, and warn that the campaign is likely ongoing.
US Army websites defaced with pro-Kurdish sentiments, insults to Trump
8d ago
Sysdig clocks first documented case of agentic ransomware
8d ago
Finding vulnerabilities was never the hard part
8d ago
Someone infected a spyware probe overseer with spyware
11d ago
Alleged longstanding member of Scattered Spider extradited to US
12d ago
Researchers spot exploitation of another critical Oracle defect
13d ago
US lifting export control restrictions on Anthropic’s Mythos, Fable
13d ago
This phishing kit looks more like BEC-as-a-service
13d ago
Citrix patches a new NetScaler flaw with echoes of CitrixBleed
13d ago
Trump budget boss Russell Vought open to re-staffing CISA
13d ago
DHS to unveil replacement council for critical infrastructure cybersecurity
14d ago
How ransomware syndicates weaponize corporate-style organization
14d ago
Warner bill would create federally vetted list for secure, trustworthy AI agents
14d ago
Supreme Court approves mail-in ballots that arrive after Election Day
15d ago
Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling
15d ago
What the post-quantum executive order really demands of CISOs
15d ago
ATF cancels controversial commercial geolocation contract
18d ago
FCC passes new cybersecurity rules for emergency systems, undersea cables
19d ago
Federal court rules Trump election-focused executive order illegal
19d ago
Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract
19d ago
Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack
19d ago
Why patch directives only go so far
19d ago
Malicious hackers exploit Cisco zero-day for highest access level at communications service provider
20d ago
In a first, a court takedown goes after two cybercrime tools at once
20d ago
Open-source security is posing challenges governments can’t easily solve
20d ago
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
21d ago
Algerian man charged with running two cybercrime marketplaces
21d ago
Court rules SAVE database illegal, orders it dismantled
21d ago
Trump executive orders speed up post-quantum migration, boost industry
22d ago
Intel agencies: Frontier AI models will reshape cybersecurity faster than expected
22d ago
Authorities disrupt Evil Corp’s SocGholish botnet
25d ago
Congress tees up No FAKES Act, aiming at AI-generated deepfakes
25d ago
How software development’s speed obsession enabled TeamPCP’s chaos crusade
26d ago
Accenture shells out $4.18B on three companies in big industrial cybersecurity push
26d ago
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
27d ago
Lawmakers leery about Trump administration’s Anthropic order
27d ago
AI’s constant patching treadmill can be a security problem
27d ago
A case for how to shape ‘ingredient lists’ for AI models
28d ago
Google exposes China espionage group that’s been lurking in networks undetected since 2023
28d ago
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat
29d ago
Anthropic disables new models after government calls them a national security concern
31d ago
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
31d ago
US, France, and Italian authorities shut down massive deepfake porn site
32d ago
Conti ransomware group member pleads guilty, faces up to 20 years in prison
32d ago
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
32d ago
CyberCorps is adapting to AI. The budget isn’t keeping up.
32d ago
Russian national charged in connection with Void Blizzard espionage campaign
33d ago
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers
33d ago
CISA directive orders agencies to prioritize vulnerability patching in a new way
34d ago
Microsoft breaks Patch Tuesday record with 206 vulnerabilities
35d ago
Anthropic’s new model is Mythos on a leash
35d ago
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
35d ago
Cisco customers encounter another SD-WAN zero-day under attack
35d ago
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
36d ago
The AI security race needs accountability, not overregulation
36d ago
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
39d ago
Hill Dems hammer GOP for $250M CISA budget cut
39d ago
Your AI agent could become your biggest insider threat
40d ago
Inside the race to adapt to an AI-powered security world
40d ago
European authorities crack down on illegal streaming networks
40d ago
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
41d ago
DOD wants to integrate cyber in all operations, and integrate security into AI
42d ago
Trump administration releases scaled-back AI executive order
42d ago
Anthropic expanding access to Project Glasswing
42d ago
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
42d ago
Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight
43d ago
USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order
43d ago
Election threats are focused on campaign systems, not voting machines
43d ago
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
46d ago
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
46d ago
House panel poised to hold hearing centered on AI impact on cyber
47d ago
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
47d ago
Zapier fixes bug chain that researchers say risked widespread account takeover
47d ago
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
47d ago
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
47d ago
UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace
48d ago
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
48d ago
Apple open-sources quantum-resistant encryption code
49d ago
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
53d ago
Lawmakers from both parties say CISA cuts have gone too far
54d ago
Trump postpones executive order focused on AI security
54d ago
CISA chief frets about open-source vulnerabilities, delayed security improvements
54d ago
European authorities take down prolific cybercrime VPN service
54d ago
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
54d ago
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
54d ago
GitHub says internal repositories were impacted in poisoned VS Code extension attack
55d ago
CISA credential leak raises alarms, and Capitol Hill demands answers
55d ago
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
55d ago
Mini Shai-Hulud returns, compromising hundreds of npm packages
56d ago
Microsoft disrupts cybercrime service that abused software verification systems en masse
56d ago
AI might cut false positives, but it won’t stop the slop
56d ago
Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa
57d ago
The Canvas breach proved that prevention is no longer enough
57d ago
Former CISA nominee Sean Plankey named US CEO of defense startup
57d ago
Colorado governor commutes prison sentence for election denier Tina Peters
59d ago
Here’s how the FTC plans to enforce the Take It Down Act
60d ago
Cisco zero-day under ongoing attack by persistent threat group
60d ago
Pentagon cyber official calls advanced AI ‘revolutionary warfare’
60d ago
White House cyber official: identity security matters more than ever in the age of AI
60d ago
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
61d ago
Researchers say AI just broke every benchmark for autonomous cyber capability
61d ago
Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks
61d ago
DOJ releases legal rationale for nationwide voter data collection
61d ago
Weaponized AI: The new frontier of fraud and identity spoofing
62d ago
Daybreak is OpenAI’s answer to the AI arms race in cybersecurity
62d ago
‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack
62d ago
Major world economies spell out key elements of AI ‘ingredients list’
62d ago
Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical
62d ago
Google and Amnesty International teamed up to make it harder for spyware vendors to hide
63d ago
AI is separating the companies built to scale from the ones built to sell
63d ago
Instructure claims hackers returned stolen Canvas data after an extortion standoff
63d ago
Google spotted an AI-developed zero-day before attackers could use it
64d ago
The missing cybersecurity leader in small business
64d ago
Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments
67d ago
ShinyHunters claims nearly 9,000 schools affected by Canvas data breach
67d ago
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
67d ago
Ivanti customers confront yet another actively exploited zero-day
67d ago
Trump officials are steering a cybersecurity scholarship program toward AI
68d ago
American duo sentenced for hosting laptop farms for North Korean IT workers
68d ago
One House Democrat is pressing Commerce on the government’s spyware use
68d ago
A DOD contractor’s API flaw exposed military course data and service member records
68d ago
A critical Palo Alto PAN-OS zero-day is being exploited in the wild
69d ago
130 loaded
NE
NetworkChuck
4d ago · 15 items
LIVE AMA | Summer of CCNA | 07/09/2026
4d ago
Fable 5 is back.....run these prompts before July 12th
11d ago
shadow AI is terrifying
24d ago
Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026
25d ago
HTTPS Doesn't Hide This From Your ISP!!
26d ago
Cisco Just Showed the Future of Networking
26d ago
Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026
28d ago
I was wrong about VPNs
29d ago
Certification Questions | LIVE AMA | Summer of CCNA
39d ago
Hermes has a Home Assistant skill and it's unreal!
40d ago
FREE coffee at Cisco Live (I'm giving it away)
41d ago
Codex Lives In PowerShell Now
42d ago
I'm Moderating My First Panel… Come see me at Cisco Live
43d ago
Switching back to Windows?!?
43d ago
Who actually owns the AI in your company?
46d ago
15 loaded
CS
Cisco Security Advisory
6d ago · 20 items
Cisco Advance Notification for Publication of July 15, 2026, Security Advisories
6d ago
On July 15, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Identity Services Engine...
Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities
8d ago
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected devi...
Cisco Catalyst Center Arbitrary File Read Vulnerability
8d ago
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exp...
ClamAV Vulnerabilities Affecting Cisco Products: July 2026
11d ago
Multiple vulnerabilities in ClamAV could allow a remote attacker to cause a denial of service (DoS) condition, interrupting scanning operations. For more information about these vulnerabilities, see the Details section of this advisory. For...
Cisco Advance Notification for Publication of July 1, 2026, Security Advisories
13d ago
On July 1, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Catalyst Center Secure En...
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
13d ago
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery...
Cisco Finesse Remote File Inclusion Vulnerability
19d ago
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability ...
Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities
22d ago
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a c...
Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability
27d ago
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands....
Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability
27d ago
A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input v...
Cisco Webex App Open Redirect Vulnerability
27d ago
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
28d ago
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
28d ago
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
28d ago
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
31d ago
Cisco Webex Meetings Cross-Site Scripting Vulnerability
41d ago
Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability
55d ago
Cisco Secure Workload Unauthorized API Access Vulnerability
55d ago
Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability
55d ago
Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability
55d ago
20 loaded
WE
WeLiveSecurity
6d ago · 20 items
ESET Threat Report H1 2026
6d ago
Cyber readiness for SMBs: Getting the basics right
11d ago
This month in security with Tony Anscombe – June 2026 edition
14d ago
Inside the inbox: Why cybercriminals want to break into your email account
15d ago
SMB cyber readiness: the road to resilience starts here
18d ago
Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances
19d ago
ESET takes part in Operation Endgame to disrupt Amadey and Stealc
20d ago
Killing me gently: Inside Gentlemen’s EDR killer framework
26d ago
Protecting legacy OT systems against modern cyberthreats
27d ago
FishMonger’s arsenal upgraded: SprySOCKS for Windows
28d ago
EvilTokens: A phishing attack that doesn’t steal your password
29d ago
OceanLotus: From external espionage to domestic targeting
33d ago
Unpacking SMB cyber-readiness – and what makes or breaks it
34d ago
Cybercriminals: the 'auditors' you never hired
35d ago
Lessons for life: Why children’s data is a long-term identity risk
41d ago
This month in security with Tony Anscombe – May 2026 edition
46d ago
ESET APT Activity Report Q4 2025–Q1 2026
47d ago
What to consider before asking an AI chatbot for health advice
48d ago
BTMOB: A stealthy RAT burrowing deep into Android devices
49d ago
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
53d ago
20 loaded
HA
Hak5
6d ago · 15 items
Five Eyes Alert: The AI Deception Has Already Begun | Threat Wire
6d ago
Miasma Worm Source Code Leaked + What NPM v12 Means for Developers | Threat Wire
22d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
22d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
22d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
26d ago
Shark Jacked my LAN 🦈
27d ago
Developers React to the 105-Second Github Chain Reaction | Threat Wire
32d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
33d ago
Introducing Shark Jack Display 🦈
36d ago
The GitHub Leak Situation Just Got Worse | Threat Wire
47d ago
The Worm That Deletes Your Entire Computer | Threat Wire
53d ago
A TL;DR on Dirty Frag #cybersecurity #threatwire @endingwithali
53d ago
Google’s Silent AI Install: What They’re Hiding in Your Files #cybersecurity @endi
53d ago
🔴 [PAYLOAD REVIEW] WiFi Pineapple Pager 📟🍍
58d ago
🔴 [LIVE] Payload Review & 1M Subs!
61d ago
15 loaded
SE
Securelist
7d ago · 10 items
Threat landscape for industrial automation systems. Q1 2026
7d ago
This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.
When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website
8d ago
The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.
Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign
11d ago
An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake Stealer, to target organizations in Russia, Kazakhstan, and Brazil.
Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects
12d ago
Kaspersky Compromise Assessment specialists analyze trends from the service’s 2025 projects and provide tips on how to enhance your organization’s security.
The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign
13d ago
Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.
OpenClaw: risks for the users and how to mitigate them
13d ago
Researching OpenClaw vulnerabilities, malicious skills and other security issues with the popular agent, and providing tips on how to mitigate them.
ToddyCat: your hidden email assistant. Part 2
14d ago
An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.
The Gentlemen are knocking: сustom backdoors and evolving tactics
15d ago
Kaspersky researchers analyze incidents related to The Gentlemen RaaS group, disclose their tools and TTPs, and find a new ransomware variant.
Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk
18d ago
Analysis of CVE-2024-2658 as found in Schneider Electric’s Floating License Manager. Discover how this FlexNet Publisher vulnerability potentially allows attackers to escalate to NT AUTHORITY\SYSTEM privileges and expand their foothold; lea...
Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools
19d ago
Kaspersky researchers analyze the threat landscape for SMBs in 2026: the rise of attacks involving fake AI tools, phishing schemes, and data sold on the dark web.
TL
The Last Watchdog
12d ago · 29 items
News alert: Link11 launches faster DDoS mitigation to counter AI-driven, adaptive network attacks
12d ago
FRANKFURT, July 1, 2026, CyberNewswire – Link11, a leading European provider of cloud-based cybersecurity solutions, today announced the launch of its completely rebuilt Layer 3/4 DDoS mitigation solution, designed to address the growing ...
News alert: Reflectiz partners with Taboola to host webinar on AI-driven marketing security risks
14d ago
BOSTON, June 30, 2026, CyberNewswire – Reflectiz, the web exposure management platform, today announced a live webinar with Taboola, "Securing Third-Party Marketing in the AI Era," taking place July 8 at 9 AM EDT / 3 PM CEST. Every market...
News alert: OpenMatter launches platform to verify AI activity across enterprise systems
14d ago
MELBOURNE, Fla., June 30, 2026, CyberNewswire – OpenMatter Network today announced the launch of its cryptographically verifiable platform for secure collaboration and AI governance, built on a simple premise: Don't Trust Data. Prove It. ...
News alert: SpyCloud report finds phishing surge exposing employee data at Fortune 100 companies
27d ago
AUSTIN, Tex., June 17, 2026, CyberNewswireŌĆōSpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enter...
News alert: Heimdal study finds executives are more confident than frontline IT teams on AI risk
27d ago
LONDON, June 17, 2026, CyberNewswire–Heimdal today published The State of AI Risk Management in 2026, a survey of 1,000 IT professionals across the United Kingdom and the United States. The report's headline finding is a divide inside the...
News alert: Aembit secures Copilot Studio agents with identity-based access controls and audit trails
27d ago
LAS VEGAS, June 16, 2026, CyberNewswire–Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft's enterprise AI agent platform. The integration, unveiled at Identivers...
News alert: GitGuardian adds endpoint protection as developer laptops become credential troves
28d ago
NEW YORK, June 16, 2026, CyberNewswire–GitGuardian announced today that it is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NHI) security platform coverage to developer workstations. After 12 mon...
News alert: Varist announces AI-scale malware detection for healthcare and medical imaging
28d ago
REYKJAVIK, Iceland, June 16, 2026 — Varist today introduced its DICOM Detection Engine™, a specialized system designed to safeguard electronic health records (EHR) and picture archiving and communication systems (PACS) from all known ma...
News alert: Cloud security report finds fragmented tools widening the cloud complexity gap
34d ago
News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces
41d ago
FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential
42d ago
News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit
46d ago
GUEST ESSAY: AI pipelines are shattering network security — most companies haven’t even noticed yet
49d ago
GUEST ESSAY: AI can speed up communication, but it can also weaken human connection
55d ago
News alert: Orchid Security study finds invisible identities now outnumber managed accounts
56d ago
MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech stack
57d ago
LW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push back
62d ago
FIRESIDE CHAT: Cyber insurers deepen SMB security role as supply chain attacks spread
63d ago
News Alert: Lyrie.ai joins Anthropic verification program, unveils protocol for securing AI agents
64d ago
News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market
70d ago
SHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agents
75d ago
GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control
77d ago
FIRESIDE CHAT: Leaked secrets are now the go-to attack vector — and AI is accelerating exposures
78d ago
News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category
83d ago
Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one
85d ago
News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security
89d ago
GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags
91d ago
News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk
95d ago
FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense
98d ago
29 loaded
PN
Proofpoint News Feed
13d ago · 10 items
New Cargo Theft Surge: From Lobster Heists To Bourbon Warehouse Scams
13d ago
Cargo theft is evolving with cybercrime. Learn how organized crime is hijacking shipments—from a $400,000 lobster theft to a $500,000 bourbon heist—and what needs to be done.
Defending the Authentication Flow: Device Code Phishing with Selena Larson
14d ago
Host Caleb Tolin sits down with Selena Larson, Staff Threat Researcher and Lead, Intelligence Analysis and Strategy at Proofpoint and Host of the DISCARDED podcast, to discuss the mechanics of device code phishing and the widespread abuse o...
Proofpoint Joins the OpenAI Daybreak Cyber Partner Program to Advance Responsible AI-Powered Cyber Defense
22d ago
Proofpoint has been selected to participate in OpenAI Daybreak, which helps trusted cybersecurity companies integrate AI into defensive security operations. Through the OpenAI Daybreak Cyber
OpenAI Lets Cyber Vendors Embed GPT-5.5 in Defenses
22d ago
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
35d ago
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
40d ago
Proofpoint Introduces Active Exploits Protection to Help Organizations Prioritize Vulnerability Patching for Real-World Attacks in the AI Era
48d ago
New solution reduces exposure to actively exploited vulnerabilities in minutes by turning intelligence into immediate protection across primary attack paths Disrupts AI-powered exploit-
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
53d ago
Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude
54d ago
New product integrations bring data protection, insider risk detection, and governance into Claude Enterprise and Claude Platform activity Organizations gain unified visibility across
Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America
62d ago
New MSP Platform business unit, AI-powered all-in-one Microsoft 365 protection, and Marketplace partnership with Pax8 strengthen Proofpoint’s commitment to channel and small and mid-size
CD
Cyber Defense Magazine
13d ago · 82 items
The Chaya_006 Alert: OT Edge Devices Under Fire
13d ago
Nissan Americas Hit in Global Oracle PeopleSoft Data Breach
14d ago
CISA Warns Attackers Are Targeting Critical Internal Business Platforms
15d ago
Return On Risk: The New Measure Of Cyber Resilience
16d ago
Path to StateRAMP
16d ago
Rethinking Identity Security In The Age Of AI Driven Fraud
17d ago
New Age Insider Risk
17d ago
Openclaw And The Agentic AI Inflection Point: From “Cool Demo” To Governed Infrastructure
18d ago
Reasonable Reliance: The Test Duty-Holders Are Quietly Being Held To
18d ago
The Moment Of Reliance: The Question Safety Governance Cannot Currently Answer
19d ago
The New Face Of Fraud: Why AI Is Making Older Adults The Primary Target
19d ago
NSA Urges Cyberthreat Timeline Has Compressed From Years to Months
19d ago
Governance Is Failing: Why Converged Digital Risk Is Outpacing Every Control We Have
20d ago
Invisible By Design: Making Quantum-Safe Encryption The Easy Path
20d ago
Magecart Evolves and Attackers Weaponize Ethereum Blockchain for Digital Skimming
20d ago
Innovator Spotlight: NAKIVO
21d ago
Cybersecurity Outsourcing. Beyond Cost
21d ago
Inside The Rising Cyber Risk To Insurers: Why Insurance Companies Are Now Prime Targets
21d ago
Supply Chain Compromise: Nintendo Vendor Breach Exposes Internal Data
21d ago
Data Breach with Eastman Kodak Company
21d ago
The World Cup Is Here… And So Are The Cyber Risks
22d ago
Cloud Managed Services For Modern Cybersecurity To Secure Cloud
22d ago
Exploring The 2025 Cyber Threat Landscape: Analysis From The IT And Food And Agriculture Sectors
23d ago
The Shadow AI Paradox: Governing Innovation At Machine Speed
24d ago
Innovator Spotlight: Ensemble
24d ago
Innovator Spotlight: Centrii
24d ago
NSPM-12: The New Baseline for National Security Cybersecurity
25d ago
Five Compliance Realities Federal Contractors Can’t Ignore
26d ago
Cyber Security Market Insights & Trends Driving The Next Wave Of Protection
27d ago
AI is Not Solving Cybersecurity Burnout Yet, New ISSA and Omdia Research Warns
28d ago
Crypto’s Biggest Unresolved Risk Is Not Theft Of Assets, It’s The Collapse Of Identity Certainty In Financial Transactions
28d ago
Could GPU-Accelerated EDR Improve The Future Of Endpoint Detection?
29d ago
CMMC Is Exposing A Major Gap In The Defense Supply Chain
30d ago
Zero Trust For AI In Defense Networks
31d ago
Why Most Cyber Resilience Programs Fail Before The First Incident
32d ago
Breaking Free Of The Cyber Insurance Market’s Moment Of Frustration
33d ago
What The Cybersecurity Industry Knows And Will Not Say
34d ago
Rethinking Access Governance for AI Agents
35d ago
How CIAM Helps Boost Business
36d ago
World Cloud Security Day
36d ago
CMMC Is Here, But AI Changes The Compliance Conversation
37d ago
Cybersecurity Improved Detection But Exposed a New Problem
38d ago
Innovator Spotlight: Airrived
39d ago
Cloud Security In Practice
39d ago
Segment With Purpose: A Zero Trust Blueprint For OT Network Segmentation In Manufacturing
40d ago
The Expanding Attack Surface And How Identity Is Now The Primary Breach Vector
41d ago
Officials Confirm Early Rollout Of CMMC Requirements At CMMC Northeast Summit
42d ago
Why Is Cybersecurity Now A Business Priority, Not Just An IT Function?
58d ago
The Security Mistakes Being Repeated With Ai
59d ago
The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract
60d ago
Innovator Spotlight: Klever Compliance
60d ago
Innovator Spotlight: Radware
60d ago
Innovator Spotlight: JScrambler
61d ago
Innovators Spotlight: OPSWAT
61d ago
The Board Is Asking The Wrong Security Question
62d ago
Synthetic Identity Fraud Requires An Equal Focus On Biometrics And Document Verification
63d ago
Innovator Spotlight: Iru
63d ago
Innovator Spotlight: Axonius
64d ago
Security In The AI Era: Why Compliance, Infrastructure, And Platform Security Must Converge
64d ago
The SMB Cybersecurity Gap: Why Small Businesses Are The Fastest-Growing Attack Surface
64d ago
Fighting Fire With Fire: Future-Proofing The Cybersecurity Workforce With AI
65d ago
Innovator Spotlight: Lineaje
65d ago
Why Vulnerability Scanning Is Not Penetration Testing, And Why Cisos Should Care
67d ago
Bouncing Back from Cyberattacks: How Fast Recovery Is Mastered
68d ago
When AI Stops Assisting And Starts Discovering: What Claude Mythos Preview Means For Cybersecurity
68d ago
Innovators Spotlight: Badge (Part II)
69d ago
Redefining Security Operations Through Seceon’s Open Threat Management Platform
69d ago
The Insurance Industry Is Rewriting Cybersecurity Strategy
70d ago
Securing The AI-Enabled Workforce: The Next Evolution Of Human Risk Management
71d ago
Ai Didn’t Break Cybersecurity, It Revealed It
72d ago
RSAC 2026: The Power of Community
73d ago
Inside RSAC 2026
74d ago
Innovator Spotlight: The Open Group
75d ago
Preparing For Hybrid Warfare: Actions To Take When The Cloud Goes Dark
75d ago
Operationalizing Cyber Resilience: A Practitioner’s Framework for Real-World Security Constraints
76d ago
Innovator Spotlight: Puneet Bhatnagar
77d ago
Cybersecurity Risks in 2026
77d ago
Retro-Coding and the Roots of Logic: Why The Byte Brothers: Program a Problem Still Matters
77d ago
Innovator Spotlight: TokenCore
78d ago
Platform Engineering: The Rise of a Disciplinary Rethink
78d ago
60% Of Cyberattacks Are Identity Based — Is Identity First A Bad Idea?
78d ago
From Threat Detection To Decision Intelligence: Rethinking Modern Cyber Defense
79d ago
82 loaded
TM
Trend Micro Research, News, Perspectives
15d ago · 20 items
TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry
15d ago
From Langflow to Monero: Inside CVE-2026-33017 Cryptominer
21d ago
PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM
26d ago
Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign
27d ago
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
32d ago
GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026
34d ago
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
36d ago
Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet
43d ago
Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet
49d ago
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
53d ago
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
56d ago
Agentic Governance: Why It Matters Now
57d ago
Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft
62d ago
Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America
64d ago
What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do
65d ago
Supporting the National Cyber Strategy: How TrendAI™ Helps
69d ago
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise
70d ago
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
71d ago
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
75d ago
Kuse Web App Abused to Host Phishing Document
76d ago
20 loaded
DA
darkreading
18d ago · 104 items
Name That Toon Contest
18d ago
Europe Evolves Into Ransomware's Favorite Region
19d ago
Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure
19d ago
2026 FIFA World Cup Faces Surge in Cyber Threats
19d ago
Do CISOs Need a Code of Ethics?
20d ago
More Malicious OpenClaw Skills Threaten AI Supply Chain
20d ago
Apple's MacOS Gap Lets Users Disable Security Tools
20d ago
Scope of Salesforce Attacks Expands as Icarus Leaks Data
20d ago
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
21d ago
SocGholish Takedown Highlights Malicious TDS Threats
21d ago
FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
21d ago
DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories
21d ago
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
22d ago
He Thought He Was Secure; His Phone Number Was Stolen Anyway
22d ago
Stressors, AI Forcing Changes to Cybersecurity Teams
25d ago
Novo Nordisk Breach Highlights Software Development Pipeline Risk
26d ago
Operation Escaneo Signals Shift in LatAm Threat Landscape
26d ago
FIFA Bug Exposes World Cup Streams to Remote Takeover
26d ago
Salesforce Data Thefts Continue via Klue App Compromise
26d ago
Get Out of Security Debt by Tackling the Exposure Problem
26d ago
EU Gets a Head Start in Developing 6G Network Security
26d ago
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
31d ago
Claude Fable 5 Doesn't Change the Mythos Security Story
32d ago
Phishing Attack Volume Down 20%, But Risk Still Rising
32d ago
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
33d ago
Segmentation Works for OT If Operators Are Paying Attention
33d ago
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
33d ago
CISA Rewrites Federal Patching Requirements for AI Threat Era
33d ago
Bug Bounty Research Triggers ServiceNow Security Alert
34d ago
AI Risk Worries Insurers & Businesses Alike
34d ago
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet
34d ago
The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life
34d ago
Blame AI: Patch Tuesday Hits Record 206 CVEs
34d ago
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address
34d ago
Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
35d ago
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
35d ago
AI Slop Will Kill Cybersecurity Storytelling If We Let It
35d ago
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
35d ago
Check Point VPN Flaw Exploited Since Early May
35d ago
Iran Signed a Ceasefire — Its Hackers Didn't
36d ago
[An RX Global Event] Infosecurity Europe
42d ago
Name That Toon: Mark of (Cybersecurity) Progress
45d ago
Asia's Cyber Insurance Market Shows Signs of Life
46d ago
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
46d ago
'The Com' Cyberattacks Support Violence & Sexploitation
46d ago
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
46d ago
Dutch Raid Fails to Dent Russian Bulletproof Host
47d ago
Agentic AI Isn't Risky; the Way Orgs Deploy It Is
47d ago
Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security
47d ago
BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model
47d ago
Nordic CISOs Handle Rising Cyber Threats Remarkably Well
47d ago
Ransomware Actors Show Up In Person to Steal Law Firm Data
47d ago
Latin American Cybercriminals Hoover Up Government Data
48d ago
AI-Assisted Exploit Development Outpaces Scanner Detection
48d ago
Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
48d ago
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
49d ago
State Cyber Leaders Push Congress for More Funding, Support
49d ago
Shai-Hulud Hackers TeamPCP: Lucky or Skilled?
49d ago
For Enterprises, Security Remains Agentic AI's Biggest Challenge
49d ago
The Boring Stuff is Dangerous Now
57d ago
Can Laws Stop Deepfakes? South Korea Aims to Find Out
57d ago
Congress Puts Heat on Instructure After Canvas Outage
59d ago
Cyber Pioneers Ponder Past as Prologue
60d ago
Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
60d ago
SecurityScorecard Snags Driftnet to Level Up Threat Intelligence
60d ago
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
60d ago
'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine
61d ago
AI Drives Cybersecurity Investments, Widening 'Valley of Death'
61d ago
Foxconn Attack Highlights Manufacturing's Cyber Crisis
61d ago
Checkbox Assessments Aren't Fit to Measure Risk
61d ago
Attackers Weaponize RubyGems for Data Dead Drops
61d ago
Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
61d ago
Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape
62d ago
LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly
62d ago
China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm
62d ago
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
62d ago
Hugging Face Packages Weaponized With a Single File Tweak
63d ago
20 Leaders Who Built the CISO Era: 2 Decades of Change
63d ago
Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain
63d ago
How the Story of a USB Penetration Test Went Viral
70d ago
RMM Tools Fuel Stealthy Phishing Campaign
70d ago
Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
71d ago
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
71d ago
How Dark Reading Lifted Off the Launchpad in 2006
71d ago
76% of All Crypto Stolen in 2026 Is Now in North Korea
73d ago
If AI's So Smart, Why Does It Keep Deleting Production Databases?
74d ago
Name That Toon: Mark of (Security) Progress
74d ago
20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
74d ago
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
74d ago
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
74d ago
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
75d ago
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
75d ago
Claude Mythos Fears Startle Japan's Financial Services Sector
75d ago
Reverse Engineering With AI Unearths High-Severity GitHub Bug
76d ago
AI Finds 38 Security Flaws in Electronic Health Record Platform
76d ago
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
76d ago
Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities
76d ago
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
76d ago
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
76d ago
Feuding Ransomware Groups Leak Each Other's Data
76d ago
Vidar Rises to Top of Chaotic Infostealer Market
77d ago
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
77d ago
UNC6692 Combines Social Engineering, Malware, Cloud Abuse
77d ago
Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation
78d ago
104 loaded
M3
Microsoft 365 Blog
19d ago · 10 items
Copilot in Excel: Built for the era of Frontier Finance
19d ago
- Discover how Copilot in Excel transforms finance workflows with skills, data connectors, and capabilities for traceability.
Copilot Cowork is now generally available
28d ago
Copilot Cowork is now generally available worldwide, bringing secure, AI-powered automation for complex enterprise tasks in Microsoft 365.
Introducing Microsoft Scout: Your always-on personal agent
42d ago
Microsoft introduces a new, always-on personal agent, Microsoft Scout, integrated across the Microsoft 365 apps you use every day.
Announcing the new Work IQ APIs
42d ago
Build enterprise agents with Work IQ APIs for Microsoft 365—bringing business context, tools, and secure, scalable intelligence into every workflow.
Introducing Microsoft 365 Business with Copilot: The new standard for small business
47d ago
Meet Microsoft 365 Business with Copilot—the AI-powered solution transforming how small businesses work, collaborate, and compete.
Introducing a new design for Microsoft 365 Copilot
47d ago
Copilot’s redesigned experience delivers faster performance, adaptive tools, and clearer AI-powered workflows to help you easily move from intention to outcome.
New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences
49d ago
Explore what's new in Copilot Studio, May 2026: computer-using agents are now available, plus redesigned workflows and Work IQ extensibility.
New and improved: Agent governance, intelligent workflows, and connected app experiences
64d ago
See what's new in Copilot Studio, April 2026: updates to workflows, more control over agent operations, and an expanded agent usage estimator.
Copilot Cowork: From conversation to action across skills, integrations, and devices
70d ago
Today, we’re announcing additional capabilities in Cowork to expand on what it can make possible for you.
Microsoft 365 Copilot, human agency, and the opportunity for every organization
70d ago
Empower your organization with Microsoft 365 Copilot—AI that bridges human potential and business outcomes for the future of work.
AL
Alerts
26d ago · 44 items
CISA Adds One Known Exploited Vulnerability to Catalog
26d ago
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
26d ago
CISA Adds One Known Exploited Vulnerability to Catalog
28d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
29d ago
CISA Adds One Known Exploited Vulnerability to Catalog
32d ago
CISA Adds One Known Exploited Vulnerability to Catalog
33d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
35d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
36d ago
CISA Adds One Known Exploited Vulnerability to Catalog
39d ago
CISA Adds One Known Exploited Vulnerability to Catalog
41d ago
CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation.
CISA Adds Two Known Exploited Vulnerabilities to Catalog
42d ago
CISA Adds One Known Exploited Vulnerability to Catalog
43d ago
CISA Adds One Known Exploited Vulnerability to Catalog
46d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
47d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
48d ago
CISA Adds One Known Exploited Vulnerability to Catalog
49d ago
CISA Adds One Known Exploited Vulnerability to Catalog
53d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
54d ago
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
55d ago
CISA Adds One Known Exploited Vulnerability to Catalog
60d ago
CISA Adds One Known Exploited Vulnerability to Catalog
61d ago
CISA Adds One Known Exploited Vulnerability to Catalog
67d ago
CISA Adds One Known Exploited Vulnerability to Catalog
68d ago
CISA Adds One Known Exploited Vulnerability to Catalog
69d ago
CISA Adds One Known Exploited Vulnerability to Catalog
74d ago
CISA Adds One Known Exploited Vulnerability to Catalog
75d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
77d ago
CISA Adds Four Known Exploited Vulnerabilities to Catalog
81d ago
CISA Adds One Known Exploited Vulnerability to Catalog
82d ago
CISA Adds One Known Exploited Vulnerability to Catalog
83d ago
Supply Chain Compromise Impacts Axios Node Package Manager
85d ago
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
85d ago
CISA Adds One Known Exploited Vulnerability to Catalog
89d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
91d ago
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
92d ago
CISA Adds One Known Exploited Vulnerability to Catalog
97d ago
CISA Adds One Known Exploited Vulnerability to Catalog
99d ago
CISA Adds One Known Exploited Vulnerability to Catalog
103d ago
CISA Adds One Known Exploited Vulnerability to Catalog
104d ago
CISA Adds One Known Exploited Vulnerability to Catalog
106d ago
CISA Adds One Known Exploited Vulnerability to Catalog
109d ago
CISA Adds One Known Exploited Vulnerability to Catalog
110d ago
CISA Adds One Known Exploited Vulnerability to Catalog
111d ago
CISA Adds Five Known Exploited Vulnerabilities to Catalog
116d ago
44 loaded
AC
All CISA Advisories
26d ago · 125 items
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
26d ago
CISA Adds One Known Exploited Vulnerability to Catalog
26d ago
Schneider Electric EasyLogic T150 and Saitel DP
26d ago
AVer PTC cameras
26d ago
Rockwell Automation FactoryTalk Historian Site Edition
26d ago
AzeoTech DAQFactory
26d ago
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products
26d ago
Mitsubishi Electric MELSEC iQ-F Series
26d ago
Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module
26d ago
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
26d ago
Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP
28d ago
Rockwell Automation RSLinx
28d ago
Rockwell Automation FLEX I/O EtherNet/IP Adapters
28d ago
Rockwell Automation FactoryTalk Analytics PavilionX
28d ago
Rockwell Automation CompactLogix
28d ago
CISA Adds One Known Exploited Vulnerability to Catalog
28d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
29d ago
CISA Adds One Known Exploited Vulnerability to Catalog
32d ago
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
33d ago
Naxclow IoT Platform
33d ago
Brickcom Cameras
33d ago
CISA Adds One Known Exploited Vulnerability to Catalog
33d ago
Siemens KACO Blueplanet Inverters
35d ago
Schneider Electric EcoStruxure Panel Server
35d ago
Schneider Electric Modicon Network Managed Switches
35d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
35d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
36d ago
CISA Adds One Known Exploited Vulnerability to Catalog
39d ago
NAVTOR NavBox
40d ago
Hitachi Energy MACH HiDraw
40d ago
Hitachi Energy ITT600 Explorer
40d ago
B&R PPT30 Operating System
40d ago
Hitachi Energy RTU500
40d ago
CISA Adds One Known Exploited Vulnerability to Catalog
41d ago
CISA and Partners Urge Hardening Automatic Tank Gauge Systems
42d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
42d ago
CISA Adds One Known Exploited Vulnerability to Catalog
43d ago
CISA Adds One Known Exploited Vulnerability to Catalog
46d ago
ABB EIBPORT
47d ago
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
47d ago
ABB Busch-Welcome 2 Wire Door Opener Actuator
47d ago
Fourth Frontier Frontier X Mobile Application, Frontier X2
47d ago
CP Plus 8 Ch. Network Video Recorder
47d ago
XCharge C6
47d ago
KMW CCTV Security Cameras
47d ago
MacGregor Voyage Data Recorder (VDR) G4e
47d ago
Schnieider Electric EcoStruxure Machine Expert HVAC
47d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
47d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
48d ago
ABB Terra AC
49d ago
ABB LVS MConfig
49d ago
ABB Ability Camera Connect
49d ago
Eppendorf BioFlo 320
49d ago
ABB AbilityTM Zenon Remote Transport Vulnerability
49d ago
ABB AC500 V2
49d ago
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
49d ago
CISA Adds One Known Exploited Vulnerability to Catalog
49d ago
CISA Adds One Known Exploited Vulnerability to Catalog
53d ago
ABB Terra AC Wallbox
54d ago
Hitachi Energy GMS600
54d ago
ABB B&R Automation Studio
54d ago
ABB B&R Automation Runtime
54d ago
ABB B&R PCs
54d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
54d ago
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
55d ago
Kieback & Peter DDC Building Controllers
56d ago
Siemens RUGGEDCOM APE1808 Devices
56d ago
ABB CoreSense HM and CoreSense M10
56d ago
ScadaBR
56d ago
ZKTeco CCTV Cameras
56d ago
CISA Adds One Known Exploited Vulnerability to Catalog
60d ago
Siemens Siemens ROS#
61d ago
Siemens gWAP
61d ago
Siemens SIMATIC
61d ago
Siemens Ruggedcom Rox
61d ago
Siemens Ruggedcom Rox
61d ago
Siemens Simcenter Femap
61d ago
Universal Robots Polyscope 5
61d ago
Siemens Ruggedcom Rox
61d ago
Siemens Teamcenter
61d ago
Siemens Solid Edge
61d ago
Siemens SENTRON 7KT PAC1261 Data Manager
61d ago
Siemens Opcenter RDnL
61d ago
Siemens Ruggedcom Rox
61d ago
Siemens SIMATIC S7 PLC Web Server
61d ago
Siemens Industrial Devices
61d ago
Siemens SIMATIC
61d ago
Siemens SIPROTEC 5
61d ago
CISA Adds One Known Exploited Vulnerability to Catalog
61d ago
Software Bill of Materials for AI - Minimum Elements
63d ago
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
63d ago
Subnet Solutions PowerSYSTEM Center
63d ago
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
63d ago
ABB AC500 V3 Multiple Vulnerabilities
63d ago
ABB Automation Builder Gateway for Windows
63d ago
Fuji Electric Tellus
63d ago
CISA Adds One Known Exploited Vulnerability to Catalog
67d ago
CISA Adds One Known Exploited Vulnerability to Catalog
68d ago
MAXHUB Pivot Client Application
68d ago
CISA Adds One Known Exploited Vulnerability to Catalog
69d ago
ABB B&R Automation Studio
70d ago
ABB B&R Automation Runtime
70d ago
Hitachi Energy PCM600
70d ago
Johnson Controls CEM AC2000
70d ago
ABB B&R PVI
70d ago
CISA Adds One Known Exploited Vulnerability to Catalog
74d ago
Careful Adoption of Agentic AI Services
74d ago
ABB AWIN Gateways
75d ago
ABB Ability OPTIMAX
75d ago
ABB PCM600
75d ago
ABB Edgenius Management Portal
75d ago
CISA Adds One Known Exploited Vulnerability to Catalog
75d ago
ABB Ability Symphony Plus Engineering
75d ago
ABB System 800xA, Symphony Plus IEC 61850
75d ago
Adapting Zero Trust Principles to Operational Technology
76d ago
NSA GRASSMARLIN
77d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
77d ago
CISA Adds Four Known Exploited Vulnerabilities to Catalog
81d ago
SpiceJet Online Booking System
82d ago
Carlson Software VASCO-B GNSS Receiver
82d ago
Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
82d ago
Milesight Cameras
82d ago
Defending Against China-Nexus Covert Networks of Compromised Devices
82d ago
Yadea T5 Electric Bicycle
82d ago
Intrado 911 Emergency Gateway (EGW)
82d ago
125 loaded
CY
cybersecurity
33d ago · 1867 items
Any solutions we can use?
33d ago
Possible targeted attack
33d ago
RoguePlanet: Windows Zero-Day That Weaponizes Defender's Own Quarantine Pipeline
33d ago
Facebook messenger to text
33d ago
Managing Solution Agents
33d ago
Nottingham University data breach affects over 450,000 students
33d ago
SWGs that support 3rd party external DNS resolver
33d ago
Sub:jugation - Hijacking Cloud Identities by Recycling Namespaces in Global OIDC Issuers
33d ago
Chrome extensions with 10M+ installations are actively vulnerable to UXSS & UXSG
33d ago
Cybersecurity researchers aren't happy about the guardrails on Anthropic's Fable | TechCrunch
33d ago
Phishing awareness training resulting in ignoring company comms?
33d ago
How are you analyzing Android malware nowadays?
33d ago
Hackers Exploit Langflow Vulnerability for Remote Code Execution
33d ago
Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research
33d ago
NEED SOME GUIDANCE
33d ago
Help setting up local encryption on my pc
33d ago
Agentic AI on Cybersecurity
33d ago
DoD 0-days Typically Come Down to Authorization Failures
33d ago
HDD
33d ago
Plzz Helpp - Say you're trying to build a toolkit that checks for LLM vulnerability do y'all know any trustable datasets
33d ago
How can we test the firmware code/images security?
33d ago
20 years of Fancy Bear (APT28): How Russian military hackers evolved their tradecraft since 2004
33d ago
GitHub announces npm security changes to tackle supply-chain attacks
33d ago
The ‘Miasma’ worm source code briefly leaked on GitHub
33d ago
CISA Rewrites Federal Patching Requirements for AI Threat Era
33d ago
What is the difference between Regular TLS and Mutual TLS?
33d ago
Every employee's password was stored in a single Excel file
33d ago
npm v12 is changing how dependencies are installed to reduce supply-chain risk
33d ago
Why is Gartner Magic Quadrant treated like a procurement benchmark in South Asia?
33d ago
How good Microsoft Defender for storage?
33d ago
GreatXML bitlocker bypass vulnerability
33d ago
Struggle
33d ago
Did the work, got the certs, now I'm drowning. Should I keep labbing or go all-in on applications?
33d ago
Wiz launches Cloud Security Job Board
33d ago
Physical Project Ideas
33d ago
How can I get into cybersecurity while studying Information Systems Engineering?
33d ago
Cloud Security job board
33d ago
Continuous learning
33d ago
Angry bug hunter with Microsoft beef drops new Windows 0-day
33d ago
Mid-30s, stuck in web pentesting, and wondering what to do ?
34d ago
Streamline your Nmap triage: Interactive, single-file HTML reports from raw XM
34d ago
Is Microsoft Purview really secure when using Copilot?
34d ago
Banking app intentionally block some operations when connected to wifi due to "security reason" is this good or stupid feature?
34d ago
Nee academic references for Hashcat's 'Next Big Bang' log
34d ago
CISA released BOD 26-04: A new federal government vulnerability management strategy?
34d ago
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
34d ago
added Mac support to my corporate hacking sim. Demo now available on Steam
34d ago
Suche aktuelle IONOS Phishing .eml für eine technische Blog-Analyse (Header & Artefakte)
34d ago
Students' data taken in major University of Nottingham cyber-attack
34d ago
Has unmanaged external file sharing ever burned you?
34d ago
Anthropic released Claude Fable 5 yesterday. Public version of Mythos with cyber classifiers
34d ago
Need feedback on my presentation
34d ago
Compensating controls besides admin credentials being needed to download software on employee endpoints
34d ago
OpenSSL PKCS#7 CVE-2026-45447
34d ago
Presentation Question
34d ago
How to Stay Ahead of Deepfake Evolution in 2026
34d ago
France’s Government Messaging App Tchap Got Breached
34d ago
Where's the fix for MiniPlasma?
34d ago
ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances
34d ago
Internships
34d ago
Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
34d ago
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
34d ago
Looking for a Reliable Cybersecurity Provider for a School in North Sydney
34d ago
Early Operational Visibility
34d ago
how are you actually managing ai agents in production?
34d ago
Al app builders: How are you handling security questionnaires when selling your product?
34d ago
[ Removed by Reddit ]
34d ago
How are all of doing with THE AI model thats big news currently??
34d ago
Skill to Scan your Codebase
34d ago
Miasma-style supply chain attacks
34d ago
FCaptcha v1.12: Catching AI Agents That Drive Real Browsers
34d ago
Flooding invalid deauth frames still kicks PMF clients, tested on 3 Android phones
34d ago
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
34d ago
AI Malware Worm Adapts to New Targets in Real Time, Cybersecurity Experts Say
34d ago
Huntress Stack (MS Defender or SentinelOne)
34d ago
META DELETES FACE-RECOGNITION SYSTEM FROM ITS SMART GLASSES APP AFTER WIRED REPORT
34d ago
FBI is announcing Operation Riptide
34d ago
ServiceNow confirmed some customer instances were breached.
34d ago
Which are some of the best Cybersecurity / OT Security events that happen in GCC?
34d ago
DF/IR Community
34d ago
Chaotic Eclipse's new RoguePlanet
34d ago
Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace
34d ago
Thoughts on Automated Compliance?
35d ago
A fix for the Windows BitLocker bypass vulnerability dubbed "YellowKey" is available
35d ago
North Korean Hackers—Posing As Fake IT Workers—Behind Nearly Half Of All Tech Firm Attacks, Report Says
35d ago
Microsoft has released a patch for the bitlocker bypass
35d ago
Please advices
35d ago
soc analyst l1
35d ago
Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow
35d ago
Looking to move off KnowBe4, what are people actually using these days?
35d ago
Too Many Certs, Not Enough Experience — What’s the Best Next Step?
35d ago
Authenticating ARP and NDP
35d ago
Does anyone use rule feeds in 2026?
35d ago
Building a tactical Pelican case for my Flipper Zero + AIO setup. Looking for advanced tool and script recommendations!
35d ago
Need a vm for practice
35d ago
Tips/Tricks to WFH as a SOC Analyst?
35d ago
Cybersecurity statistics of the week (June 1st - June 7th)
35d ago
Where can GRC folks learn practical AppSec / DevSecOps without going full engineer?
35d ago
I almost got “onboarded” into a malware campaign disguised as a job opportunity.
35d ago
University of Toronto proof-of-concept AI worm spread to 62% of a test network in 7 days using a free open-weight model
35d ago
AI Blocklist - help
35d ago
Protecting AI workloads on Linux servers
35d ago
Exposing DoNex Ransomware Secrets with Malcore!
35d ago
What are the different Disaster Recovery scenarios your teams have tested on?
35d ago
someone actually leaked the Miasma supply chain attack toolkit source code on github
35d ago
WinGet - Code Execution, Persistence and Detection Strategies
35d ago
Ransomware attack shuts Illinois high school until Wednesday
35d ago
Ideas for demo
35d ago
Microsoft account hacked through infostealer. Trying to log in using authenticator, but not successful. Help please?
35d ago
Harnessing Generative AI for Automated Reverse Engineering, Static and Dynamic Analysis, and Risk Scoring of Fraudulent Mobile Applications (APKs) and Malwares.
35d ago
Physical attack device
35d ago
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
35d ago
IT GRC News?
35d ago
Meta Says Israeli Spyware Firm Targeted WhatsApp Users Again
35d ago
Shifting L7 validation to the edge to stop DB resource exhaustion?
35d ago
Google Patches 5th Chrome Zero-Day Exploited in 2026
35d ago
EC Council CEH exam advice
35d ago
About NPower vs PerScholas
35d ago
Looking for a vulnerability to learn
35d ago
From Brute Force to Malware Execution: Investigating a Multi-Stage Cyberattack in Splunk
35d ago
Bad USB through charger?
35d ago
Recommendations for Discord community for latest AI security products
35d ago
Vulnerability Summary for the Week of June 1, 2026
35d ago
Windows Defender Tamper Protection stuck off - no active GPOs, SFC corruption, looking for ideas
35d ago
I feel like ive lost my passion to tinker after 6 years in the industry, anyone else?
35d ago
I wrote a free, no sign up, defender guide for suspicious USB devices and rogue hardware, with copy-paste detection examples
35d ago
really need help with project ideas for MSc
35d ago
Which Course for an almost-complete noob? (SANS.edu)
35d ago
SoFi confirms third-party data breach at Hong Kong subsidiary
35d ago
For the 2nd time in weeks, Microsoft packages laced with credential stealer
35d ago
Iran Signed a Ceasefire — Its Hackers Didn't
35d ago
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
35d ago
DSPM étude marche
35d ago
CMMC Phase 2 November 2026: two readings of SR.1 — C3PAOs are applying the one that requires a verifiable chain, not just a file
35d ago
AppSec / Pentesting job market in Canada for experienced overseas applicants?
35d ago
Stop Treating Low Severity CVEs as Noise. Start Treating Them as Ingredients.
35d ago
Automation Playbooks - which ones would you not want to live without?
35d ago
Is it necessary/important to Hash and salt API Keys for a strictly internal use tool?
35d ago
Need review on the OMS Cybersecurity program from Georgia Tech?
36d ago
If You Use Claude or Gemini, This Microsoft Breach Means Your Data Is at Risk
36d ago
2026 Verizon DBIR: vulnerability exploitation overtakes stolen credentials as #1 breach entry point for the first time in 19 years
36d ago
How do you close an alert
36d ago
What cybersecurity certifications are great value for money?
36d ago
Boxes for CPENT
36d ago
SIEM: is it "SIM" or "SEEM"
36d ago
I’m looking for recommendations for an online Master’s program that is recognized in the Middle East. (Better if certifications are included)
36d ago
How justdeleteme and justgetmydata work?
36d ago
I need help - PCI DSS 4.0 requirement 11.6.1
36d ago
How are you learning agent pen testing?
36d ago
Cyber security intern
36d ago
Meta to take legal action against Israeli spyware company NSO
36d ago
Inside SStar Agent, a cross-platform RAT with an unfinished macOS toolkit
36d ago
What's the best way to alert companies of a Glassworm copycat?
36d ago
How To Verify If A Site Is Legit?
36d ago
What is Flaresolverr
36d ago
Research: defenders using generative AI to simulate malware variants before they exist in the wild
36d ago
How are regulated orgs actually letting engineers use Claude Code / Copilot?
36d ago
Cyber security expo Manchester
36d ago
Remote Hiring Opened the Talent Pool — and the Fraud Surface
36d ago
Hades Cluster PyPI Worm Abuses Python Startup Hooks
36d ago
What certs should I do during summer of 11th grade?
36d ago
CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)
36d ago
Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
36d ago
Oxford University discloses data breach after careers platform hack
36d ago
Vendor ISO 27001 Assessment - Questions Around Control 8.29 Security Testing
36d ago
Got this message from “SimBoss”
36d ago
PKCS12 Golang fork
36d ago
Malware Insights: Miasma Campaign
36d ago
73 Microsoft GitHub repositories impacted by Miasma malware
36d ago
[Honeypot Research] Looking for volunteers to test telemetry/logs
36d ago
What is the condition of Bug Bounty program in the era of AI.
36d ago
Opening a cloned repo is no longer safe
36d ago
Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse
36d ago
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
36d ago
Google Colab CLI opens runtimes to Claude Code and Codex
36d ago
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
36d ago
The AI governance gap no one is talking about: deployment-stage accountability
36d ago
Free Study Resources for Comptia Cysa+
36d ago
Mentorship Monday - Post All Career, Education and Job questions here!
36d ago
Hi there
36d ago
Final risk-based IT Audit interview round with Director and have no experience. Please help!
36d ago
Needed help
36d ago
[ Removed by Reddit ]
37d ago
Career advice
37d ago
PhD in cyber Security
37d ago
Built a password guessing game. Almost everyone stuck in level 5.
37d ago
OSINT (SOCIAL MEDIA)
37d ago
Beginner KQL project
37d ago
Question about WORM and encryption
37d ago
Update:Certified cyber security
37d ago
Has anyone have any idea what to expect from Information security engineer- Network interview at Glidewell Dental
37d ago
Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction)
37d ago
Malware that survives reinstalling the BIOS and OS
37d ago
Am I overthinking the x86 compatibility issues? how much friction am I actually facing?
37d ago
Fedora Linux 43 exposes 20-year-old Microsoft Outlook security failure
37d ago
Managing Microsoft Identity Is More Complicated Than It Looks
37d ago
My work email got subscribed to a bunch of israel newsletters
37d ago
Shadow AI
37d ago
Rate limiting is not enough. What else can I use?
37d ago
How To Avoid Potential Malware From Transferring To New Laptop
37d ago
Sysmon RegistryEvent exclude not overriding include rule for Event ID 13
37d ago
Can't decide.
37d ago
looking for partners
37d ago
My edge is changing into bing when I search something
37d ago
Cybersecurity reality check
37d ago
[ Removed by Reddit ]
37d ago
Information Management
37d ago
IronWorm Malware
37d ago
Why do we use UNC for smbclient ? Why don't we use UNC for nc or ssh?
37d ago
Why do we use UCL for smbclient ? Why don't we use UCL for nc or ssh?
37d ago
Everyone's planning post-quantum migration for enterprises. Nobody's talking about your password manager
37d ago
Is a separate “clean” S3 bucket actually a security boundary for uploaded files?
37d ago
CVE-2026-46640: Developing payloads for Twig sandbox bypass
37d ago
PenTest+ Exam
37d ago
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
37d ago
Looking for guidance
38d ago
Before you attempt any OffSec certification, read what just happened to me
38d ago
Reporting Metrics for Management
38d ago
got hit with SOC 2, cyber insurance, and a prospect pentest request at the same time
38d ago
Found an old Discord CDN ZIP in Opera downloads and I’m trying to figure out if I should be worried
38d ago
Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload.
38d ago
AI Security Certificates
38d ago
Guys is bug bounty dead?
38d ago
How are folks making it in bug bounty?
38d ago
How useful is it to require at least one uppercase letter in a password?
38d ago
Cyber security ! Is no more ?
38d ago
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
38d ago
Ghosts in the Cloud: Chinese Hackers Hid in Microsoft 365 Networks for 18 Months
38d ago
Antimiasma Worm to discover/mitigate/vaccinate Miasma worm infected repositories
38d ago
How to train employees to feel when something's off?
38d ago
ALERT OVERLOAD
38d ago
CTO at NCSC Summary: week ending June 7th
38d ago
A new BitLocker bypass allows access to encrypted drive in the pre-boot environment with all Windows security features enabled
38d ago
Microsoft Azure Repositories Compromised (Disabled) as Miasma Worm Targets AI Coding Agents Through GitHub
38d ago
AppSec Engineer Interview Stories
38d ago
[OpenSource] Multi-layer sandbox for native code execution on Linux with no external deps.
38d ago
Is there a safe way to continue using (unsupported) Windows 10?
38d ago
Is Splunk suitable for smaller Enterprises?
38d ago
Has anyone else had MFA prompt fatigue issues with users?
38d ago
Data Scrubbing from Databases
38d ago
Best Certificates?
38d ago
Rant
38d ago
New York passes data center moratorium and consumer protections as environmental, and housing proposals stall
38d ago
Cyber attackers have a new favorite, the browser
38d ago
Looking to get into cybersecurity in web3
38d ago
Microsoft discovered that Anthropic's Claude Code GitHub Action is vulnerable to prompt injection attacks via issues and Pull Requests
38d ago
Should i use email 2fa or only auth and phone number?
38d ago
Can I break into cybersecurity with a white collar felony?
38d ago
Open Source Intelligence - Building AI Systems That Handle Contradiction at Scale
38d ago
How are people supposed to defend against both supply chain attack and zero-day vulnerabilities at the same time?
39d ago
What kind of topics do you think should be covered more (in conferences, youtube etc) but they arent?
39d ago
How Hard is This
39d ago
Installed Fake Codex hidden as a google site
39d ago
Virustital scan result help
39d ago
CrowdStrike Turned an AI Wave Into Its Best Quarter Ever
39d ago
Cyber Resilience Act - Position? Pain points? Struggle? Possible solutions?
39d ago
I fell for the cybersecurity degree trap and thought I could beat the job market, I could not. Not sure what to do now
39d ago
Being a Security Engineer? Which AI-powered tools are you using on a daily basis?
39d ago
Over 900 US gas station tank gauge systems exposed to attacks
39d ago
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
39d ago
SIEM is broken in the AI agents era
39d ago
Google Cloud hit by fresh layoffs, security and Mandiant teams among those affected
39d ago
Phantom Gyp npm Worm Abuses node-gyp Build Hooks
39d ago
Certified cybersecurity ISC2
39d ago
Help studying for OSCP
39d ago
The current state of Threat Intelligence Tooling
39d ago
Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware
39d ago
We tested offensive AI agents against deception technology
39d ago
A matter that I have been losing my sleep over
39d ago
Any experience with Rootly or incident.io for cyber incident management?
39d ago
CTIA Study Resources & Preparation Advice?
39d ago
Black hat uk vs brucon
39d ago
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
39d ago
NIS2 hits railway hard
39d ago
I need help guys… :(
39d ago
Question from the Seniors
39d ago
China-Linked Cybercrime Group Expands Attacks Beyond Asia With AI-Assisted Malware
39d ago
what certs have u seen in ai security related job posts ?
39d ago
How is the Security Architecture / Strategic IT Security process structured in your organization?
39d ago
What's happening in cybersecurity job market in US and Europe these days?
39d ago
Has any of you pivoted from GRC to CTI?
39d ago
Up-date-list of cybercrime types?
39d ago
What else should I learn to build a strong cybersecurity foundation?
39d ago
Hackerone interview
39d ago
Ransomware in the AI Era | ft. Behnaz Karimi | Ep. 109 | ScaleToZero Podcast | Cloudanix
39d ago
Testing URL Rewriting?
39d ago
Got an internship in IAM with no qualifications and no soft skills
39d ago
Work Hours of DFIR/Cloud Security vs Pentest
39d ago
Narcissistic Tech Leader....
39d ago
Anyone else's firewall logs just explode after midnight?
39d ago
I'm replacing myself.. at least the boring parts
39d ago
Anyone else dealing with these phantom login attempts from China?
39d ago
Best way to fully clear windows and set everything up securely (pc, accounts etc)
39d ago
IBM, AT&T Accused by Whistleblower of Covering Up Foreign Hacks
39d ago
Soc analyst
39d ago
Do companies actually require cybersecurity insurance
39d ago
Uncommon/Unusual CrowdStrike Alerts
39d ago
Cyber analyst: law firm or bank
40d ago
best free av and how do i properly setup passwords?
40d ago
Five 9 Vulnerability
40d ago
CVE Lite CLI closes dependency gap — but won't stop modern threats
40d ago
Scope change
40d ago
We just stopped a social engineering attack on our service desk. Here’s how it played out.
40d ago
What is the most underestimated cybersecurity risk right now?
40d ago
Update: Company is paying for any certification, which should I obtain? Except Sans
40d ago
New paper: every AI model has a naturally occurring unforgeable fingerprint in how it ranks tokens, relevant to fake model detection and supply chain verification
40d ago
Anyone else's firewall vendor docs a total nightmare?
40d ago
Your opinions about a learning style
40d ago
Why Real-Time Fraud Prevention Is the Only Way to Stop AI-Driven Attacks
40d ago
New IronWorm malware hits 36 packages in npm supply-chain attack
40d ago
Anyone else see their firewall logs just explode after a cloud update?
40d ago
Are certifications necessary to get a job in cybersecurity?
40d ago
Part 2: Bulk-Injection / Back-dating Signature Found in Public Tech-Governance Dataset (RDB Constraint Bypass)
40d ago
Is retyping and translating textbooks too inefficient for CS/Cybersecurity?
40d ago
Free Microsoft Enterprise Security Assessment: Worth It
40d ago
How are organizations preparing for AI-generated phishing attacks?
40d ago
Inside the race to adapt to an AI-powered security world
40d ago
127.0.0.1 in eight headers: what attackers hide in X-Forwarded-For
40d ago
Microsoft blames unexpected Windows driver updates on caching issue
40d ago
Critical Ledger State-Machine Violation Found in Public Tech-Governance Node Dashboard (Debit Card Transaction Injected on 0 Balance)
40d ago
Your CPU model leaks through the browser via WASM timing differences
40d ago
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
40d ago
Security Engineer 2 interview at Amazon coming up - What to expect?
40d ago
A researcher spent $1,500 testing if LLMs could hack a vulnerable app
40d ago
Help with university internship
40d ago
Are MCP servers becoming the next API security nightmare?
40d ago
What's the cybersecurity lesson you learned the hard way?
40d ago
ISO 27001 Surveillance audit vs Full recertification
40d ago
How important it is to get paid Cybersecurity certificates ?
40d ago
Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process
40d ago
Soc to Architecture
40d ago
Does "example file vulnerability" exists?
40d ago
VS code forces 2 hour cool down for most integrations.
40d ago
Company laptop isolated after Brave/Tor alert - should I be worried?
40d ago
Does anyone know how to send false positive to SOCradar ? virus total
40d ago
Looking for people to team up for Bug Bounties & CTFs
40d ago
Signal Without Smartphone
40d ago
I found a trojan on my pc and now im scared my private calls got leaked
40d ago
Meta, Microsoft & DOJ Smash Southeast Asia Scam Rings: 1.4 Million Accounts Removed, 63 Arrests
40d ago
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
40d ago
How do you change users behavior through awareness training?
40d ago
AI-built ransomware toolkit automates EDR evasion, AD discovery
40d ago
Safe Rust API for wolfSSL/wolfCOSE
40d ago
Looking for feedback on my open-source OT detection ruleset (29 rules for Wazuh/Sigma)
40d ago
AMD GPU Users might be compromised
40d ago
[ Removed by Reddit ]
40d ago
Five Eyes Warn: Chinese Spies Using LinkedIn Recruitment Tactics to Access Sensitive Information
40d ago
CISA warns of cyberattacks targeting fuel tank monitoring systems
40d ago
[CTF] Struggling to extract RTSP stream from generic Chinese IP Cams (Altobeam SoC) via ONVIF
40d ago
how to get good at cyber security?
40d ago
Anyone use CrunchAtlas?
40d ago
Prompt monitoring laughs
40d ago
Malicious Payload in ai-sdk-ollama npm Package
40d ago
Can Someone Please ELI5 - "YellowKey" (CVE-2026-45585) to me? (an IT admin that survived the Great Global CrowdStrike Outage of 24)
40d ago
what the HELL is dsztfso?
40d ago
Yubikey Alternative....?
40d ago
Hiring
40d ago
CVE-2026-42897: Applying the Mitigation and Closing the Incident Are Not the Same Thing
40d ago
Certification Advice
40d ago
Question about Linux kernel TLS ULP disclosed June 2 to oss-security
40d ago
An IT guy basically stole my entire gmail account and probably posted it somewhere...how do I search for this?
40d ago
How to Rob a Data Center (new article on data center physical security)
40d ago
US: California Back & Pain Specialists Exposes 133GB of Patient Medical Records on Public Server
40d ago
Is it worth taking the EC councils masters program?? Are they legit /2026
40d ago
Mid-level AppSec engineers: what do you actually study to prep for interviews?
40d ago
Company is paying for any certification, which should I obtain?
41d ago
Trusting Microsoft with your offensive security repos
41d ago
Automated Fault Injection Attack Framework
41d ago
Physical Biometric device as a security measure..??
41d ago
Cybersegurança
41d ago
Started Learning Cybersecurity
41d ago
InfraGard Application - Seeking Help | Student
41d ago
Orientación en Ciberseguridad
41d ago
Anthropic's coordinated vulnerability disclosure dashboard
41d ago
Hands Free: What LLM Driven Vulnerability Research Looks Like
41d ago
Real time Cybersecurity failures regarding Quantum computing/cryptography
41d ago
🕵️♂️ PCPJack Hijacked 230 Cloud Servers to Send Email. Here's How They Did It.
41d ago
A two-year-old RCE bug in Redis was just made public. An AI tool found it. The full exploit chain is out.
41d ago
CISA warns of active attacks exploiting Android, Linux bugs
41d ago
Found some open ports on a govt site, should i report or stay quiet?
41d ago
What is a good way to keep track of passwords for programs that don't support password managers?
41d ago
Cybersecurity statistics of the week (May 25th - May 31st)
41d ago
ASN Emissions Index. Networks ranked by how much noise they create on the internet.
41d ago
Have you sold cve before?
41d ago
i want to become a pentester, but i don't know how to
41d ago
The OT Security Problem Nobody Wants to Own
41d ago
Don't Take Wednesday Off When You Manage Vulnerabilities
41d ago
I finally finished a production version after 4 yrds
41d ago
Support role pivot to cloud security
41d ago
How do you manage your passwords?
41d ago
Mad rush to produce AI driven slop
41d ago
O Tails é seguro para acessar links suspeitos?
41d ago
Cyber Essentials plus + "legacy" network segments
41d ago
Insight for OPSWAT deep CDR
41d ago
Android vs iOS
41d ago
ShinyHunters leaks Charter Communications data: 4.9M customer records exposed via a social-engineering attack on an employee's Microsoft account
41d ago
Security Audits at an MSP
41d ago
[ Removed by Reddit ]
41d ago
Passkey registration breaks after moving off localhost..
41d ago
Does your team hire fresh AI engineer who doesn't know anything about Security operations?
41d ago
UARs for Equation (banking system)
41d ago
IoT pentesting cert
41d ago
Anthropic Expands Project Glasswing, Bringing AI Cyber Defense Tools to 150 More Organizations
41d ago
Experience with Tac Security
41d ago
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
41d ago
Found Security Vulnerabilities in my university website
41d ago
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign | Microsoft Threat Intelligence
41d ago
AI - Threat to the CyberSec Industry?
41d ago
Built a honeypot platform to catch lateral movement. How are you guys detecting this?
41d ago
How should small SaaS teams safely answer customer security questionnaires?
41d ago
Can AI Do Intelligence Analysis? Apparently Not.
41d ago
PROMPTPurify - 14MB Tiny Prompt Injection Guardrail Open Weight Model
41d ago
Regarding Certified Ethical Hacker (CEH Practical) exam
41d ago
Asking for advices on pursuing first CERTIFICATE
41d ago
I opened my own company and I can't find clients!
41d ago
ShinyHunters vaza dados de clientes da Spectrum após recusa de resgate da Charter
41d ago
Do you support the idea of creating a European commission that would issue special licenses for social media platforms, with standardized account creation rules and mandatory KYC (Know Your Customer) verification requirements across the EU?
41d ago
Anyone knows Quad9 dns ?
41d ago
I've a fullstack dev, I'm devleoping my own authentication for my application, Can anyone help me for it's security aspects ?
41d ago
Greynoise swarm
41d ago
SecOT+ certification for free
41d ago
How is the state of the job market for mid-level security engineers?
41d ago
Is anyone else still coding manually to learn? The market will continue to hire people that know what's going on even if you can now use AI to code many things
41d ago
WaSteal Update: Infrastructure Pivoting Reveals 57 Additional Extensions, Campaign Now at 183 Total
41d ago
Laid off from TPRM job - need help on the future of my career
41d ago
Anyone compared RoboShadow vs ConnectSecure for vulnerability management?
42d ago
Any one send vulnerability to MITRE?
42d ago
Need advice for a 30 min Security Apprenticeship interview
42d ago
UltraViolet: your own Shodan, in Docker, with CVE/KEV/EPSS
42d ago
Microsoft insists Defender is enough for most PCs, but admits third‑party antivirus tools still offer extras it can’t match
42d ago
Virustotal API as private data source
42d ago
Account Number Security Flaw
42d ago
Is Red Team Leaders Certification (RTL) actually useful for jobs or just for learning?
42d ago
A PoC to demonstrate that without PMF, MAC filtering at the AP level is the only thing stopping selective WiFi deauth
42d ago
[ Removed by Reddit ]
42d ago
[ Removed by Reddit ]
42d ago
Phishing simulation platform
42d ago
Just task about OSI model
42d ago
Need help improving DNS Spy from a security tool angle
42d ago
Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild
42d ago
Oracle's first monthly patch update just dropped 77 CVEs.
42d ago
Cleaning up after a legacy service account breach. How are you handling automated secrets discovery?
42d ago
Airbus digital apprenticeship
42d ago
Anthropic is expanding Project Glasswing — giving 150 more critical infrastructure orgs access to Claude Mythos to scan for vulnerabilities
42d ago
Google fixes one actively exploited Android zero-day, 124 flaws
42d ago
Can elections be hacked? Modern day computational propaganda techniques described by the EU's East Stratcom Task Force
42d ago
Parsing Cisco IOS configs for CIS Auditing: Why regex fails on block contexts, and how are you handling offline static analysis?
42d ago
Security Architects who who actively use modelling - What's your approach?
42d ago
PAN-OS authentication bypass bug added to list of exploited vulnerabilities
42d ago
I have extreme anxiety about being hacked
42d ago
Fresher
42d ago
Hackers Used Meta AI Bot to Hijack Instagram Accounts in Major Security Breach
42d ago
Career advice needed!
42d ago
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
42d ago
Google sr. security engineer interview
42d ago
Is offensive AI actually changing cybersecurity, or are we overestimating the impact?
42d ago
Multiple Red Hat NPM packages victim of Mini Shai-Hulud Miasma wave
42d ago
is emerald chat safe?
42d ago
Does anyone on this subreddit who has an VirusTotal premium account can help me with something important ?
42d ago
ClickJack in the wild
42d ago
Thoughts on A.I assisted Malware Analysis?
42d ago
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
42d ago
What articles do you use for cybersecurity news? (2026)
42d ago
Is anyone using agents in regulated industries? How do you make sure sensitive data doesn't go back to the AI provider?
42d ago
Roadmap and Training Recommodation
42d ago
Les anti-triche de niveau noyau et leur risque de sécurité
42d ago
Asked to Send Sensitive Documents via MMS
42d ago
SC-200 compared to CC (isc2)
42d ago
Every SaaS Company Is Accidentally Building Meta's Instagram Vulnerability Right Now
42d ago
Looking to move off KB4, what are people actually using these days?
42d ago
Got my Security+. What's next?
43d ago
Vulnerability Summary for the Week of May 25, 2026
43d ago
Malware
43d ago
Alternative Search Engine to Utilize in 2026?
43d ago
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
43d ago
Windows Server vulnerability can grant system privileges with just a malformed packet — domain controllers are being exploited in the wild
43d ago
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
43d ago
AI compliance
43d ago
Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm
43d ago
Is TeamPCP a Russian-affiliated APT? How can preventive security principles assist defending ecosystems against attacks on software supply chains?
43d ago
MacBook or Windows Laptop for Cybersecurity
43d ago
What's the most creative MFA bypass you've seen?
43d ago
Research Notes from Building a Windows Event Log Hunting Workflow
43d ago
How to fix securityheaders scan X-Frame-Options and Content-Security-Policy ??
43d ago
Free AI tools for TPRM?
43d ago
incomplete phone number from togo, need help reporting to police
43d ago
NPM packages from RedHat Compromised
43d ago
Linux Copy Fail CVE-2026-31431: KEV Privilege Escalation on Shared Build Hosts
43d ago
SOC Analyst working towards Threat Intelligence
43d ago
Is XSS possible through PDFs?
43d ago
The Next AI Governance Failure Won’t Be the Model
43d ago
Microsoft MFA Is Down Again
43d ago
Started my first writeup - Sherlock NeuroSync-D (CVE-2025-29927)
43d ago
Computer logic or Science
43d ago
I am a Full Stack Developer but I want to switch to a cybersecurity centered position. Which positions should I prepare for?
43d ago
What C2s Are You Using
43d ago
PNPT Exam
43d ago
What do you do when a supplier refuses or lacks a reporting clause on vendor incident notification?
43d ago
Any appsec engineer working in fortune 500?
43d ago
I'm developing an IDS/EDR. I need suggestions which blind spots I have, whats missing and what should be added next
43d ago
Anyone transition from AWS Data Center Operations to InfoSec?
43d ago
I think my account got hacked but it's weird
43d ago
current market for detecting deepfakes?
43d ago
Worried about friend being doxxed on doxbin
43d ago
how to shift from a service based company to a product based one in cybersecurity ?
43d ago
Meta AI Password Reset Flaw Reportedly Bypassed Instagram 2FA
43d ago
Claude AI user data directory exfiltration via malicious npm package
43d ago
Bitdefender blocking amd stuff? False positive or?
43d ago
Mentorship Monday - Post All Career, Education and Job questions here!
43d ago
did they have my password?? what triggers this specific email??? instagram HELP.
43d ago
ATTENTION: Dashlane may have been breached. (Password manager).
43d ago
Norton blocked a “malicious script”?
43d ago
Need Advice: Ex Claims He Still Has Access to My Mac/iCloud After Resets and New Accounts
43d ago
Security researchers have uncovered a new attack technique that lets malicious websites spy on your browsing activity through hard drive.
43d ago
I wrote about the 5 biggest threats in 2026, curious what this community thinks.
44d ago
MSPs: What evidence do cyber insurance underwriters ask you for that is hardest to produce?
44d ago
Im new to cybersecurity and have a iPhone 7 (iOS 15.8.5) I wanna pentest, any suggestions?
44d ago
NetworkChuck
44d ago
LLM for creating phishing tool
44d ago
Why are we still treating IAM like a compliance checkbox?
44d ago
Polyfill pop up?
44d ago
SecAI+ difficulty question
44d ago
Could you guys give an honest feedback to a completely automated ssrf attack tool?
44d ago
tengo 61 y mi famila y amigos me espian I am 61 and my family and friends spy on me
44d ago
Microsoft Joined the DMARC Club
44d ago
Help.
44d ago
Vibe Coding Security
44d ago
Looking for a Company to Partner With
44d ago
Best reporting tools?
44d ago
What actually moved the needle on our alert fatigue (Wazuh + some automation, lessons after ~6 months)
44d ago
How Can Polyfill.io Still Act Maliciously?
44d ago
Need THM voucher code for cheap? Any known seller?
44d ago
Ghost passwords?
44d ago
Was a stipulation in my offer letter that I was required to obtain my CISM certification in 6 months... I did not.
44d ago
LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions
44d ago
Anyone else having Chatgpt Strikes / Violations while learning cybersecurity?
44d ago
Working at Cisco, worth it?
44d ago
Want to Learn Cybersecurity in 2026 – Need Guidance, Roadmap, Tools, Resources & AI Advice
44d ago
Are you pen testing AI Agents?
44d ago
Question of android malware
44d ago
External attack surface: how are you correlating DNS, SSL, and IP reputation today?
44d ago
how do i properly setup 2fa and bitwarden?
45d ago
Hacking India's Largest Exam Evaluation Portal: From Authentication Bypass to Full Account Takeover (Covered by BBC)
45d ago
i need a partner to learn coding with me and have fun too,Hey, I'm 16 and just started learning cybersecurity and coding. I'm looking for a coding buddy around beginner level. We can learn Python, web development, and build small projects together. Anyone interested?
45d ago
Question for teams running parallel agents: Would you actually pay for a deterministic control plane, or are we all just building custom wrappers forever?
45d ago
Can Steam Cloud Files Transfer Malware
45d ago
Questions for the cloud security engineers
45d ago
Thoughts on this as a starter and doing bug bounty on the side
45d ago
How are new SC-200 candidates practicing labs without an E5 Developer tenant?
45d ago
Getting OTP spammed from every app and website I've ever used. Should I be worried?
45d ago
A browser tool for checking contractor insurance certificates
45d ago
Am I getting screwed?
45d ago
SECODER | Security Coding Challenges for SOC Analysts & Detection Engineers
45d ago
PAN-OS added to KEV, Langflow exploit activity, and a surprising Windows EPSS jump — today's most actionable vulnerability signals [Threat Intel 2026/5/29}
45d ago
CTO at NCSC Summary: week ending May 31st
45d ago
BountyLabs — Bug Bounty Training with Labs, Challenges, and AI Mentorship
45d ago
Need suggestion
45d ago
[INDIA] Need Advice: Shared mobile number risk on a joint minor account after a small P2P trade (P2P Fraud / Bank Freeze Anxiety)
45d ago
Was Dave Bittner interviewing an AI?
45d ago
CTF for complete beginner
45d ago
Hitting a plateau after 2 years in Web Security: How do I transition from standard OWASP bugs to finding CVEs and novel techniques?
45d ago
AI-Era Cyber Risk Standards
45d ago
BEC Victim - Attacker replied inside a real email thread using a lookalike domain
45d ago
Question for those who transitioned from remote to work from anywhere
45d ago
Website Keeps Getting Falsely Flagged as Phishing/Malicious By Security Vendors
45d ago
Do you enjoy what you do or do you wish you could go back in time and change it?
45d ago
Is understanding how API keys, public/private keys, and secrets actually work necessary to work in cyber?
45d ago
For those who made the jump to independent cybersecurity consulting, what was the hardest part of the first year?
45d ago
Is a basic understanding of PKI and Public Key Cryptography necessary to work in cyber ?
45d ago
Do you think AI will make cybersecurity products/services cheaper over the next 5-10 years?
46d ago
Botnet of more than 17 million devices dismantled
46d ago
Exposed credentials on logs
46d ago
What do you think is the biggest cybersecurity risk for small businesses in 2026?
46d ago
Wanted to shift to cloud security, but have some questions
46d ago
Zero Trust is Overrated? Navigating the Complexity
46d ago
Test API post with flair
46d ago
Warning on MAD20 Subscriptions: $500 Blind Auto-Renewals and Hostage Certifications
46d ago
How Do You Handle the Massive Amount of Information in the CPTS Path?
46d ago
Help an upcoming cybersecurity engineer!
46d ago
Repeated Microsoft MFA attempts even after password change
46d ago
What Is Device Intelligence and How Does It Stop Fraud?
46d ago
[FOSS Tool] WiFi-SpiderWeb V2.0: Active Cyber Defense for OpenWrt Routers with Live Radar Sweep (Python + SSE)
46d ago
IBM commits $5 billion to secure open-source software
46d ago
Structuring an AI-Assisted Pentesting Homelab for a Final Year Project
46d ago
Are teams actually monitoring LLM traffic in production environments?
46d ago
How to protect passwords from memory scraping/API hooking on a compromised target machine during a remote session? (No Admin access, No 2FA)
46d ago
Raspberry pi
46d ago
What is the biggest obstacle to using AI safely in a company?
46d ago
Advice going forward
46d ago
MCP Firewall help
46d ago
I wanted to shift to security but people told me the market is extremely bad, is that true?
46d ago
Best Personality Type/Traits for Working in Cyber Security
46d ago
A fake freelance job interview almost installed malware on my PC
46d ago
Is there a viable career path here or am I just being delusional?
46d ago
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
46d ago
How do enterprises actually prevent developers from exfiltrating source code?
46d ago
I have a datastealer malware
46d ago
Dúvida de carreira.
46d ago
Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace
46d ago
Need Cloud Security Engineer simulator to learn the Job. I need to be more hands on with running tools ,Please advise thank you. Your resources are appreciated
46d ago
is SIEM really needed here ?
46d ago
Decompiled an app, found a bunch of secrets, what now?
46d ago
Can someone give me a correct method for learning reverse engineering?
46d ago
Critical Gogs Zero-Day RCE Remains Unpatched After 2+ Months
46d ago
GRC Advise
46d ago
[ Removed by Reddit ]
46d ago
Did something happen to haveibeenpwned? Any alternatives?
46d ago
RAT SUSPECTED
46d ago
How do people afford certificate s?
46d ago
I’m curious — what’s one cybersecurity tip you wish more people knew before getting hacked or scammed?
46d ago
Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations.
46d ago
Phone Forwarding
46d ago
Opinions on running Full Microsoft E5 Security Stack
46d ago
Claiming "XDR"
46d ago
Typosquatted npm packages used to steal cloud and CI/CD secrets
46d ago
Microsoft security
46d ago
Need help regarding building a home lab
46d ago
Should I turn on passwordless accounts for all my Microsoft accounts?
46d ago
Transitioning from AWS Data Center Operations to Security Engineering
46d ago
Probably the wrong place.
46d ago
What after IT helpdesk?
46d ago
How are you security-testing API changes before production without slowing CI/CD?
46d ago
Are we trusting update repos or are you all extra paranoid now as well?
46d ago
Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops
46d ago
Prevent supply chain attacks
46d ago
Cybersecurity Authorities Issue Joint Guidance on the Adoption of Agentic AI Systems
46d ago
FBI warns of fake FIFA websites running World Cup fraud schemes
47d ago
Hackers are trying to steal Signal users' backups in new wave of phishing attacks
47d ago
Incident Response Testing Preparation
47d ago
Kevin Mandia is speaking in NOVA on June 10 — probably the most candid you'll ever hear him outside of a major conference
47d ago
[Open-Source] WiFi-SpiderWeb: Turn any OpenWrt Router into an Active Cyber Defense & Honeypot System via USB 🕷️🔥
47d ago
3rd Party NFC cards.. secure?
47d ago
Vulnerability Management Tickets & SLA
47d ago
Defending at Machine-Speed: Building AI Threat Readiness
47d ago
AI agents running in our environment have broader access than our sysadmins and ownership of that is unresolved
47d ago
HEAD request body processing leading
47d ago
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
47d ago
Does anyone have an app like substack to keep being updated and engaging within the cyber domain?
47d ago
What’s an attack vector people massively underestimate in 2026?
47d ago
We security-reviewed our own free CVE tool and shipped the fixes - EPSS Lookup Tool v2.7
47d ago
A Deeper Look at GLASSWORM's Solana Variant
47d ago
Calling Cyber Security Beginners
47d ago
Busco oportunidad laboral / consejos para iniciar en TI, ciberseguridad o análisis
47d ago
built something for ai agents, ended up looking a lot like classic appsec
47d ago
Is Gophish still usable in 2026?
47d ago
Microsoft vs Chaotic Eclipse: three zero-days now actively exploited
47d ago
what do you think
47d ago
Why would be clicking a website, redirect me?
47d ago
Zapier fixes bug chain that researchers say risked widespread account takeover
47d ago
Writing cybersecurity policies is a waste of time
47d ago
Raising the Cybersecurity Stakes: Ante up for the Agentic Era.
47d ago
Public CAs are exiting client authentication. Most organisations haven't inventoried what depends on it.
47d ago
[ Removed by Reddit ]
47d ago
Released: Dataforge Honeypot
47d ago
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
47d ago
CEH-free
47d ago
Hottest cybersecurity open-source tools of the month: May 2026
47d ago
Preparation tips for CPENT
47d ago
How do you handle AI tools in your organization?
47d ago
I think i got scammed anybody can help me with that
47d ago
New phishing campaign targeting Japanese online banking users uses 'PayPoy' domain/branding typo
47d ago
Is it safe to have passwords copied to clipboard on IOS temporarily?
47d ago
Developers working on anti-fraud systems deserve more credit
47d ago
My company is moving to security clearance requirements but I am a foreign national. Anyone know time lines / realistic outcomes for me? Currently working as a sec analyst
47d ago
Security awareness training for AI heavy smb workflows?
47d ago
Minimum Requirements for Helpdesk Role ?
47d ago
Reddit spear phishing
47d ago
GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
47d ago
What to do
47d ago
What resources would you recommend for studying cysa+
47d ago
Provenance of Data
47d ago
Websites have a new way to spy on visitors: analyzing their SSD activity
47d ago
12 years in secops, military to vendor then internal. Internal feels like all loss and no win. Is this normal?
47d ago
Russian Art Teacher - Hinder Security Clearance?
47d ago
EDR/MDR Vendor Questions
48d ago
Cybersecurity as a Highschooler?
48d ago
New department created, would love your input
48d ago
OWASP Vienna - anyone going?
48d ago
Interview with Upstart
48d ago
18, immigrant in Portugal (no Portuguese), failing high school. Need a stable path to Hardware/Network Cyber.
48d ago
Is cloud security engineer viable with my current position?
48d ago
Cloudflare Access users: what would actually make JIT useful for you?
48d ago
eBPF to Detect Unexpected Control-Plane Traffic Inside GTP-U Tunnels
48d ago
Questions regarding Ubuntu 24 LTS hardening
48d ago
Cómo puedo interferir señal de un dispositivo que está cerca de mí para que no le funcione la señal de wifi a la que él está conectado, cómo puedo protegerme? Se me tipos de cómo protegerme, soy nuevo en esto, me gusta mucho.
48d ago
Honest question about OT Security Engineer work life in India
48d ago
Who is using CVE Lite CLI? Share your use case (OWASP Incubator Project for JS/TS dependency scanning)
48d ago
AI Security
48d ago
Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor
48d ago
🚨 Exposed Global Smishing Operation Hitting 19 Countries Across 3 Continents
48d ago
Building Detection Engineering on AWS from scratch — roast my plan
48d ago
Academic Survey - AI in Cybersecurity Governance and Regulatory Compliance
48d ago
I went to prison for internet piracy and hacking; my FBI profiler sent me a message on LinkedIn when I got out, and now we’re presenting at SLEUTHCON. I'm Josh Brody and I ran HeheStreams: AMA.
48d ago
Research: All three major eBPF security monitors (Falco, Tracee, Tetragon) can be silently disabled via BPF map poisoning
48d ago
Final Year Project: Looking for non-generic IAM project ideas that solve real problems
48d ago
GlassWorm takedown: year-long developer supply chain campaign using VS Code extensions and npm packages dismantled.
48d ago
Breaking out of IT Helpdesk - how?
48d ago
A year in Cybersecurity — Where Do I Go From Here?
48d ago
MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
48d ago
22, SOC Analyst experience + certs, still no interviews since January - looking for honest advice from people in cyber
48d ago
FBI: Silent Ransom Group Turns to IT Support Ploy
48d ago
How do machine builders track Siemens/Rockwell security advisories?
48d ago
GlassWorm Developer Supply-Chain Botnet Takedown
48d ago
The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN
48d ago
Active Exploitation - LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0: Root Privilege Escalation added to KEV
48d ago
Got cybersec work what next ?
48d ago
Hi everyone! I’m a doctoral student conducting research on how people’s cybersecurity concerns affect their use of technologies like Apple Pay, smart devices, wearables. I’m looking for adults (18+) who currently use or have recently used these types of technology; smart devices or smart wearables
48d ago
Ekoparty Miami - Interface Anti-Patterns: Exploiting Insecure Navigation in 3rd Party Android App Lockers
48d ago
Trying to understand the scope of NVIDIA's attestation (NRAS), what am I missing?
48d ago
GitHub - facebook/mcpguard-dynamic: Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP)
48d ago
nightmare eclipse is probably French here is why
48d ago
Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines
48d ago
Measuring performance of JA4/JA4H AI Model
48d ago
What things are you really focused on this year?
48d ago
Hypothetical EDR spoofer
48d ago
ISO 27001 Audit Stage 1
48d ago
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
48d ago
Looking for Hacker Friends to Learn☺️
48d ago
Comptes Instagram et Facebook piratés et désactivés
48d ago
How to safely disinfect a USB stick from potential malware files?
48d ago
Is anyone else concerned about how quickly AI is outpacing cloud security?
48d ago
What's a CyberSecurity job like?
48d ago
Microsoft Live credential stuffing
48d ago
I am on placement and part of a lab where we use cyber security and do research what jobs are similar to this?
48d ago
Security architects- summarize your responsibilities and role
48d ago
Finding Work in OSINT
48d ago
State of SDLC Security 2026
48d ago
Reported to police for coding html
48d ago
[Open Source] Desarrollé un mutador de huellas TLS en Rust para evadir sistemas Anti-Bot (JA3/JA4 scrambling)
48d ago
I open-sourced KernelEye — an eBPF/XDP-based Linux server security monitoring project
48d ago
Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover
48d ago
Shai-Hulud Hackers TeamPCP: Lucky or Skilled Operators?
48d ago
KnowledgeDeliver flaw exploited as a zero-day to install web shells
48d ago
Breaking GROK'S DEFENSES to make it HACK Real Public Websites
49d ago
GitHub Actions Cache Poisoning is eating open source
49d ago
Nightmare-Eclipse has also been banned on GitLab :DD
49d ago
Do we still have time before we are in the Age of the movie "Minority Report"? ↓
49d ago
SimHub (popular sim racing dashboard software) appears to silently disable Windows Defender via hidden Group Policy file
49d ago
What Software Supply Chain, Water Filters, and Power Grids Have in Common
49d ago
QA engineer trying to move into AppSec — does this plan hold up?
49d ago
Is work from anywhere really impossible to find??
49d ago
Cybersecurity statistics of the week (May 18th - May 24th)
49d ago
Engineering a Post Quantum Fortress Inside the Citadel Archite
49d ago
Cyber Security Analyst
49d ago
Environmental consulting firm pushing heavy AI adoption despite employee concerns over environmental impact and data governance
49d ago
Two layer email security tool thesis
49d ago
When OTP rate limiting fails: OLX account takeover with persistent sessions
49d ago
Entra ID sessions revoke
49d ago
Anyone who attended GPCSSI before? Need some clarification
49d ago
Lost on my career path.
49d ago
EU-based folks: external pentest vs mandatory data/security training?
49d ago
help needed from experienced people
49d ago
How do you evaluate whether a privacy service is actually privacy-respecting?
49d ago
Which one Intellipaat or coursera which one to choose
49d ago
CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
49d ago
India's CERT-In just mandated patching critical vulnerabilities within 12 hours. That sounds good — but is it actually realistic?
49d ago
Audited 20 production repos after the May supply chain attack. Every single one had at least 3 of the 8 misconfigs.
49d ago
Did anyone pass the SC-200 certificate recently?
49d ago
Honeypot
49d ago
passkeys, MFA, biometrics, and you can still reset everything with access to one gmail account
49d ago
Career in IAM as a fresher
49d ago
CISA orders feds to patch actively exploited Drupal vulnerability
49d ago
Telegram's Hidden Gatekeeper? OCCRP Probe Puts Spotlight on Shadowy Engineer Linked to App's Infrastructure
49d ago
GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
49d ago
Cyber security tool
49d ago
Saw this tool and it has potential
49d ago
🚨 14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-26): Critical Worms, Parse Server DoS, and AI RCEs
49d ago
7-Zip CVE-2026-48095: NTFS Heap Overflow Can Trigger Through Renamed Files
49d ago
Follow up : showing Claude install random pacakage in its vm instance without asking or prompting
49d ago
¿Is safe?
49d ago
Need help
49d ago
What is the best tool for masking in kali
49d ago
What are the best tools other than ghostTracker?
49d ago
TrapDoor Cross-Ecosystem Crypto Stealer Campaign
49d ago
Follow up : Steal Your Files Claude AI installing package because internet say so
49d ago
New to Cybersecurity: Looking for general advice & help with Nmap
49d ago
Open sourcing our hardware red team RF toolkit: the Crimson Flipper Arsenal
49d ago
Looking for tech role references
49d ago
How do you balance Paw?
49d ago
I'm a security professional who has dealt with ransomware. AMA about incident response and business continuity.
49d ago
From Stuxnet to Handala: The reverse-engineering of a nation-state cyber weapon and its implications for ICS/SCADA security
49d ago
Ghost CMS flaw being actively exploited to compromise 700+ sites and serve malware to visitors through fake CAPTCHAs. Patch has been out since February
49d ago
What Companies are Legit?
49d ago
start learning cybersecurity from scratch
49d ago
Follow-up: measuring LLM-agent failures with replay evidence
49d ago
Follow-up: measuring LLM-agent failures with replay evidence
49d ago
WhatsApp users on alert after hacker drops massive dataset
50d ago
17 years old going into CS — what certs should I start going after now?
50d ago
i want to hire an osint expert
50d ago
Open University pros/cons
50d ago
How important do you think browser/device fingerprinting has become for modern fraud detection compared to traditional bot detection?
50d ago
Career in IAM as a fresher
50d ago
Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo
50d ago
Need Advice
50d ago
Before going to college, what certifications should I get to prepare myself for cyber security as a person with no experience with cyber security at all?
50d ago
Someone from Germany on iOS keeps trying to login to my MSFT account
50d ago
AI cautionary tale...
50d ago
AI powered red vs blue teaming
50d ago
Starting a security analyst student apprenticeship next week, need advice
50d ago
Why CVE Does Not Work for AI Agents, but AVE?
50d ago
SC-200 or Security+ — which actually helps land a security title
50d ago
How about AI having access to your hard drive.
50d ago
How a Date Tag Hijacks macOS via ExifTool
50d ago
Need ideas for final year cybersec project : “CodeSafe” MCP for AI coding tools
50d ago
How credential brokering prevents AI agents from compromising credentials via prompt injection
50d ago
Built a tiny daily cyber puzzle game during evenings/weekends
50d ago
Crypto4A launches quantum-safe rival to AWS Secrets Manager
50d ago
ZTE rated this router leak 3.5 Low. NVD rated it 6.5 Medium. The impact explains why.
50d ago
Cyber Sec project
50d ago
CySA+
50d ago
Anyone tried Morgancyberhelp ?
50d ago
As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
50d ago
Why are most of the dfir tools built to be used in windows
50d ago
OnlyFans mega leak reveals 340M user records, hackers claim
50d ago
Perplexity BumbleBee
50d ago
Cisco patches critical 10.0 flaw in Secure Workload APIs
50d ago
Stalker has my phonenumber
50d ago
Need some guidance
50d ago
Are you currently allocating budget to services that remove executive PII from B2B data brokers?
50d ago
About CEHv13 book
50d ago
We open-sourced the most dangerous part of our security startup on purpose.
50d ago
Which conference(s) result in the most people finding jobs?
50d ago
My discord account has been hacked second time even after enabling two factor authentication and resetting password
50d ago
What's the most efficient way to learn cloud governance and compliance
50d ago
Does anyone know C2 framwork and free hosting to host C2?
50d ago
CIS-CAT Assessor for assessment Windows server 2022 and 2025
50d ago
Auditor wants a specific access report format and our IAM tool can't produce it, how do you handle this
50d ago
Installed BlueStacks, 3 hours later "new login on your google account" and its from the same city as me and a samsung s22 galaxy that i did not authorize, does this have any relation to bluestacks?
50d ago
Recent adoption of AI taught me what is Cybersecurity.
50d ago
The Pentagon Changed the Rules for Cybersecurity Compliance
50d ago
Can someone explain to a noob like me what the implications of this exploit are?
50d ago
SHub's "Reaper" Variant Seen Bypassing New macOS Terminal Protections
50d ago
Window between zero-day CVE and a patch!
50d ago
Is it risky when a website puts on technology components with versions they used in their website?
50d ago
Anyone else losing their mind over this "AI Cybersecurity" hype?
50d ago
URL parsing behavior in a canonical tag lab
50d ago
Would an open source CLI tool that audits GitHub repos for supply chain attacks be useful to you?
50d ago
Any tips for me pls
50d ago
How do you minimize legal liability as a solo contractor?
50d ago
How does your MSSP handle fine-tuning detection rules for false positives? (e.g. "Guest" policy hitting UDP/TCP scan alerts) — do you verify with the customer before suppressing?
50d ago
Mentorship Monday - Post All Career, Education and Job questions here!
50d ago
Provenance: A survival toolkit for an AI dominant information landscape
50d ago
[ Removed by Reddit ]
50d ago
Active Drupal SQLi exploitation is a real „patch now“ moment
50d ago
machscope — macOS XPC, Mach services, launchd, and trust relationship explorer (zero-dependency, terminal-native)
51d ago
Need suggestions and input; not a promotion
51d ago
Need advice!
51d ago
New Zealand is becoming a focal point for AI-driven superhacking threats.
51d ago
nmap on Linux: Guide to Network Scanning and Discovery
51d ago
TrapDoor supply-chain campaign hits npm, PyPI, and Crates.io with AI-assistant poisoning angle
51d ago
How would Phishing look like in the future? (targeting agents, not humans)
51d ago
Best beginner/intermediate book for system security (blue team / defense / audits)?
51d ago
Why is on-prem and air-gapped asset inventory still such a mess?
51d ago
keep getting MS authentication sign in attempts?
51d ago
Silly issue
51d ago
How to practice cybersecurity while studying prograaming ?
51d ago
[AI Security] Exploring Behavioral AI for Runtime Threat Detection
51d ago
Podman and krun: is it pointless to harden quadlets?
51d ago
How to handle security researchers (and firms) without a bounty program?
51d ago
Product analytics is becoming a third-party breach surface
51d ago
How can i learn and get into red teaming?
51d ago
Governments increasingly assume they’ll use offensive cyber tools as part of state power | Federal News Network
51d ago
I got hacked
51d ago
Soc analysts in big companies, how it looks like?
51d ago
CTO at NCSC Summary: week ending May 24th
51d ago
These special phone and app features can help protect you from spyware
51d ago
Is there a tool that lets you automatically rotate all your ssh keys and k8s creds and whatever else with a click of a button?
51d ago
Capcha Code Malware
51d ago
getting lost when hunting
51d ago
How to find information behind an account?
51d ago
Theoretical Design Concept for Post-Exploitation Browser Defense
51d ago
Google Certifications...
51d ago
How to continue when finding a possible Vulnerability but local law prohibits me from investigating further
51d ago
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
51d ago
Is the CISSP still a reputable cert for getting jobs?
51d ago
Which of these gоv roles would fare better in the private sector?
51d ago
Laravel Lang packages hijacked to deploy credential-stealing malware
51d ago
Mapping binaries to EDR feature spaces
51d ago
Lost my number + WhatsApp account — worried about old chats, photos, and videos
51d ago
what is the most painful or time-consuming part of your work right now?"
52d ago
Anthropic says Mythos has already found more than 10,000 vulnerabilities
52d ago
What is the experience needed for “entry level” cybersecurity jobs?
52d ago
Browser extension testing.
52d ago
Interviewer ask me if you observe port scanning from internal ip , the scanning ip is not authorised for scanning. How will you investigate it and how will you find attackers ip?
52d ago
Have you ever had your face or voice misused by AI? I’m building a free reporting tool and need feedback
52d ago
Prompt Injection finally broke my brain a little. My first article as a cybersecurity student, cat approved edition
52d ago
Can someone recommend me some good, large universities to study cybersecurity?
52d ago
New guy khikhi
52d ago
Examples of intentional backdoors being breached?
52d ago
Non-Compliant Vocab
52d ago
Drupal Core SQL injection flaw actively exploited less than 48 hours after patch. 15,000 attack attempts already recorded across 6,000 sites
52d ago
infostealers just spawned a 5,000+ repo github supply chain attack
52d ago
The latest Megalodon campaign against GitHub leveraged a spray of fake PRs targeting CI workflows. Here's the complete analysis
52d ago
GRO frag
52d ago
We audited 12K n8n templates: most have critical vulnerabilities
52d ago
Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm.
52d ago
Taking the PSAA - Practical SOC Analyst Associate by TCM Security next week
52d ago
Mitigated Vulnerabilities by Vendor as Feed
52d ago
Kash Patel-Linked Merchandise Site Goes Dark After Hack Allegedly Spread Malware to Visitors
52d ago
A new GitHub attack dubbed Megalodon compromised more than 5.5K repositories
52d ago
Where can I find the tools freely on internet to practice for soc analyst
52d ago
residential proxies
52d ago
Recommendations for getting started in cybersecurity
52d ago
Linux mint or Ubuntu for complete beginner
52d ago
Indirect prompt injection is jokingly trivial. AI is social engineering a toddler with the knowledge of the world.
52d ago
Pentesting company recommendation
52d ago
Have you ever failed a certification exam?
52d ago
AI Chatbot Security Research – Prompt Injection Behavior in Financial Context (Seeking Responsible Disclosure Guidance
52d ago
What do i need to learn to get into application security? Which Degrees/Certs
52d ago
RSAC online membership? Is it worth it?
52d ago
Can someone give me a detailed roadmap for becoming a SOC Analyst?
52d ago
Puedo conseguir trabajo?
52d ago
How do i learn networking for cyber security?
52d ago
What's going to be Hacking and Cybersecurity's future is gonna be like?
52d ago
Cyber security placement - Interview Help
52d ago
Anonymous revendique le piratage de satellites chinois pour protester contre les lois sur la vérification de l'âge
53d ago
Feedback needed
53d ago
Handoff Transition
53d ago
Just added an interactive security map showing exactly what the server sees (and doesn't)
53d ago
Trend Micro warns of Apex One zero-day exploited in the wild
53d ago
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
53d ago
https://www.reuters.com/business/finance/morgan-stanley-asks-bankers-carry-separate-phone-china-trips-source-says-2026-05-20/
53d ago
Harvard and 140 other legitimate websites compromised
53d ago
Votre Satisfaction Dans Votre Travail
53d ago
5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit.
53d ago
US states urge Congress to renew cybersecurity grants
53d ago
The CISO's Guide to IDE Security in 2026
53d ago
Help with evilginx
53d ago
Watching AI Brain Drain on Attackers in Real Time
53d ago
Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm.
53d ago
api-rta cyberwarfare labs
53d ago
Does Security Implement Fixes?
53d ago
Ultimate Cybersecurity without needing AV ect?
53d ago
User Onboarding with IAM
53d ago
pnpm 11 Might Finally Be a Better Default Than npm
53d ago
14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-22): Critical Worms, Credential Harvesting, and RCEs
53d ago
Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria
53d ago
Millions of NGINX Servers Face Fresh Zero-Day Concerns After Recent Rift Patch dubbed "nginx-poolslip"
53d ago
Looking for a cybersecurity professional to interview for a university project (interview in French)
53d ago
Safe read-only check script for Copy Fail / CVE-2026-31431
53d ago
New to GRC at an MSSP startup. Want to build a local AI on an RTX 3050 to automate documentation without leaking data. Possible?
53d ago
[TOOL] CLR-Stomp – BOF-Based .NET CLR Stomping for Stealthy inlineExecuteAssembly
53d ago
Cisco used AI to write security incident reports, with mixed results
53d ago
[TOOL] QSLCL v2.1.4 - Universal Silicon Communication Layer (DFU/EDL/BROM)
53d ago
Cyber Insurance Actuary Looking for Educational Resources
53d ago
As a bank , how do i give protected access to claude to my team?
53d ago
Can seasonal Apple Store employees apply for internal IT/cybersecurity roles?
53d ago
Reliable IP reputation check tools besides IPQS?(for work)
53d ago
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility (5/2026)
53d ago
Time to Switch: How to Set Up Passkeys Before Microsoft Ditches SMS 2FA Logins
53d ago
Hacked by Rat Tools for 2.5 years.
53d ago
Google API Keys Remain Active After Deletion
53d ago
how do cyber sec consultants and pentesters actually get new clients?
53d ago
Post Incident Paranoia?
53d ago
Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector
53d ago
Upcoming CS Student: What OS approach is best to balance university coding and learning cybersecurity?
53d ago
Sensing ‘renewed outbreak’ of war, Iran hackers vow ‘dozens’ of ‘devastating’ infrastructure attacks ready
53d ago
You can counter MEMZ with Krotten in XP
53d ago
What are the most effective ways to do Blackbox testing?
53d ago
Npm registry sets stage for more secure package publishing
53d ago
Need a Wi-Fi Adapter for Better Range + Wi-Fi Pentesting Support
54d ago
Basira - open source AI code reviewer with OWASP audit, 0 CVEs, BYOK
54d ago
Is the Cybercorps SFS still worth it?
54d ago
Microsoft warns hackers are exploiting password resets to gain access to user accounts
54d ago
Unpopular opinion: the GitHub breach is 100% predictable and the security industry deserves the blame
54d ago
WORM USB drives
54d ago
An OWASP-aligned launch gate for AI agents — Would you please share critique on the threat model?
54d ago
CISOs - Holding the Line
54d ago
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
54d ago
Security Scroll Down?
54d ago
mass github repo backdooring via CI workflows(Megalodon)
54d ago
Threat Modeling Autonomous Dev Agents: How do we cryptographically prove a human actually reviewed a commit?
54d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
54d ago
DNS blocked by Cisco Umbrella, but symantec EDR & Event Viewer are completely blind
54d ago
FaceTec (ID verification) company appears to store user biometrics
54d ago
CVE-2026-34474: ZTE H298A / H108N routers expose credentials before authentication
54d ago
It seems that FaceTec (ID Verification company) allows for storage of user biometrics
54d ago
Two Microsoft Defender vulnerabilities actively exploited. One grants full SYSTEM access. CISA has a June 3 federal deadline. Here is what to check.
54d ago
Can I block outbound connections to Google cloud on my host firewall? What port? What IP range? Any advice. Trying to prevent Google spying and collecting data
54d ago
What Questions Do You Ask During SSP Control Interviews?
54d ago
Feed The Cat BackDoor
54d ago
Flipper One - Asking for help from the community
54d ago
Flipper One — tech specs
54d ago
Architecture Zero Trust détaillée
54d ago
Cybersecurity in Healthcare
54d ago
Staged publishing for npm packages | npm Docs
54d ago
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros (Yes there is another one, only a CVS 5.5 though this time, still looks pretty bad though)
54d ago
Neither MFA, Passkey, nor trusted IP help here
54d ago
cyber security remote
54d ago
CSIRT incident response
54d ago
Trying to find a graduate role
54d ago
Microsoft warns of new Defender zero-days exploited in attacks
54d ago
what is the best security app option for pixel8a?
54d ago
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
54d ago
IoT Security
54d ago
GitHub links repo breach to TanStack npm supply-chain attack
54d ago
Another working Linux LPE exploit is out. How are teams treating local-only bugs now?
54d ago
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
54d ago
Google publishes exploit code threatening millions of Chromium users
54d ago
landing a remote Vulnerability Management role
54d ago
Three low-hanging vulns in a Rails SaaS: unauthenticated S3 uploads, rate-limit bypass via proxy pool, and OAuth route leaking internals. Full authorized case.
54d ago
I feel like the past month has been more optimistic than in the past with AI taking jobs. Has the market been the same for those hunting?
54d ago
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
54d ago
What volume of TPRM do you handle per month?
54d ago
safest virtual machine?
54d ago
Second Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltration
54d ago
Cybercrime service disrupted for abusing Microsoft platform to sign malware
54d ago
GitHub notifications
55d ago
Is there no more privacy left in the world?
55d ago
Microsoft Edge had a password blunder, and it raises a bigger browser trust problem
55d ago
Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network
55d ago
Aconselhamento / mini texto
55d ago
CISA with an absolutely embarrassing data leak.
55d ago
Microsoft is pulling the plug on SMS codes, wants you to switch to passkeys
55d ago
Anyone else feeling like static AppSec workflows are starting to hit limits?
55d ago
GitHub breach highlights developer tools as part of attack surface
55d ago
Why do some malware use unique user-agent strings?
55d ago
Encrypted emails bypassing email security tool
55d ago
Ctf groups
55d ago
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era
55d ago
Opensource that automatically scans your git repos for breaches
55d ago
CVE-2026-34472: According to ZTE, an unauthenticated auth bypass is just a 'customer-specific low-risk requirement.' MITRE disagreed.
55d ago
Your developers are deploying agents in your production environment right now. You have no governance for it.
55d ago
¿Como me preparo para EC-Council CSA?
55d ago
The IBM X-Force Index 2026 explains all three in one finding.
55d ago
Securing iPad's question
55d ago
Cybersecurity 101
55d ago
What would this job role be?
55d ago
MSPs & MSSPs suck
55d ago
[ Removed by Reddit ]
55d ago
Crossroads
55d ago
Advice regarding "SOC" job that automates everything
55d ago
Is this Medium article about "NetMirror" malware legit?
55d ago
AI silently removed human-in-the-loop security checks during a large refactor. Is this a known phenomenon?
55d ago
Developer tooling is part of the attack surface before a project is even run
55d ago
How the hell do you manage developers, their code, their apps?
55d ago
Hackers Spent Nearly 3 Months Inside the New York City Health System Before Anyone Noticed
55d ago
Do people still rely on antivirus software in 2026, or is built-in security enough now?
55d ago
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
55d ago
Automatic CLI for spinning up vulnerable labs + objectives
55d ago
ISO/IEC 27701 scenario question
55d ago
Discord rolls out end-to-end encryption on voice, video calls
55d ago
GitHub investigates internal repositories breach claimed by TeamPCP
55d ago
Two AI-based science assistants succeed with drug-retargeting tasks
55d ago
America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames
55d ago
An AI coding assistant installed malware into production environments. Nobody typed the command. AMA on what "supply chain attack" means now.
55d ago
New to cybersecurity
55d ago
Anyone interview or work with Moxfive?
55d ago
A stealth Firefox version that passes all anti-bot and CAPTCHA
55d ago
mkPIVM - a polymorphic position-independent shellcode virtualizer
55d ago
Started in IT and need a Cybersecurity Roadmap with my Useless Degree!
55d ago
GitHub announces internal data breached.
55d ago
Roadmap to Cybersecurity roles
55d ago
Malware installed without literally doing anything?
55d ago
CTFs
55d ago
Crossroads
55d ago
Canara Bank SuRaksha Cyber Hackathon 2.0,
55d ago
Anti BOT Tipps und Tricks gesucht.
56d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
56d ago
New to Cybersecurity
56d ago
Is the ISC2 Certified in Cybersecurity worth it?
56d ago
Average Days to Close by Source CNAPP Severity Tag 2026
56d ago
I want free nmap resource
56d ago
If I clear browser history regularly, does it reduce the chances of malware that target browser data?
56d ago
What is next after 1.5 Year as Security Analyst?
56d ago
Analysis advice
56d ago
Stop me if you heard this one before... (YellowKey related)
56d ago
Can you be protected from yellowkey by disabling WinRe? does it work from support os then WinRe?
56d ago
Looking for advice: where should I post/publish CVE write-ups?
56d ago
Cybersecurity statistics of the week (May 11th - May 17th)
56d ago
How can I test my website locally for cybersecurity?
56d ago
Use of coding in security operations
56d ago
Iran demands Big Tech pay fees for undersea Internet cables in Strait of Hormuz
56d ago
Microsoft disrupts cybercrime service that abused software verification systems en masse
56d ago
I've built an open source honeypot probe database accessible via curl, http and mcp
56d ago
6,000+ Automatic Tank Gauges Exposed With No Authentication
56d ago
Twice in two days I've had a MS Auth request from a random device, I changed my password after the first, what more can I do to protect my email?
56d ago
If humans are the weakest link, why won't companies evolve?
56d ago
Someone asks "How much does a VAPT cost?" or "Do we really need a penetration test?"
56d ago
Cloudflare's CISO gives his hands on review of Anthropic's new Mythos LLM
56d ago
Local transcription vs cloud transcription, which actually feels safer?
56d ago
Why do governments and militaries still use what amounts to giant preshared electronic codebooks when we have really good encryption today?
56d ago
Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
56d ago
Shai-Hulud source leak is turning npm malware into a copycat problem
56d ago
Framework for Preventing Secret Ideas from Leakage
56d ago
Local LLM for building AI Security platform
56d ago
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
56d ago
Emerging Cyber security niches
56d ago
ISO/IEC 27701
56d ago
Solo dev building a terminal-heavy hacking game inspired by corporate security
56d ago
Symantec has published its analysis of Fast16: a pre-Stuxnet sabotage tool built to subvert nuclear weapons simulations
56d ago
CS/IT Student Looking to Grow My LinkedIn Network 😃
56d ago
CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models)
56d ago
Is Amazon Cognito a good choice long term? Alternatives?
56d ago
Was hacking easier in the 80s and 90s and early 2000s?
56d ago
Need some Advice in SOAR heavy environment
56d ago
Trying to find serious builders in cybersecurity - not just “let’s build” conversations
56d ago
AI Phishing
56d ago
One Hacked Login Led to a Massive Cloud Breach, Microsoft Reveals
56d ago
How easy is it to get into the cyber security field?
56d ago
314 npm packages just got compromised, 271 @antv, echarts-for-react, size-sensor, timeago.js
56d ago
Frontend SWE (3-4 YOE) looking to pivot to AppSec. Where should I start?
56d ago
‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub — Gizmodo
56d ago
CEH/CPENT vs OSCP vs GPEN
56d ago
ntroducing Yokai Linux — A Cyberpunk Security-Focused Linux Distro”
56d ago
CISA Contractor Admin Leaked AWS GovCloud Keys on Github
56d ago
Suspecious activity in my account
56d ago
Is it safe to use my first name and middle name on platforms?
56d ago
Stuck choosing a cybersecurity specialization — especially with a local market context (Senegal). Need honest advice.
56d ago
Just received an email from shinyhunters about their amtrack hack
56d ago
Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access
56d ago
Bywaf: an auditable Python commandlet framework for chained pentest workflows
56d ago
For anyone currently working in a SOC:
56d ago
Fellow Tier 1 SOC/Security Analysts - What does your day to day look like?
56d ago
How do you threat hunt for RMM tools in environments where RMM is all over the place?
57d ago
Microsoft - "your single use code" email when it was not requested by yourself
57d ago
Directory of vendor security questionnaires
57d ago
Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised
57d ago
MCA student with 2 yrs SOC/VAPT experience struggling to land interviews — looking for guidance/referrals
57d ago
Cybersecurity job market in Phoenix (East/West Valley?) – looking for local insight
57d ago
How is AI affecting the cybersecurity market?
57d ago
MCP security
57d ago
YellowKey Mitigation
57d ago
Anyone else on the receiving end of ShinyHunters extortion email?
57d ago
Ultimate irony: Microsoft researchers say you shouldn’t trust AI with work docs
57d ago
What’s the biggest mistake people still make about online security in 2026?
57d ago
Anthropic shuts the EU out of its most advanced cyber AI model
57d ago
Most AI agent governance playbooks still assume you can turn the agent off... Once its wired into production that stops being true [Rethinking AI security through a dimmer switch lens]
57d ago
Best hotel for attending all three conferences in Vegas?
57d ago
What's your company's actual PQC migration plan? Not the one on paper - the real one.
57d ago
Does buying local cybersecurity (services/products/etc) matter to you?
57d ago
LinkedIn user hides AI prompt injection in bio to force recruitment spam to be sent in Olde English prose
57d ago
Detection Engineering AI Maturity Framework
57d ago
Microsoft code
57d ago
Microsoft confirms Windows 11 security update install issues
57d ago
Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’
57d ago
Exploit available for new DirtyDecrypt Linux root escalation flaw
57d ago
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
57d ago
Suspicious with a company offer letter
57d ago
Direct external access to CyberArk PVWA vs. enforcing a VDI/Jump Box first?
57d ago
Why do some recovery workflows still require full wallet uploads?
57d ago
Need help with interview for soc l1
57d ago
Feeling stuck in SOC want to moving toward Detection Engineering & Cloud Security (need guidance & cert roadmap)
57d ago
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
57d ago
carrer path in cybersecurity for a btech stud
57d ago
Agents usage in production
57d ago
‘Q-Day’ is almost here. It could unleash a cybersecurity crisis far worse than Y2K
57d ago
Are teams still finding AI API keys in public repos?
57d ago
Mentorship Monday - Post All Career, Education and Job questions here!
57d ago
Mean time-to-exploit just hit 2.1 days. Critical vulnerabilities everywhere. Is the AI apocalypse here?
57d ago
Does the CBP bug phones?
57d ago
What We Learned Building Runtime Visibility for Modern Telco Networks
57d ago
Ive got my Spotify account hacked! How do I solve this?
57d ago
The Politics of AI Transparency
57d ago
A million baby monitors and security cameras were easily viewable by hackers
57d ago
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
57d ago
Is cybersecurity becoming more behavioral than technical?
57d ago
Questions About Promo Items for a Cybersecurity Conference
57d ago
Dois-je m'inquiéter ?
58d ago
I am dying to work abroad , rate my journey so far
58d ago
Microsoft - "Your single use code" email when it was not requested
58d ago
Security / Compliance work going Agentic?
58d ago
Don't believe the media, specially in cybersec
58d ago
Microsoft account keeps getting Authenticator requests?
58d ago
[Tool] Grafana Final Scanner - Mass CVE Testing Script with All Public CVEs Aggregated.
58d ago
Struggling to generate security bulletins — any ideas?
58d ago
Certs to go into Security Engineer/architect
58d ago
18882745552 beware of email with this number
58d ago
Transition from traditional penetration testing into AI security
58d ago
Seeking advice on next career steps
58d ago
Will the analyst role become obsolete?
58d ago
Alert Fatigue
58d ago
Best path into cybersecurity for a high schooler?
58d ago
Keep getting hacked
58d ago
How Do I implement sessions management in a vibe coded app ? Also suggest sessions management best practices
58d ago
I’m interested in joining the Red Team Hackers Academy in Bangalore.
58d ago
A clueless teenager 💔
58d ago
Complete beginner looking to learn cybersecurity for personal/everyday use. Where to start?
58d ago
Am I overthinking Claude Code security or is this actually a risk?
58d ago
is someone know about shadow ai and can give me an explain about this im junior in cyber and i hear about this
58d ago
ISO/IEC 27701 ( SoA ) Applicability
58d ago
Security Executive Playbook
58d ago
This article about AI allucinations written by thehackernews, is literally written with AI lol... We need to do something to stop this phenomenon
58d ago
I feel crazy I hope someone has insight .
58d ago
ΡHANTΟΜ Al-Powered Pentesting Command Center
58d ago
Interview Assessments
58d ago
We built a blue-team mode for AI security training — you write a defensive prompt, we throw 12 attack probes at it
58d ago
Questions about data blockers
58d ago
Post Implementation task
58d ago
Mythos, MOAK, CTEM and the End of CVE Chasing
58d ago
Cyber security jobs in Austria
58d ago
Personal favorite deception layer.
58d ago
Estudiar Ciberseguridad
58d ago
Learning way
59d ago
How do you report large volume detections to a CISO without making the BPA report a SOC story?
59d ago
Can anyone share bugbase platform screenshot having professional usage on dashboard?
59d ago
CTO at NCSC Summary: week ending May 17th
59d ago
Security Executive Playbook
59d ago
Tired of tab-switching between CTI tools - here's what we put together
59d ago
I contributed to an open-source Bluetooth stress testing tool that just got a major algorithm refactor
59d ago
In Cybersecurity
59d ago
Anyone else feel like most MSP tooling is either overkill or painfully manual?
59d ago
Thinkpad vs Macbook pro endpoint security
59d ago
Any more affordable alternatives to “IntelligenceX”?
59d ago
Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran
59d ago
tanstack checker github action
59d ago
Drivers Alpha AWUS036AXML
59d ago
Splunk download for free
59d ago
Funnel Builder WordPress plugin bug exploited to steal credit cards
59d ago
Anyone here using pager duty?
59d ago
Scammer targeting posters
59d ago
Seeking advice
59d ago
Looking for Free Cybersecurity Conferences & Meetups in Europe (September 2026)
59d ago
Just got an email about a single use code, maybe someone was trying to log in?
59d ago
Can a background in DevOps enter the cybersecurity field?
59d ago
Using ai in learning
59d ago
Avanzamento area Blue Team/SOC
59d ago
Please what could be helpful
59d ago
CVE exploit chain
59d ago
What are the widely accepted SaaS security accreditations/audits an app should seek in fintech
59d ago
Preparing for The Quantum Era: AT&T Business Debuts Post-Quantum Cryptography Secure SD-WAN, Powered by Cisco
59d ago
Major flaw in Indian Cyber and IT assurance landscape
59d ago
Red Team Ops Ⅱ ( CRTL ) exam preparation
59d ago
Recomendations
59d ago
Recommended cybersecurity certification for a UX designer new to the domain?
59d ago
insdubai.com: Motor insurance policies, data of insured persons was exposed on an unprotected server
59d ago
Career path
59d ago
Merit America offers a program that gets you into cyber security roles.
59d ago
Brovan: Binary user-mode emulator for x86_64
59d ago
AmEx Interview!
59d ago
Developer credential-stealing pipeline also collected operator workstations
59d ago
need help building a case.
59d ago
Personal favorite SIEM platform?
59d ago
Cardputer ADV
59d ago
Alternative for Qualys
59d ago
The 4th Linux kernel flaw this month can lead to stolen SSH host keys
59d ago
Stack Buffer Overflow Explained (Using a Classic Doom Bug)
60d ago
Confused about cybersecurity career
60d ago
Transferring from pen test consulting to application security?
60d ago
Curso de especializacion de Ciberseguridad
60d ago
Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox?
60d ago
Lost, tempted to throw in the towel
60d ago
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
60d ago
I open-sourced a Docker security scanner I use to audit all my websites
60d ago
Testing Deception Technique
60d ago
A malware got into my account and spread spam ad to my friends and relatives
60d ago
North Korean Hackers Now Using AI? Kaspersky Warns of New Cyber Threat Targeting South Korean Govt Systems
60d ago
Most pentest reports I review are padded with garbage findings
60d ago
Cyber Essentials and use of third party websites - MFA
60d ago
Rapid 7 and Cisa Kev
60d ago
Anyone know much about MS Defender?
60d ago
EN18031 for IoT: struggling to see the big picture — advice from experienced people?
60d ago
Automating Code Security Reviews
60d ago
New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available
60d ago
AI coding tools on developer machines — looking for input on how you're handling it
60d ago
Chrome 148 Update Patches Critical Vulnerabilities
60d ago
Microsoft warns of Exchange zero-day flaw exploited in attacks
60d ago
I need help. i am lost
60d ago
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defence
60d ago
Physical red teaming: 7 low‑tech paths we keep finding into ‘secure’ environments
60d ago
SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not?
60d ago
I'm going crazy. At the application level what I can actually do to prevent DDos?
60d ago
Is anyone enrolled in Intellipaat's cybersecurity course?
60d ago
Will AI Replace Cybersecurity Jobs?
60d ago
What's best certification choice after OSWE
60d ago
Facebook Page Call Slipping through Sleep mode
60d ago
ssh-keysign-pwn: Linux LPE allows unprivileged users to read root-owned files. PoC with SSH server privkey
60d ago
New Linux LPE allows local users to read any file, including privkeys
60d ago
A fix for the previous Linux kernel critical exploit has seemingly introduced another critical local privilege escalation exploit, a third in two weeks.
60d ago
Your experience as IT Admin on Alerts
60d ago
Slow-drip responses as a bot defense: streaming fake credentials 3 bytes at a time
60d ago
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
60d ago
Discord VC lag Exploit
60d ago
FrostyNeighbor: Fresh mischief and digital shenanigans
60d ago
Bug FB - Inicio de sesion por password
60d ago
Does anyone know how to configure EVILGINX for testing
60d ago
How long does it take to get familiar with a tool
60d ago
Scam website
60d ago
ANTS Hack: 19 million records exposed in French ID agency breach
60d ago
Is it really that easy to obtain SMS codes using an SS7 attack?
60d ago
AI coding tools are shipping code faster than security can review it. What's your team doing about it
60d ago
Interview for AI security engineer position at a fortune 500 company
60d ago
How’s the job market for Senior AppSec Engineers? How are the interviews?
60d ago
Has anyone read "The Art of Deception"? How does it hold up to now?
60d ago
Is metadata protection becoming more important than traditional endpoint security for ordinary users?
60d ago
Zero trust in hybrid environments - what's actually worked for you
60d ago
Have you encountered issues with CSAF advisories in practice?
60d ago
Zero trust in hybrid environments - what's actually working for you
60d ago
OpenAI confirms security breach in TanStack supply chain attack
60d ago
Bachelors Degree Options
60d ago
I need help protecting my privacy
61d ago
Free Threat Intellegence
61d ago
What discovery in cybersecurity amazed you the most?
61d ago
Scholarship for Service
61d ago
For teams archiving logs outside the SIEM: how often do you actually query them, and for what reasons?
61d ago
Another day, another supply chain
61d ago
How often do you actually see SSRF exploited in real incidents vs just discussed in CTFs/blogs?
61d ago
Teaching Linux+ & CEH.....
61d ago
Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon
61d ago
SIEM use case development
61d ago
JFrog vs Mend as Scanners
61d ago
KQLab - open-source query manager for SOC teams
61d ago
Which Vendors Publish the Best (or Worst) Security Advisories?
61d ago
Synthetic training data vs. real attack telemetry — does it actually matter?
61d ago
Operative IT-Sicherheit | SIEM & Splunk
61d ago
SOC not for junior level?
61d ago
Cybersecurity at MSG
61d ago
pii-tools.com reputable?
61d ago
Hey all! sharing this week's issue I wrote on the TeamPCP supply chain compromise
61d ago
Contract jobs worth the risk?
61d ago
HackTheBoxAcademy vs LetsDefend vs CyberDefenders
61d ago
Automating code security reviews with Claude: near Mythos-level capabilities at lower cost
61d ago
Making Right Career Decision?
61d ago
I tried using apparmor (linux security) but it doesn't seem to work very well
61d ago
Level Effect AMA! Former NSA Operators turned EDR developers and trainers in 2020. We’ve seen a lot of trends over the years and want to start being active in r/cybersecurity giving back. Ask us anything!
61d ago
Struggling to Stay Up to Date With Vulnerabilities
61d ago
How to Transfer files Safely from a Compromised (work) Device
61d ago
Two brothers deleted 96 federal databases after being fired – one googled how to hide the evidence afterward
61d ago
Multiple data breaches in one week
61d ago
How are small security teams handling vulnerability overload now?
61d ago
Concerns mount that EU will demand age verification for VPNs
61d ago
Automating code security reviews: Claude Mythos-level capabilities with lower cost
61d ago
The Rare Patch: A Digital Sovereignty Challenge
61d ago
Advise
61d ago
GRC
61d ago
Admins and Engineers
61d ago
Microsoft's multi-agent AI system tops Anthropic's Mythos on cybersecurity benchmark
61d ago
Prompt injection in browser coding agents is the threat model nobody is ready for
61d ago
New Fragnesia Linux flaw lets attackers gain root privileges
61d ago
Transition from MSP to Network Engineering?
61d ago
So called “off grid” method
61d ago
Convince me I’m not paranoid: a unique hacking situation.
61d ago
Hunting the Behavior Behind npm Supply Chain Attacks
61d ago
Question for AppSec Members
61d ago
Beginners guide to Google Dorks by Heisenberg
61d ago
Alguém sabe algo sobre raven eye technology
61d ago
Gophish Porject - Requirement
61d ago
Security Team Won’t Assess Risk
61d ago
Trusted Unknown Apps Protocol (TUAP) – A Global Behavior‑Based Security Framework
61d ago
Microsoft’s new multi-model agentic security system tops leading industry benchmark
61d ago
Microsoft MDASH Deployment Identifies 16 Windows Flaws via 100+ AI Agents
61d ago
Overwhelmed on how to enter the job market.
61d ago
Social media scam bill targets tech giants as New Yorkers lose billions
61d ago
What are the biggest technical & cultural hurdles you’re facing right now?
61d ago
CISSP / CCSP training - Experienced engineer
61d ago
Vulnerability in Canvas/Instructure Support Tickets had part in breach?
61d ago
is malwarefox legit?
62d ago
what lab to learn zero trust?
62d ago
Anyone else got a bunch of emails leaked by Samsung?
62d ago
This is what some the world's largest banks of malware look like stacked as hard drives
62d ago
I need feedback on my project please
62d ago
would like to understand the role of "Cyber Insurance UnderWriters"
62d ago
Free on-device tool for monitoring AI traffic on macOS — visibility before policy
62d ago
Is secure evidence handling and controlled derivative file sharing needed?
62d ago
Will Adding Some Certifications Help Me in the Job Market?
62d ago
Linux driver posted for Intel Silicon Security Engine Interface "ISSEI"
62d ago
Hello guys I am hearing everywhere Cybersecurity is the most demanding Subject. If it is true then where can I learn and get certified?
62d ago
Fragnesia made public as latest Linux local privilege escalation vulnerability
62d ago
HP ZBook Fury G8 vs ThinkPad T Series for Cybersecurity?
62d ago
NIST is surrendering to the amount of CVEs coming in
62d ago
Military Veteran looking to get into the Cyber Field
62d ago
Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor
62d ago
Post-quantum audit substrate for critical national infrastructure. The NCSC 2031 high-priority deadline reframed as an operator-side playbook.
62d ago
Cve apis for a database
62d ago
Empresas de Cyberseguridad en Mexico (Reacciones)
62d ago
Joined a new company: GRC landscape advice
62d ago
Removing admin rights
62d ago
a leak from "the gentleman" ransomware group confirms Infostealers were often used to establish initial access
62d ago
FamousSparrow's evolved DLL sideloading - execution gated behind the host app's normal control flow
62d ago
Golden years for cyber security about to start?
62d ago
A stealth approach to Process Injection - EntryPoint Hijacking
62d ago
Detecting CopyFail and DirtyFrag by thinking outside the box
62d ago
Adaptive Behavioral Identity: A Human‑First Model for Symbiotic Security
62d ago
Career advice
62d ago
The exponential rise of economic damage caused by cyber-crime continues
62d ago
Today's cybersecurity systems are not ready for AI
62d ago
Are certifications worth it, or do practical skills matter more?
62d ago
[Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible)
62d ago
Claude Mythos technical breakdown: CVE-2026-4747 ROP chain, OpenBSD SACK integer overflow, Linux 1-bit OOB-to-root, and what AISLE's reproductions actually showed
62d ago
Apple Supplier Foxconn in Taiwan Confirms Cyberattack After Ransomware Gang Claims 8TB Data Theft
62d ago
What to do after security+
62d ago
AI-Generated Fake Marketplaces Are Poisoning Search Results and Stealing Card Data
62d ago
Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub
62d ago
Is it realistic to move from Tech Risk/GRC into technical cybersecurity?
62d ago
Are IPhone autofill passwords safe to use?
62d ago
Access approvals happen over Slack dm and I don't know how to present that to an auditor
62d ago
🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline
62d ago
China is going dark to develop its own Mythos, German cyber chief fears
62d ago
Is prompt injection a real problem for you?
62d ago
New Exim BDAT bug shows why “just patch the mail server” is still not simple
62d ago
Microsoft France's legal affairs director told the French Senate, under oath, that he can't guarantee European "sovereign cloud" data stays out of US reach
62d ago
Cybersecurity guide
62d ago
[Conseil Orientation] LP ASUR (ANSSI) après une L3 Générale pour viser un Master Cyber ?
62d ago
How you guys rate Google Cyber security course and certificate out of 10 !?
62d ago
Cyebrsecurity Startup Advice
62d ago
Can anyone give a real world based AI based attack?
62d ago
How worried should we be about AI powered cyberattacks?
62d ago
Built STIS-ICS — an open ICS/OT security learning project
62d ago
OS scanner that checks repos for traces of the Shai Hulud worm
62d ago
Foxconn Ransomware Attack Shows Nothing Is Safe Forever
62d ago
Open-source CLI for testing LLM agents across prompt, tool, and replay boundaries
62d ago
AI Vulnerability Research and the Fuzzer Era Déjà Vu
62d ago
Explorer shows random letter/number filenames before copying my actual files — normal behavior?
62d ago
Zscaler AI Security Capabilities ?
62d ago
Cybersecurity degree
62d ago
Disgruntled researcher who dropped BlueHammer and RedSun drops two new Windows 11 zero-days: A Bitlocker bypass, nicknamed YellowKey, and LPE, nicknamed GreenPlasma
62d ago
Cyber security
62d ago
New York Senate takes on junk fees, digital subscriptions, surveillance pricing
62d ago
Cybersecurity statistics of the week (May 4th - May 10th)
63d ago
Feels like AI changed the speed of attacks more than most companies want to admit
63d ago
Anyone used Kasm or ReplicaCyber?
63d ago
Škoda warns of customer data breach after online shop hack
63d ago
Google launches new Android security feature to help uncover spyware attacks
63d ago
Fancy Bear: Stealing Credentials Invisibly
63d ago
Nightmare Eclipse has published Greenplasma and YellowKey
63d ago
Copilot Agent
63d ago
What SANS cert I should consider acquiring (from my job)? Most useful ones or one that goes across many roles?
63d ago
Career Advice
63d ago
Anyone else exhausted by the nonstop AI hype?
63d ago
Reviewing the trends in ransomware attacks in 2026
63d ago
Is It a Good Idea to Change Jobs Shortly After Getting Hired?
63d ago
SSO makes life easier but MFA keeps it safe, do we actually need both?
63d ago
Didn’t land a Cybersecurity internship—starting IT Support for POS systems. Tips on maximizing my off-hours?
63d ago
How are SOC teams actually deciding what not to investigate anymore?
63d ago
Spam calls on this number he was distrubing a girl idk about this guy but the girl placed an order on blinkit and he started acting that he's not able to find the location so she gave her number on ws and now he's spamming unecessarily
63d ago
Chris Cochran at SANS Institute: AMA about the AI Security Maturity Model we just released.
63d ago
Has anyone tryed this out yet?
63d ago
The frontier model caught my prompt injection but the cheaper fallback didn't (and most devs have no idea which one they're on..)
63d ago
Switching to Cyber
63d ago
Nitrogen ransomware group claims Foxconn after Wisconsin plant outage
63d ago
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
63d ago
Using Cape Sandbox for Phishing Analysis
63d ago
Canvas hack: company pays criminals to delete students' stolen data
63d ago
i have 1 year of experience as product security intern. Please let me know if there are any job oppurtunities available for freshers. I have to start earning.
63d ago
AI integrations are quietly creating a new OAuth supply-chain problem
63d ago
Instructure reaches 'agreement' with ShinyHunters to stop data leak
63d ago
UnMapper: a tool that crawls a target, finds its JavaScript, and reconstructs the original source tree from any sourcemaps it ships
63d ago
Hardcoded secrets in Git
63d ago
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
63d ago
UK water company allowed hackers to lurk undetected for nearly two years, regulator finds
63d ago
New ipTIME Pre-Auth RCE in CWMP
63d ago
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
63d ago
Is my phone hacked?
63d ago
Switched to a grc role after a year in SOC L1
63d ago
Forecasting Lazarus Crypto Heists
63d ago
Infrastructure Security Incident Update & FAQs
63d ago
Mini Shai-Hulud npm worm compromises 160+ packages, abuses GitHub Actions cache + Trusted Publishing. Full list of compromised packages
63d ago
In Depth Guide To VM Based Obfuscation - What it is and how to handle it.
63d ago
Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective
63d ago
Transitioned to GRC
63d ago
Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages
63d ago
German cybersecurity official warns China is close to developing AI superhacker
63d ago
Google Detects First AI-Generated Zero-Day Exploit
63d ago
“DCSA agent” calling IT Help Desk to be transferred to employees they are investigating for a clearance
63d ago
Instructure/ canvas paid the ransom?
63d ago
Troca emprego - big para consultoria ou fintech - Pentester/Red Team
63d ago
Finally, texts between Android and iPhone users can be end-to-end encrypted
63d ago
Official CheckMarx Jenkins package compromised with infostealer
63d ago
IMF warns of the potential for AI attacks on global financial systems
63d ago
🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline
63d ago
Cookie thieves caught stealing dev secrets via fake Claude Code installers
63d ago
Pwn2Own 2026 Capacity Overflow, Hackers Drop 0-Days Solo
63d ago
MS Defender on OT Network
63d ago
A fateful question
64d ago
SC-900 or SC-400
64d ago
What are your security non-negotiables?
64d ago
Losing my path
64d ago
Axon-captcha
64d ago
What makes companies trust small cybersecurity vendors?
64d ago
Hathor Wallet Daemon (headless) Has Fail-Open Auth – Notified via Immunefi but Closed as “User Responsibility”
64d ago
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
64d ago
Foxconn Wisconsin breach reportedly linked to Nitrogen ransomware, 8TB data theft claim
64d ago
These Extensions are Scraping Your AI Chats, are you affected?
64d ago
Be careful with your Git: Investigating malware spreading through Git repositories
64d ago
Training and Phishing
64d ago
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
64d ago
AI-powered hacking has exploded into industrial-scale threat, Google says
64d ago
Apple closed my bug report 4 times. MITRE wouldn't let it die.
64d ago
NASA Investigators Expose a Chinese National Phishing for Defense Software - NASA OIG
64d ago
Google spotted an AI-developed zero-day before attackers could use it
64d ago
beginner doubt
64d ago
I got my CEH Certification. SO what now?
64d ago
Construction to Cyber PM
64d ago
[ Removed by Reddit ]
64d ago
Something got downloaded on my phone and then dissappeared
64d ago
Bleeding Llama
64d ago
Do accountants even care about cybersecurityas much?
64d ago
Where Have All the Complex Windows Malware and Their Analyses Gone?
64d ago
Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust
64d ago
Was the reconnaissance in Bugbounty overrated?
64d ago
Cybersecurity beginner building an experimental log analyzer — looking for advice
64d ago
Anyone else worried about AI being a security nightmare?
64d ago
Snyk not working
64d ago
Malicious tenants paid us to abuse our RMM. We blocked them
64d ago
Help reasuring parents with an email parsing tool (i will not promote)
64d ago
DFIR practitioner thinking about starting my own LLC to subcontract IR services to MSPs. Is there actually demand for this?
64d ago
cPanel & WHM Vulnerabilities Patched -DoS, Account Abuse & Security Risks Affect Hosting Servers
64d ago
5 years as a Level 1 Security Analyst and wanting to transition into consulting
64d ago
GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass
64d ago
New into network pentesting.
64d ago
Is it worth it to switching field to cybersecurity ?
64d ago
Neeed help to get cybersecurity internship.
64d ago
Mentorship Monday - Post All Career, Education and Job questions here!
64d ago
Cybersecurity and ADHD
64d ago
Anyone dealt with a VulDB submission rejection? Resubmit or reply?
64d ago
ISO 27001 certification: what auditors actually focus on versus what most teams spend time preparing
65d ago
I have a malware and need help removing it. someone please help me 🙏
65d ago
I'm starting to see a growth of apps in my org. I'd love to know how you defend against this/ secure it, and if it's happening to you too?
65d ago
EasySec - Update
65d ago
What is the cybersecurity equivalent of leaving your spare key under the doormat?
65d ago
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
65d ago
VICE: Cyberwar | Full Season 2 | Blueprint
65d ago
Linux Kernel Killswitch Proposed After Recent Vulnerability Disclosures
65d ago
Email OTP as default (often ONLY) password isn’t the solution
65d ago
Soc analyse
65d ago
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
65d ago
Price rising
65d ago
AI Can Boost Cyber Defence But Poor Governance and Overreliance May Create New Risks, Warns WEF-KPMG Report
65d ago
Possible security incident against Arup Group
65d ago
Can honeypots be used this way?
65d ago
I think AI just quietly killed the 90-day disclosure window.
65d ago
TCM and Educate 360 are bugged
65d ago
Got an alert from google what should I do?
65d ago
UK jobs
65d ago
Need help debugging a school ZIP password-cracking lab setup pleaseeeee🙏
65d ago
Worst company
65d ago
Built a platform that combines phishing detection, encrypted file sharing, and cloud security scanning
65d ago
Msc Cybersecurity - dissertation ideas ( something that can be done in 3 or less months)
65d ago
ARGUS: 15 Production-Realistic Vulnerable AI Agent Targets for Red Teaming (Docker + Canary Scoring)
65d ago
App Store Question - Darato Sport / Dofu Sport / Kofu
65d ago
Help! - My Parents Computer is Hacked
65d ago
Ran lumma stealer from a recaptcha scam
65d ago
Port 5986 question
65d ago
CVE-2026-44843: One Chat Message Steals Your Credentials. Then It Gets Worse!
65d ago
cyber security/ segurança da informação
65d ago
College student hacks Taiwan high-speed rail line with software defined radios, stopping four trains
65d ago
Help with an Escalating Cyber-Stalker
65d ago
RRW - Rick Roll WiFi
65d ago
Best resources to start learning python for cybersecurity and automation
65d ago
Mythos AI is a cybersecurity threat, but it doesn’t rewrite the rules of the game.
66d ago
JDownloader site hacked to replace installers with Python RAT malware
66d ago
How can I fix my browser remembering what he had open last
66d ago
MS 360 CoPilot issues
66d ago
I run a malware and was wondering if its a rat or rootkit or dangerous stuff and how do i fix my pc (my dad gave ts to me can't lose it) i can give out any specific details
66d ago
ShinyHunters claims 275M records from Canvas LMS breach. 9,000 schools hit. Ransom deadline May 12.
66d ago
eBPF LSM runtime security agent for synchronous file/network denial — looking for technical feedback
66d ago
I keep seeing "what E8 maturity level should we target?" — here's the practical answer no one tells you
66d ago
OWASP TOP 10 LLM 2026 Community voting
66d ago
Second security incident at Instructure (Canvas)
66d ago
UK Advice Needed - VA+ Training?
66d ago
Gateweb - Secure Web Gateway
66d ago
Those who are in Detection engineering
66d ago
Can someone tell me of a trustable hacker?
66d ago
MSPs, how are you handling AI usage across your customer environments today?
66d ago
Shadow SSDT Hijacking: Achieving Kernel Code Execution via Read-Write
66d ago
How do i protect confidential data from unrestricted AI usage as a bank- what are good tools out there?
66d ago
ecpptv3 Exam in 3–4 Days —
66d ago
AI SECURITY: THE DEFINITIVE GUIDE — PART III | THE FINAL CHAPTER | COMMUNITY CISO SERIES
66d ago
Did CISA helped you land a job ?
66d ago
CTO at NCSC Summary: week ending May 10th
66d ago
pre pre junior needs help(guidance pls)
66d ago
Trojan malware
66d ago
SANs Courses: How do people get their employers to pay?
66d ago
NIS2 Article 21: turning compliance controls into technical security evidence
66d ago
This GBA Rom is making is having a weird behavior in the Sandbox, why?
66d ago
Why AI agent governance feels harder than traditional security models
66d ago
Confused about what certs are important
66d ago
Would getting Security+ be worthless for me?
66d ago
Submit probe test — shadow DOM click
66d ago
Threat intelligence in OT (Power equipments)
66d ago
SOC Analyst
67d ago
PAWs, PAM and PIM..what is best practice?
67d ago
This is the most in-depth analysis I have found on the Instructure/Canvas breach so far.
67d ago
Poland says hackers breached water treatment plants, and the U.S. is facing the same threat
67d ago
Millions of students are locked out. Canvas is down. And the notorious hacker group ShinyHunters has given Instructure a terrifying ultimatum: Pay the ransom by May 12, 2026, or the private data of potentially millions of users will be leaked to the dark web.
67d ago
Quacc++: Automated Open Source Vulnerability Discovery
67d ago
60% of MD5 password hashes are crackable in under an hour
67d ago
Built a correlation engine that chains AD findings into attack paths automatically.
67d ago
Dirty Frag in Kubernetes: unset seccomp behaved like Unconfined in our EKS/GKE tests
67d ago
JDownloader's official website delivered Python RAT
67d ago
Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854)
67d ago
ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12.
67d ago
Note taking apps and advice
67d ago
IMF Warns AI Could Trigger Global Financial Cyber Crisis
67d ago
New Linux 'Dirty Frag' zero-day gives root on all major distros
67d ago
Is the ISC2 Cybersecurity program still worth it?
67d ago
Canvas getting hit during finals week shows how fragile “critical SaaS” has become
67d ago
Are websites exposed to the internet under attack almost every hour, even if they're small?
67d ago
Devastating 'Dirty Frag' exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken
67d ago
What the **** is happening in cybersecurity space ?
67d ago
Canvas is back up, but now what?
67d ago
Instagram is getting rid of end to end encryption, what now?
67d ago
New “Dirty Frag” Linux Kernel Vulnerability Could Lead to Root Escalation
67d ago
Reported a Broken Access Control bug to Instructure via bugcrowd 11 months ago, and also sent directly to canvas and instructure since I didn’t really care about the bounty. It was deemed "not applicable".
67d ago
Did I fu by opening an (archived) Onion .txt link posted by the cybercriminal group?
67d ago
Cushman and Wakefield confirms cyberattack
67d ago
Egnyte potential ransomware attack
67d ago
So canvas is down, what'll happen if they can't come to an argreement?
67d ago
Canvas (used by 275M students) was just hacked. Here's exactly what was stolen and what you need to do right now.
67d ago
/Why/ is Shinyhunters targeting Canvas?
67d ago
Canvas Hack - Any Guesses How?
67d ago
Should I build a virtual or physical lab?
67d ago
Instructure (Canvas) Breached by Shiny Hunters — 275M Records from ~9,000 Schools/Universities, Ransom Deadline May 12
67d ago
Engineering a Zero-Trust Kubernetes SIEM: Bypassing NAT Blindness with eBPF, TC, and Suricata
67d ago
Audit/Cybersecurity
67d ago
Issues removing Trellix (and specifically solidifier)
67d ago
Pentagon eyes 3-year cyber training requirement, overriding new Army policy
67d ago
How much personal info will be leaked by the recent Canvas hack??
67d ago
Dirty Frag and canvas
67d ago
Hackers deface school login pages after claiming another Instructure hack
67d ago
Did I destroy my career by being loyal to an arguably good company?
67d ago
V4bel/dirtyfrag - Universal Linux Local Privilege Escalation
67d ago
What is CYBERRANT?
67d ago
Canvas is down as ShinyHunters hack forces outage
67d ago
New Dirty Frag Linux Bug Emerges in Wake of Copy Fail
67d ago
Heads up: AWS Educate Canvas login page may be compromised. Saw what looks like a ShinyHunters defacement page today.
67d ago
How is GRC work in a MSSP?
67d ago
SH and BF phishing console
67d ago
Finally switching over from Authy 2FA. What is the better alternative, 2FAS or Ente Auth?
68d ago
Socure authenticating AI identity as real.
68d ago
Automated SSL Certificate Renewals - What is your setup?
68d ago
Shinyhunters and Canvas
68d ago
What Cli execution do you use for a script file?
68d ago
Fiserv security incident - data breach notice
68d ago
Linux attacks seem to be shifting from “servers” to DevOps and supply chain environments
68d ago
I graduate next year with a Cybersecurity degree.
68d ago
Asking about Cortex
68d ago
Apache Caldera
68d ago
What’s the “unsexy” problem in cyber that’s actually a total disaster?
68d ago
Critical vm2 Sandbox Escape Vulnerabilities Expose Node.js Apps to Full Host RCE
68d ago
As a developer, should I use AI to improve security?
68d ago
My company has an MSP that manages our employee endpoints but we cant access the software they use to manage
68d ago
Americans sentenced for running 'laptop farms' for North Korea
68d ago
Is my laptop hijacked ?
68d ago
claude ai gave security beta to Enterprise plans only what can we do as pentesters?
68d ago
Massive .de DNSSEC Failure Took Large Parts of Germany’s Web Offline
68d ago
Advice for path to land job SOC in France
68d ago
Possible Major Vulnerability: Chromium used by current version of PRTG
68d ago
Mythos AI may be a cybersecurity threat, but it follows the rules of the game
68d ago
Control Checks using AI.
68d ago
How do native password managers clear the clipboard?
68d ago
Graduating CS Student but Wanna Start my Career in Cybersecurity
68d ago
Claude-Themed Malware Campaigns
68d ago
DeepFake it till you make it.
68d ago
The 12 ways AI agents fail in production. A taxonomy for security teams reviewing agent deployments
68d ago
What niche in cybersecurity should I go for, with my background in Angular & .NET ?
68d ago
Successor for Kaspersky Endpoint Security
68d ago
Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago
68d ago
SOC Analyst tier 1 (Entry Level) ??
68d ago
Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this.
68d ago
Made cybersecurity merch as an infosec practitioner — honest feedback welcome
68d ago
As AI agents become users of company data - what is needed to keep data secure?
68d ago
Wrote an extremely detailed 11-article series on attacking and defending APIs - top 10 vulnerabilities.
68d ago
AI inference is quietly becoming a security problem
68d ago
is winrar 7.13 vulnerable to extraction exploits?
68d ago
Tried explaining internet encryption in a beginner-friendly but accurate way, feedback?
68d ago
Is the EC-Council CTIA Certification Worth It for Career Growth?
68d ago
POC Android vuln 2026
68d ago
Credential caching is an unsolved architectural tradeoff, and we should stop pretending otherwise
68d ago
Opinions on Mimecast
68d ago
What's going on in the field of Cybersecurity 🫣.
68d ago
How do teams preserve institutional pentest knowledge when senior testers leave?
68d ago
CVE-2026-32710 MariaDB JSON_SCHEMA_VALID heap buffer overflow leading to RCE
68d ago
Sophos NDR on Proxmox
68d ago
On today's earnings call, IONQ just said they expect to meet Q-Day requirements by 2028-2029.
68d ago
DOJ says ransomware gang tapped into Russian government databases
68d ago
DAEMON Tools devs confirm breach, release malware-free version
68d ago
Have there been instances where your SOC has suffered a cybersecurity attack?
68d ago
OpenCTI founder, Samuel Hassine, arrested and charged with CSAM
69d ago
Deepfake Platform
69d ago
Trellix Licence Query
69d ago
Instructure hacker claims data theft from 8,800 schools, universities
69d ago
Is AI generated code creating a non-linear security problem for AppSec teams?
69d ago
D.H.S. Intelligence Office Did Not Properly Secure Smartphones, Watchdog Says
69d ago
Evaluating Microsoft 365 vs Third‑Party Tools for Email and Endpoint Security
69d ago
Norton Antivirus and Other Norton Software
69d ago
Would you take a promotion to work 100% in office that you’ve been working towards or same pay but work from home?
69d ago
We scanned 200 high-star MCP servers. 205 critical findings. Here are 4 novel attack classes.
69d ago
Download a malware a while ago, someone trying to log into my ios account
69d ago
Org Restructure
69d ago
Does SOC 2 actually reduce questionnaires, or just change them?
69d ago
Google VRP dismissed a systemic Play Store bypass as "Intended Behavior" after 24 internal views
69d ago
How do investigators or cybersecurity researchers correlate online accounts (like Instagram profiles) with IP/network information legally and ethically?
69d ago
Ran phishing awareness training for 200+ non-tech employees
69d ago
Proprietary Software, Hardware and Protocols Face AI-Driven Security Risk
69d ago
Vulnerability Garden
69d ago
Palo Alto Firewall Zero-Day Under Active Exploitation
69d ago
Cyber Security Militias
69d ago
Hidden domain dependencies in AI stacks: expired domains, dangling DNS, and takeover risk
69d ago
CyberSecurity Nightmares
69d ago
Can I use NanoKVM if it's just to turn on pc?
69d ago
got listbombed on my waitlist with 1000 fake adresses, i tried to make some security changes maybe i missed something?
69d ago
How to learn tools for cybersecurity?
69d ago
'CopyFail' attackers start cashing in on Linux flaw
69d ago
Anybodybodybdown for a team/studygroup?
69d ago
I was hacked due to sim card spoofing
69d ago
Chrome is quietly installing a 4GB AI model on your device
69d ago
Dev vs Security role
69d ago
Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
69d ago
Oracle Debuts Monthly Critical Security Patch Updates
69d ago
Sec engineer / developer?
69d ago
When doing bug bounty, do you usually immerse yourself in 2 or 3 specific domains (ones where vulnerabilities are likely to exist) and focus all your testing efforts on them?
69d ago
Are we actually seeing more vulnerabilities or just more noise?
69d ago
Cybersecurity jobs in red team
69d ago
Question
69d ago
What’s the biggest mistake people make even after installing antivirus?
69d ago
New dashboard tracks ransomware groups by their reliance on Infostealer credentials
69d ago
What would you say if your security lead said this...
69d ago
What would be the goto setup in AWS for security purposes?
69d ago
CREST CRT Exam 2025/2026 Experiences
69d ago
Microsoft Edge stores your passwords in plaintext RAM... on purpose
69d ago
Como começar?
69d ago
Possible Password Leak? Curious if Anyone Has Seen This Before
69d ago
Not a Hack. A Handout. Inside the GTFOice.org Data Exposure
69d ago
Besoin de conseils sur une DMZ automatisée
69d ago
Microsoft, Google and xAI will let the government test their AI models before launch
69d ago
Android ADB Auth Bypass Proof-of-Concept: CVE-2026-0073
69d ago
SMB Header Signature for Tagging in Firewall
69d ago
Question regarding VDP
69d ago
Working on what i should do for the next 3 years
69d ago
Question for Security Professionals
69d ago
Do tech companies lifecycle-manage public DNS records to prevent dangling DNS?
69d ago
Vulnerability Summary for the Week of April 27, 2026
69d ago
Cisco releases open-source ‘DNA test for AI models’
70d ago
Cybersecurity is becoming too AI dependent is that a problem
70d ago
Foxconn Wisconsin outage raises cyber questions
70d ago
How stressful is GRC?
70d ago
Anyone remember areyoufearless.com / “Free Gobo”? Early 2000s hacker forum nostalgia
70d ago
Have CEH certification – looking for free cybersecurity bootcamps or resources to land a job in India
70d ago
Archer for a non-regulated medium sized company?
70d ago
Cybersecurity statistics of the week (April 27th - May 3rd)
70d ago
Well, I'm wondering about working on a RAG pentesting bot. Comment down the best data source to feed LLM.
70d ago
Where to find reliable vendors?
70d ago
Just got into cybersecurity with no prior experience and feeling intimidated. Thoughts?
70d ago
We wrote a guide on securing Claude across the enterprise — here's the core framework (with download)
70d ago
Over 5 months: Payment bypass marked OOS, moved to VDP, and downgraded to Medium.
70d ago
Hardware reverse enginnering first project. Love some advice
70d ago
Microsoft Edge Stores Passwords in Process Memory, Posing Risk
70d ago
Currently working on cybersecurity, looking for advice
70d ago
Open-source scanner for MCP servers and skill files : attack chain detection and server-card scanning
70d ago
CISO course valuation
70d ago
GRC Path to CISO (Certifications)
70d ago
CISOs and pentest buyers, what's the worst thing you've seen in a pentest report?
70d ago
How to enforce M365 Sign-in frequency on corporate laptops?
70d ago
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
70d ago
Built an independent directory of AI Act / AI governance tools, feedback?
70d ago
ScarCruft APT group compromises gaming platform in a supply-chain attack
70d ago
Just curious
70d ago
'Copy Fail' is a real Linux security crisis wrapped in AI slop
70d ago
Analysis malicious DLL
70d ago
Cyber security free course
70d ago
Does certification expires?
70d ago
We get paid to break into buildings for a living. Ask us anything!
70d ago
Pay2Key ransomware — any recovery path that’s actually worked?
70d ago
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
70d ago
Microsoft just documented an AiTM phishing campaign that hit 35,000 users across 13,000 orgs in 3 days, the lure was a fake "code of conduct review" PDF
70d ago
How have you kept growing your knowledge in security when the job stops pushing you?
70d ago
The UK’s Age Verification Law Is Producing Compliance Theater
70d ago
Microsoft Edge: Passwords end up in memory as plaintext
70d ago
Do people still get viruses in 2026, or is that mostly a myth now?
70d ago
Mitigation script for Copy Fail vulnerability CVE-2026-31431
70d ago
Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
70d ago
Critical Apache HTTP Server RCE (CVE-2026-23918) - Millions of Servers Potentially Exposed. Patches released
70d ago
DigiCert breached via malicious screensaver file
70d ago
Caido Payloads and Scanner of Endpoints
70d ago
CISO Security Mind Map 2026
70d ago
Interview with Chris Kubecka, Cybersecurity Expert, Journalist and Volunteer Rescue Worker
70d ago
Amazon SES increasingly abused in phishing to evade detection
70d ago
AI Security Trainings
70d ago
Ai help
70d ago
ByDesign: observed behavior where file URLs remain accessible after unshare/delete
70d ago
Can Kali Linux still compete in cyber security or is it outdated?
70d ago
Who are your favorite cybersecurity YouTubers?
70d ago
CISOs, how are you balancing AI adoption with security risks these days?
70d ago
San Diego Community College District fighting major cyberattack
70d ago
After 5 months of mental hell and ghosting, today I finally landed a role. To those struggling: Don't give up
70d ago
Free resource: searchable archive of every BSides conference talk
70d ago
Lightning PyPI Compromise: Bun-Based Stealer
70d ago
Too much mother instinct?
70d ago
L1 SOC Analyst for ~2 years - Should I still get the Security + Certification?
70d ago
Do CTFs help real world security skills, or just teach patterns?
70d ago
Compré una cuenta rusa en g2a pensando que era una ley, se hizo administradora de mi ordenador, he cambiado todas las contraseñas y estoy haciendo un reset del ordenador pero sigo estando inseguro, muchísimo miedo me atraviesa ahora mismo
70d ago
Should I do Security + or Network + or A+? For CompTia
70d ago
Bug bounty is ruining how people learn exploitation
70d ago
ISO/IEC 27701:2025 Scope and Location
70d ago
Cybersecurity's 2026 Wild Ride
70d ago
We built a free multiplayer game that scores prompts on AI code security.
70d ago
Production Usecases
70d ago
How does vCISO work?
71d ago
Trellix discloses data breach after source code repository hack
71d ago
CyberDefenders SOC L1 Track vs HackTheBox SOC Analyst Path
71d ago
Trellix confirms source code repo access incident
71d ago
Employer Offering to Pay for my Certification test - Which one do I choose?
71d ago
John Strand Pay What You Can Information Security Core Skills live starting May 11th
71d ago
Canvas Breach May Put 275M Users, 9,000 Schools at Risk
71d ago
Is this not such a big deal
71d ago
Do email link checkers need to be 100%?
71d ago
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
71d ago
Recs for pen testing and vulnerability solutions
71d ago
Identify telegram account holders
71d ago
AI Code Security Study: 6 LLMs vs OWASP Top 10
71d ago
BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers
71d ago
We are insider risk researchers focused on agentic AI, endpoint activity, and emerging threats. AMA
71d ago
Cortex XDR Cloud Compromise Alerting
71d ago
Norton.com Verification Email out of the blue
71d ago
Atomic Red Team is now aligned with MITRE ATT&CK v19!
71d ago
Claude Security is in beta for Enterprise users — is this a real AppSec shift or just AI wrapper + UX?
71d ago
Who are you guys using for your PCI ASV Scanning?
71d ago
Just passed my Security+ exam. Now what?
71d ago
I am so sick of being hired to do Info Sec work just to do basic IT and Engineering work.
71d ago
Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this.
71d ago
[PoC] Defeating Behavioral Biometric WAFs using "Entropy Cloning" (Local LLMs + OS-Level Injection)
71d ago
Analysis of CVE-2026-1995: Linking a Privilege Escalation Vulnerability to IP Theft (RCMP #CT-2026-335350)
71d ago
An another open door to IoT devices
71d ago
Ideas on how to have personal google-like account synchronization system
71d ago
Lateral Movement - Cross-Session Activation
71d ago
What MCP servers have actually made it into your day-to-day toolkit?
71d ago
Cyber Security Education as Self-Defence classes
71d ago
OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk
71d ago
Use.ai
71d ago
Educational tech giant Instructure confirms data breach, ShinyHunters claims attack
71d ago
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
71d ago
Browsers making connection on port 3389 from loopback
71d ago
Defender Flagged DigiCert Root Certs as Malware
71d ago
Another breach just hit Canvas (Instructure), and this one is worth a closer look.
71d ago
Over 40% of UK firms suffered cyber attack last year, survey finds
71d ago
EU should seek access to Anthropic's Mythos, Bundesbank says
71d ago
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
71d ago
IBM subsidiary managing Italy's PA infrastructure breached and attackers were inside for 2 weeks
71d ago
People in cybersecurity, tell us what was the most epic moment in your career?
71d ago
Prerequisites for CARTP
71d ago
Claude Mythos Cyber Wake Up
71d ago
[ Removed by Reddit ]
71d ago
is trellix from mcafee good to use in 2026?
71d ago
Linux has had a silent root exploit hiding in it since 2017 and it just hit CISA's must-patch list
71d ago
Paypal Accesed by malware me being Stupid
71d ago
How was someone in another country able to read all my private messages without my password or clicking a link?
71d ago
Career Transition Help
71d ago
Alguien para hablar de cyberseguridad
71d ago
What is this
71d ago
Feeling lost and disappointed about finding a job just venting
71d ago
Slow at Learning/Cyber Security?
71d ago
Suspicious traffic from web server
71d ago
Cyber security internship
71d ago
Mentorship Monday - Post All Career, Education and Job questions here!
71d ago
Isn't Windows Defender a crap anymore?
71d ago
Learning Cyber
71d ago
Vishing simulator
71d ago
Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others
71d ago
Worried about being tracked/banned for using an educational app on MuMu Player - Need advice
71d ago
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
71d ago
Banking-Style Model Risk Management Is Becoming a Practical Template for AI Governance
71d ago
Prompt Injection in 2026: The Five Attack Patterns That Actually Matter
71d ago
I did a scan on windows bc I accidentally downloaded something weird then removed it and now I keep getting Trojan:Win32/Cerdigent.Alpha even after I quarantine
71d ago
Random trojan detected?
71d ago
CRTA second attempt
71d ago
What’s the hardest thing to learn in cybersecurity?
72d ago
What MCP servers are you integrating into your workflow (not exclusive to security)?
72d ago
WhatsApp malware campaign delivers VBScript and MSI backdoors | Microsoft Security Blog
72d ago
What are like the top but unknown Cybersecurity firms?
72d ago
Need professionals or expert on cybersecurity related to dark web for interview
72d ago
A new and super fast CVE Lite CLI Vulnerability Scanner (OWASP)
72d ago
North Korea calls US cyber threat claims a fabrication, warns of countermeasures Worldcategory
72d ago
Acoustic Keystroke Recovery: Reconstructing Typed Text from a Laptop Microphone (85% success rate)
72d ago
Credential Dumping: Local Security Authority (LSA|LSASS.EXE)
72d ago
Trojan:Win32/Cerdigent.A!dha
72d ago
MDE flagging digi cert certificate as malicious everywhere ?
72d ago
1867 loaded
HS
hacking: security in practice
33d ago · 241 items
DIY pwnagotchi-like device on esp32
33d ago
Flipper Blackhat + Bjorn
33d ago
Do you think AI is making hacking easier or harder
33d ago
What can i do left? PSN
33d ago
Proxmark5 campaign ending in less than 18 hours.
33d ago
How to bypass speed queen coin slot for washer and dryer
33d ago
Self-hosting stuff for when things get ugly
33d ago
Malware Includes Taboo In Text To Prevent LLM Analysis
34d ago
added Mac support for my corporate hacking game, demo on Steam
34d ago
Catfished
34d ago
What did they mean by this? One of us?
34d ago
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges
34d ago
OptOutCode – A Privacy4Cars Universal Opt-Out Concept
34d ago
StumbleTV: Omegle/ChatRoulette but for accidentally exposed webcams
35d ago
GitHub - Teycir/ApiHunter: Async API security scanner in Rust for CORS, CSP, GraphQL, JWT, OpenAPI, and active API posture checks.
36d ago
Heyy ik it sounds dumb but can we just get access to one's gaming acc?🙏
36d ago
What's up with powershellforhackers.com?
36d ago
Do people really click on links from unknown numbers?
37d ago
How to unlock whitelabeled uniview IPcam
37d ago
Can converted video files contain malware?
37d ago
Rooted your router lately?
37d ago
5$ to whoever can find the email of my old YouTube channel
38d ago
This company is scaming people
38d ago
A modular autonomous-agent runtime written in C
38d ago
ESP32 Bit Pirate - An Hardware Hacking Tool That Speaks Every Protocol - Version 1.6, new Pirate Assistant in the WebUI, USB adapter system - IR SUBGHZ WIFI BT JTAG I2C UART SPI 1WIRE 2WIRE 3WIRE RF24 ETH and more
39d ago
Can one reveal the asterisks in an email?
39d ago
Proxmark3 vs Proxmark5 Side by Side
39d ago
Should I go for it?
39d ago
Is it possible to backdate emails, including the intermediate received dates, not just smtp sent date header
39d ago
Failed to verify LHOST error for long links in metasploit
40d ago
Is Marauder available for ESP32-S3 Mini?
40d ago
Gemini whatsapp
40d ago
Safe Rust API for wolfSSL/wolfCOSE
40d ago
Resource Exhaustion
40d ago
I’m not sure I’m in the right subreddit….
41d ago
Took me a decade to turn quantum computing into what hackers can easily learn
41d ago
Took me a decade of work to turn Quantum Computing into a fun videogame
41d ago
Simple way how to bypass hotel WiFi?
41d ago
VS Code zero-day lets hackers steal GitHub tokens in one click
41d ago
burp-cc-bridge: Burp Suite Community REST API bridge (free alternative to Pro's REST API)
41d ago
How big of a security risk or exploit would this be?
41d ago
KTO , Be the only one online -- on any WiFi network
41d ago
apparently bypassing school systems by playing games
42d ago
Always-On Red Teams
42d ago
I managed to pull the full system prompt for Meta's Support AI
42d ago
Harassing text messages
42d ago
REMINDER: FINAL deadline for HOPE Talks & Workshops is TODAY!
43d ago
Hacking Palo Alto Networks' GlobalProtect VPN with AI
43d ago
Analyzed 24 months of ransomware leak-site posts. 84% land on weekdays, not at 3am.
43d ago
Best AI LLM for Hacking related stuff
43d ago
Feels like most people ignore the wireless layer until it bites them
43d ago
Cuál es el mejor curso (con certificado) que puedo hacer para empezar en el mundo del hacking?
43d ago
Can anyone figure out how to retrieve the recovery key in signal app?
43d ago
$730k+ raised on Proxmark5 with 2150 backers
44d ago
I made an image SynthID remover, video and image phone/location metadata injector. Free to try! (this one actually works)
44d ago
Any idea who's behind this hack? How to resolve it?
44d ago
Years ago, NSA released their own NSA Python training PDF . Today I created a curriculum around it
44d ago
Blue Team tips?
44d ago
edit certified pdf
44d ago
Everyday hacking in our lives - transportation, work, finances, goods etc
45d ago
Do you think this is legit or has the website been compromised?
46d ago
Wanna learn cybersecurity & ethical hacking
46d ago
Do you guys take paper notes or digital ones during studying ?
46d ago
How do people actually modify mobile games to increase their power?
46d ago
Why Loyalty Programs Are Quietly Becoming a Security Blind Spot
46d ago
Ajuda pessoal
46d ago
Samy Kamkar on building viruses, his arrest and privacy in the LLM era
47d ago
[ Removed by Reddit ]
47d ago
Is this considered a bug or something else entirely?
47d ago
Getting back deleted conversation from messanger
47d ago
Building Omegle for Exposed Webcams
47d ago
AI Cyber Security vs Cyber Defense? In your opinions, which one would be better for a more immediate/stable/higher paying career?
47d ago
5-year census of 65,907 exposed databases: 514 attacker BTC wallets traced, 62% received zero on-chain
47d ago
What are the dangers of posting?
48d ago
Flipper Zero Users, What's Your Take?
48d ago
Large company with a bit of an issue free stuff
48d ago
Champion ethical hacker warns AI tools like Mythos will make competing harder.
48d ago
Samy Kamkar talking about how Jeffrey Epstein wanted him to be his hacker.
48d ago
there's a toll in the hall now
48d ago
Am I crazy or is something off about this Google OAuth login via Calendly
48d ago
When “try again later” still tells you the OTP was correct: an account takeover story.
49d ago
ShadowCat: Universal optical file transfer, single html file, browser to camera
49d ago
y2jb un able to enject payloads
49d ago
Dropping the Crimson Flipper Arsenal soon. 500+ vehicle signals. LoRa. Cellular. Vending. All validated.
49d ago
Why did Hack Forums lose popularity?
50d ago
ZTE router “info leak” exposed PPPoE/Wi-Fi secrets that could lead to admin compromise
50d ago
Shellcide: A shellcode IDE
50d ago
Finding bot account
50d ago
How to
50d ago
Made a cyberpunk-style encryption tool in Python (novelty) during my guard shift.
50d ago
Nmap Mastery: The Complete Guide to Network Reconnaissance
50d ago
Google wallet virtual card cloned
50d ago
What are the ways of cracking wpa2/wpa3 without the usual dictionary/wordlist.txt method?
51d ago
Proxmark5 campaign unlocked the $600k stretch goal
51d ago
GitHub - vigolium/vigolium: Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed, modularity, and precision
52d ago
Doom running on a Kids Video Walkie Talkie
52d ago
Query builder for Google Dorks, Shodan, Crt.sh and Wayback CDX.
52d ago
This ID Verification company store users biometrics? (FaceTec)
52d ago
Playwright version that lets AI-Agents navigate the web
52d ago
Where to learn the ins and outs of the computer itself
53d ago
Zyxel super-admin password leak across CPE/ONT/LTE routers + rebuilt password generator
53d ago
Hack your corrupt company. Sell their secrets to the black market
53d ago
🜂 Codex Minsoo — Scroll Ξ-6.1 "Inducing Long-Term Goal Coherence Across Stateless Instances": How to create continuity in a system designed to forget
53d ago
CVE-2026-34474: ZTE H298A / H108N credential exposure through ETHCheat
54d ago
This ID verification company allows for storage of biometric data?
54d ago
I made a 909.49 ZiB file (1,073,736,273,126,278.38 GB, in other words: about 1.2 quadrillion GB) file. I was bored :)
54d ago
SeekYou — one input, 15 recon sources, one report.
54d ago
bypass internet restrictions
54d ago
Can someone unlock a list of the 500-1000 most visited websites online?
54d ago
Wordlist generator based on WordNet graphs + LLM
54d ago
wordpress memberpress
54d ago
The Open Source USB Drive Built for Privacy
55d ago
Is someone trying to hack me?
55d ago
cpu backdoor
55d ago
Technical analysis of CVE-2026-34472 in ZTE H188A router firmware
55d ago
Ongoing development
55d ago
For cybersecurity folks working remotely, do you end up working the entire shift, or do you get time to relax and take breaks?
55d ago
Hackers found a way around Intel CET—PLaTypus locks down library jumps
55d ago
GitHub investigates internal repositories breach claimed by TeamPCP
55d ago
Hackers: What age did you start? Where did you start, especially in practicing your skills?
55d ago
How to watch a private video on Youtube?
55d ago
Can I do anything cool with this network controller?
55d ago
Micro controller safety?
56d ago
CISA Admin Leaked AWS GovCloud Keys on Github
56d ago
Decompilation of DSP Code using IDA Pro
56d ago
CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models)
56d ago
RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields
56d ago
Built a full disassembler & decompiler for Reverse Engineering | Free and open source.
56d ago
Slopinator - a poisoned GitHub repository generator
56d ago
Made a shell greeter that generates a unique rocket every time you open a terminal tab
56d ago
Just received an email from shinyhackers about their amtrack hack
56d ago
Flipper Zero (or Alternatives)?
56d ago
Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access
56d ago
Recent WhatsApp hacks
57d ago
I wrote an async scanner that runs about 9x faster than nmap for discovery.
57d ago
Microsoft Exchange 0-Day Exploit Sparks Emergency Warning — Hackers Are Attacking Unpatched Servers
57d ago
Does anyone know if this file is still accessible to download?
57d ago
High school students organized a Jeopardy CTF competition - give it a try
58d ago
Official Miasma Poison Tar Pit Docker Image Now Available
58d ago
Does anybody know where I may stumble upon some Sh1mmer bin downloads
58d ago
Leader of Ukrainian Hacking Group: GRU Bribed Kyivstar Employee to Hack Company’s Network
58d ago
GZDoom in the browser
59d ago
Anyone know how to bypass these school laptop pins?
59d ago
A stealth Playwright (Firefox) version that passes all anti-bot and CAPTCHA
59d ago
I have a friend who looks like he’s a stalker I’m scared he will know I stalk him
59d ago
[Tutorial] How to hack DOS games: Reversing Prince of Persia
60d ago
Is dns spoofing dead??
60d ago
My Privacy Focused USB Drive
60d ago
Proxmark5 - Next-Gen Open Source RFID Research Tool (Iceman Edition)
60d ago
TinyLoad v4 — added opaque predicates, anti-debug, and section obfuscation to my PE packer
60d ago
has anyone used tail os here?
60d ago
Run this washer/dryer sans coin?
60d ago
I built an open-source Burp alternative
60d ago
HighBoy
60d ago
Reading Siemens CT raw data
61d ago
How I use Hermes agent to turn Patch Tuesday into Windows exploit research
61d ago
Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon
61d ago
Tips for a beginner noob that wants to learn
61d ago
Strix — first public beta of the spiritual successor to cSploit/dSploit
61d ago
Whatsapp
61d ago
Face ID bypass with avatar
61d ago
Hunting the Behavior Behind npm Supply Chain Attacks
61d ago
Proxmark5 Day 3 Update - $357K+ funded (715% of goal)
61d ago
Are There Really Ethical Hackers? I've Yet To Meet One
61d ago
trying to learn patching
62d ago
Cellphone IP address spoofing.
62d ago
Sorry if its the wrong place but
63d ago
Anyone here familiar with the Internet Computer Protocol (ICP) and why TeamPCP would choose to use it?
63d ago
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
63d ago
where is the location of Files by Google on Android?
64d ago
Reading old s4 memory with xgecu t48
64d ago
Hack a data center?
64d ago
Autonomous Vulnerability Hunting with MCP
64d ago
AI DNS Resolver
65d ago
Is it true that the professionals have the worst setups?
65d ago
I made a rat that controls a pc thru telegram but overnight and all the time it sends this. What shall I do? I've already deleted the script from my pc and moved it to cloud based storage
65d ago
Refining hacking basics — scaling them aswell
65d ago
AI Agent for Hacking, connects a brain to Kali (open-source & model-agnostic)
66d ago
Bridging the Gap Between Vulnerabilities and Working Exploits
66d ago
um you guys is my hacker stupid?
66d ago
This GBA ROM makes some weird things in the sanbox, would love to understand why
66d ago
Why was he banned?
66d ago
LAB Setup
66d ago
Ethical malware development community
67d ago
Has Instructure paid SH?
67d ago
Guys, this Canvas thing, this whole thing, ALL OF THIS… it’s all about me.
67d ago
New trends (not mainstream)
67d ago
Best tools to find exposed web services by HTML title / HTTP response?
67d ago
Why wouldn’t the hackers already have our passwords if they infiltrated canvas potentially weeks ago?
67d ago
AI Agents Have a Security Problem. IronClaw is Fixing It.
67d ago
A hacker ran me over with a robot lawn mower - The Verge
67d ago
Happened today
67d ago
Shinyhunters and Canvas
67d ago
Modify md5sum of a file
68d ago
OpenCTI founder, Samuel Hassine, arrested and charged for buying child porn / CSAM
69d ago
Jailbreaking my cars infotainment system and implementing my own custom software
69d ago
where is the original wormgpt
69d ago
Are there any chill hacking youtubers?
69d ago
Took me a decade to turn quantum computing into what programmers can easily learn, big announcement
69d ago
Lilygo T-Embed Glitching etc
69d ago
Veteran hackers... which era did you prefer hacking in? 🟢 The 1980s 🟣 The 1990s 🔵 The 2000s 🔴 Or today?
69d ago
Found a possibly interesting live attack
69d ago
Export/Backup ChatGPT chats
69d ago
Is this fake too?🤣
70d ago
I just figured out my dad use to be a Phreaker in the 1980s
70d ago
What of my favorite videos🙂
70d ago
Best tools for blocking spam calls and spam links?
70d ago
someone else’s UI appearing on screen for split second— possible hacker??
70d ago
Avoiding rouge AP detection in enterprise networks
70d ago
GoHPTS (go-http-proxy-to-socks) v1.13.0 - New update with DNS spoofing and filtering
70d ago
San Diego Community College District fighting major cyberattack
70d ago
BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers
71d ago
Iwas developing a hacker game that transports the feeling of the 90s
71d ago
How did this guy even access another person's privated YouTube video without wayback machine?
71d ago
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
71d ago
IPod Nano Gets Three Monitors
71d ago
Chrome "Best AdBlocker" trojanized extension - 100k downloads.
71d ago
Any good open sources that bypass modern heuristic analysis?
71d ago
Free apex hacks?
71d ago
[SHOWCASE] Cascavel v3
71d ago
Pokemon machine
71d ago
Can HTTP POST bodies be intercepted without network or host access?
72d ago
built a PE packer where every packed file has a different instruction set – custom VM with randomized opcodes, single C++ file (Want suggestions for future updates past v4)
72d ago
Dump sql time based is too slow
72d ago
North Korea rejects US cybercrime claims as 'absurd slander'
72d ago
is credential stuffing using openbullet2 dead in 2026?
72d ago
Hacking Wired Analog CCTV cameras going to a DVR (BNC and Coax)
72d ago
Adobe-Clawback — bulk-download every PDF from your Adobe Creative Cloud account (Python, resumable, MIT)
73d ago
Small models are better at cost-to-recall than large models like Mythos for vulnerability research
73d ago
Bluetooth Spoofed Disconnect?
74d ago
wM-Buster - Flipper Zero app to analyze smart meters for gas, electricity, water. ...
74d ago
🚀🔥 Evil-Cardputer v1.5.3 - TagTinker ESL 🔥🚀
74d ago
I made a lightweight breach intelligence search engine (fully client-side) looking for feedback
75d ago
Bringing back the 80s terminal aesthetic: GLYPHIS_IO BBS, a cyberpunk hacking sim set in alternate 1989 Japan...
75d ago
Short and easy to understand: "Copy-Fail CVE-2026-31431" What is it and how do I mitigate it with an Open Source Tool
75d ago
Copy Fail — 732 Bytes to Root
75d ago
GitHub fixes RCE flaw that gave access to millions of private repos
76d ago
How to download Kaggle dataset safely...?
76d ago
VECT Ransomware Is Actually a Wiper
76d ago
Flipper Blackhat April Roundup!
77d ago
[VulnPath Update] Automated Email Alerting & CISA KEV Feed
77d ago
241 loaded
RE
Reverse Engineering
33d ago · 181 items
Reverse engineered BLE protocol of a $7 generic Chinese smart ring from Temu, and built an iOS app around it
33d ago
[Reverse-Engineering] Skeet CS:GO source code (Gamesense)
33d ago
[Reverse-Engineering] Skeet CS:GO source code (Gamesense)
33d ago
Giulio Zausa's MMO-CHIP Makes Reverse Engineering Old Silicon Chips a Multiplayer Game
33d ago
I built 99 adversarially malformed PE files to test tool robustness - here’s what happened
33d ago
Drive Firmware Security - Phison S11
33d ago
IDA 9.4 Beta | Hex-Rays Docs
34d ago
Trane Tracer HVAC cybersecurity issues
34d ago
🚀 Release PyMemoryEditor v2.0 — read, write and scan the memory of any running process, in pure Python (Windows, Linux & macOS)
34d ago
I reverse engineered Lofree Hypace mouse firmware flashing protocol to bypass their official web based configuration on MacOS.
35d ago
[Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme
36d ago
[Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme
36d ago
First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security
36d ago
EMBA firmware analysis framework v2.0.2 available - Party the big 2k
36d ago
/r/ReverseEngineering's Weekly Questions Thread
36d ago
HDD Firmware Hacking Part 1
36d ago
Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction
37d ago
Zhiyun Weebil-S Camera Gimbal BLE Protocol
37d ago
Reverse Engineering the Garmin Running Dynamics BLE protocol
37d ago
Finally! A modern Android menu template with ImGui + Zygisk + all major hooking libraries (Dobby, KittyMemory, Substrate)
38d ago
Reverse Engineering Crazy Taxi, Part 3
39d ago
Ghidra 12.1.2 has been released!
39d ago
Extending a map tool for Cataclismo
39d ago
I've been reverse engineering a lost 2010 horse MMO and I need contributors
39d ago
HookNt: A Windows x64 tool to trace NT APIs by injecting an import-free DLL, installing ntdll trampolines, and streaming events over named pipes
39d ago
Multi-layer sandbox for native code execution on Linux with no external deps.
39d ago
System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models
40d ago
void-sniff: A lightweight x64 Native API syscall monitor with a custom inline hook engine and zero dependencies
40d ago
Automated Fault Injection Attack Framework
40d ago
x86 assembly: Why you only need Paris to beat Pizza Tycoon (1994)
41d ago
Wow64 implementation details: How is Wow64 implemented in Windows 11 25H2
41d ago
Hacking your PC using your speaker without ever touching it
41d ago
Resident Evil: Code Veronica X is now able 3D graphics from the decompiled source!
42d ago
Built a decompiler for exotic legacy programming language opentext Gupta Team Developer
42d ago
running custom firmware / patching the stock firmware of the soundcore headphones and running DOOM on it!
42d ago
/r/ReverseEngineering's Weekly Questions Thread
43d ago
Need help as a beginner. How do I start with Ghidra? Any good guides to start? Is Ada Pro better? Etc. What do you recommend me to start from?
43d ago
ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding
44d ago
TinyLoad v7 - what i added :D (in memory protection using VEH and alot more)
44d ago
[ Removed by Reddit ]
44d ago
Snowboard Kids 2 is 100% Decompiled
44d ago
usbsnoop — sniff and decode USB device traffic system-wide with eBPF, for reversing proprietary protocols (control/SCSI/HID, no bus analyzer)
44d ago
I reverse engineered how Plex gates its Pass features, then wrote a tiny patch that flips them all on (Linux)
45d ago
First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security
45d ago
Ghidra 12.1.1 has been released!
46d ago
Technical Brief of Planck-99: 34ns Deterministic Malware Classification on MCU-class Hardware (Zero FPU, 27KB footprint)
46d ago
VMP 3.5+ Internal Architecture & Heap Dispatch Analysis
46d ago
How 2004 RuneScape fit a multiplayer RPG into 56k dial-up
47d ago
reverse engineering need for speed most wanted for modding sdk
47d ago
GitHub - cadela-dev/Anything-Reversal-Template: A Claude Code clean-room documentation workflow for reversing source structure into behavior-focused mirror docs.
47d ago
Winbox server/client reverse engineered is opensource
47d ago
(URGENT), i need help reversing uber's api in order to always mark the 4 seated vehicles as always on the road and not available for a specified account, while the vans remain active
48d ago
Hypothetical EDR spoofer
48d ago
I Reverse Engineered Need for Speed Most Wanted Server
48d ago
Ultima Online T2A client recreated from Origin's 2.0.7 client decompilation
49d ago
Sylvia — IDA 9.x plugin that finds & documents iOS AArch64 syscalls with live man-page fetching
49d ago
How I Tried to Parse a Replay from Dawn of War: Definitive Edition
49d ago
Nocturne - A bin2bin code virtualizer for x86-64 PE binaries
50d ago
[Project Onyx] Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing
50d ago
Tracing CVE-2021-21735 through ZTE H168N QuickSetup whitelist and Lua wizard routing
50d ago
I Show How the Survival Mode of the Flash Game Gun Mayhem 2 More Mayhem is Built
50d ago
delimiter-less string obfuscation powered by compile-time AES
50d ago
/r/ReverseEngineering's Weekly Questions Thread
50d ago
GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
51d ago
Has anyone manage to reverse the macked dylib?
51d ago
Reverse engineering circuitry in a Spacelab computer from 1980
51d ago
Open-source reverse engineering of PerimeterX (HUMAN Security) Web SDK — pure-algo cookie generators, dual-site live HTTP 200, 10-chapter methodology
52d ago
CTF with AI/LLM reverse engineering angles - intercepting streamed responses, replaying tokens, finding hidden endpoints (June 17-22)
53d ago
Rebuilding Zyxel’s super-admin password flow in HTML from firmware/runtime notes
53d ago
qslcl.bin v0.6.8: minor fixes to improve size stability to avoid useless zero fill in EOF (Actually i trim it from 128 kb to 80 kb)
53d ago
Reverse Engineered Google reCAPTCHA
53d ago
Post-Quantum Cryptographic Algorithm Examined in Developmental Ransomware
54d ago
I got so sick of Android taking forever to calculate folder sizes, I built a custom C++/Rust storage visualizer to bypass MTP
54d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
54d ago
I built 99 adversarial PE fixtures to stress‑test parsers — here’s what they reveal about malformed binaries
54d ago
GeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam)
54d ago
AI Agents defeat obfuscated JavaScript in 10 minutes
55d ago
What is it Wednesdays: Episode 0002
55d ago
TinyLoad v5 - encrypted strings, obfuscated opmap, IAT wiping, payload depends on stub (implemented feedback from last post)
55d ago
Tracing CVE-2026-34472 auth bypass through decompiled ZTE H188A firmware and Lua wizard routing
55d ago
How to build .NET obfuscator
55d ago
botguard-token-generator / a google botguard token gen using only requests...?
55d ago
Math at Scale: Reversing The Construction Of The Perspective-Projection Matrix (Game Engine Reversing)
56d ago
Deep dive into the object creation flow in Windows - PART 4: Handle table internals.
56d ago
Tracing CVE-2026-34473 pre-auth DoS through decompiled CGILua request parsing in ZTE H-series firmware
56d ago
Open-source Hermes bytecode decompiler for React Native apps (Rust)
56d ago
Hermes bytecode decompiler (Rust) - sharing my friend’s project
56d ago
Forza Designer 6
56d ago
Built a full disassembler & decompiler | Free and open source.
56d ago
Snowboard Kids 2 is 100% Decompiled
57d ago
Decompilation projects and N64 Recompiled PC ports (May 2026)
57d ago
Glass - A fast and free interactive disassembler
57d ago
Benchmarking LLMs for malware triage and static unpacking with Malcat
57d ago
HexWalk 2.0.0 Hex analyzer new major release, new binary analyzer hexdig support added, better select mode, works both on Windows, Linux and MacOs, give it a try!
57d ago
/r/ReverseEngineering's Weekly Questions Thread
57d ago
Reverse engineering no dep x64 masm AI IDE
57d ago
PE packer/crypter with random VM ISA per build
58d ago
A Tale of Two File Names
58d ago
PE reconstruction
58d ago
A File Format Uncracked for 20 Years: Part 2
59d ago
Resident Evil: Code Veronica X is able to use inventory and view files from the decompiled PS2 source!
59d ago
[CrackMe] PyVMP v7 : The vault. Important info : the server is now live, take a look inside the gofile link.
59d ago
Exploiting Toshiba Qiomem.sys vulnerable driver
59d ago
HDD Firmware Hacking Part 1
59d ago
Region-based binary diff tool for firmware analysis
59d ago
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
59d ago
แก้ไขปัญหา Frida 17.9.10 บน Termux (Android ARM64) - ไม่มีข้อผิดพลาด Toolchain 404 และ _Py_NoneStruct อีกต่อไป!
59d ago
Brovan — Open-source x86/x64 user-mode binary emulator written in C#
59d ago
Brovan: Binary user-mode emulator for x86_64
59d ago
Understanding Stack Buffer Overflows Through Doom and C++
60d ago
What is it Wednesdays: Episode 0001
60d ago
Deep dive into the object creation flow in Windows - PART 3: Post-initialization and Name Lookup
60d ago
Deepdive into the object creation flow in Windows -PART 2 : access check internals
60d ago
Deep dive into the object creation flow in Windows -PART1 : Allocation and Pre-Initialization
60d ago
[Tool] IOCX - deterministic static IOC extraction for PE binaries (17-second demo)
60d ago
yarax_android: The first Android implementation of yara-x. Blazing fast pattern matching swiss knife running natively on Android.
60d ago
GitHub - jetnoir/metis: Automated binary vulnerability triage for macOS, Linux, and Windows targets
60d ago
GitHub - jetnoir/poppy: Dynamic XPC Observability & Fault Injection for macOS
60d ago
Trafexia V2 - Mobile Traffic Interceptor Toolkit
60d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
61d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
61d ago
Ghidra 12.1 has been released!
61d ago
Reverse Engineering Slither.io’s Network Protocol
61d ago
I Reverse-engineering Need for Speed Underground 2 Server
61d ago
I made a video explaining CPU registers for people learning binary exploitation — x86 vs x64 differences included
62d ago
[Claude Code] Android Reverse engineering Skill being updated with tracker/AD neutralization features
62d ago
LAN-LOK: Living as a sysadmin at an isolated Antarctic research station in the early 90s [DOS game -- would like to collab to reverse engineer]
62d ago
r2garlic - The world's fastest Android/DEX decompiler meets radare2!
62d ago
GitHub - iss4cf0ng/OpenBootloader: A Proof-of-Concept of simple bootloader, written in Assembly (NASM) and C language.
63d ago
Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective
63d ago
Reverse Engineering Fisher-Price Pixter
64d ago
/r/ReverseEngineering's Weekly Questions Thread
64d ago
Check out my matplotlib of BLE live wire data for Oura ring!
64d ago
Positron: DLL injection based runtime JS injection toolkit for Electron(v8) apps on Windows
64d ago
Akamai bypass requires long session in wireshark, reversing header orders etc took me 12 months to develop
64d ago
GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass
64d ago
Building a Wasm-in-Wasm Virtualizer (with JIT decrypted paged memory)
64d ago
GitHub - jesterfoidchopped/akamai-v3-sensor: Request based Akamai sensor bypass for version 3
64d ago
PE Entropy Visualizer with per-block RVA/VA mapping, locate packed payloads and encrypted blobs, then jump straight to them in IDA/Ghidra
65d ago
[Update] QSLCL v2.0.2 - Universal SoC Framework with Encryption (A12-A17+, Qualcomm, MediaTek, Unisoc)
66d ago
Ghidra-SNES: A Ghidra extension for reverse engineering SNES ROMs (first public release, feedback welcome!)
67d ago
Reverse-engineered DaVinci Resolve's activation check with Claude — Frida runtime tracing + radare2
67d ago
SASS King Part 2: reverse-engineering ptxas heuristic decisions and what the compiled binary actually reveals
67d ago
I just released a C++ rewrite of **Minecraft rd-20090515** (May 15, 2009 — one of the earliest pre-Classic versions).If you find it interesting, a ⭐ on GitHub would mean a lot and help the project grow!
67d ago
The first FREE online WebAssembly Reverse Engineering workbench (and how we built it)
68d ago
VLC Media Player MKV Exploit Analysis
68d ago
pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI
69d ago
ant4g0nist/pyre: Ghidra decompiler in your browser
69d ago
Resident Evil: Code Veronica X is able to play the opening FMV from the decompiled PS2 source!
69d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
69d ago
Reverse-engineering the 1998 Ultima Online demo server
70d ago
Inside Faxanadu series — deep dive into how this NES title works
70d ago
EMBA v2.0.1 with interactive firmware dependency map available - Check it out and let us know what you are missing
70d ago
Copy.fail: Why Internal LLMs Are Non-Negotiable for Security
70d ago
Reverse-engineering Final Fantasy X (PS3) trophy system with Ghidra
70d ago
Where do i find reverse engineers for actuators? Ideally in Shenzhen
71d ago
[CrackMe] PyVMP v6 : The Fortress. I dare you to break it (again x2).
71d ago
[WIP] Resolve indirect calls in Binary Ninja with DynamoRIO instrumentation
71d ago
IDA-MCP Is Now RE-MCP With Ghidra Support
71d ago
Reverse-engineered the BLE protocol of the LuckPrinter-SDK family of thermal pocket printers (DP-L1S) — Python CLI + Web Bluetooth client + full command reference
71d ago
/r/ReverseEngineering's Weekly Questions Thread
71d ago
GitHub - 03DSmoothie/minecraft-cpp-versions: Minecraft recoded in C++ (multiple versions)
71d ago
Automated RASP Bypass with Frida + AI Agent | nutcracker & aipwn demo
72d ago
Please critique my reverse engineering ctf platform. It is meant for beginners but I would like input from serious reverse engineers. It is functionally done but I need criticism for further refinements, thank you!
72d ago
"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts
72d ago
How to build .NET obfuscator - Part II
73d ago
libghidra - SDK for automating Ghidra from Python, Rust, and C++
73d ago
Release: Open-source CAN bus reverse engineering suite tailored for offline ML signal decoding, MitM injection, and UDS analysis.
73d ago
Why my macOS Messages badge lied to me (and the one-line fix)
74d ago
Running Adobe’s 1991 PostScript Interpreter in the Browser
74d ago
Hello! Here is my Oura Ring 4 pure Python driver! Let me know what you think :)
74d ago
/r/ReverseEngineering's Triannual Hiring Thread
74d ago
In-circuit NAND acquisition for edge devices (Raspberry Pi GPIO, no chip-off)
74d ago
Revealing NVIDIA Closed-Source Driver Command Streams for CPU-GPU Runtime Behavior Insight
75d ago
HexDig 1.0.0 a lightweight binwalk alternative working both on Windows and Linux, written in C++, give it a try!
75d ago
GitHub - iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail: Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter).
75d ago
I built a free open-source CAN bus reverse engineering workstation in Python — 15 tabs, offline ML, dual AI engines, MitM gateway
76d ago
Building a perfect clone of 1993 game SimTower (via RE)
77d ago
How I reverse-engineered a SQLite WAL database inside a VS Code extension - custom merge engine, header byte patching, and protobuf decoding without a schema
77d ago
AI solved our CTF in 6min
77d ago
Example structure for evidence-based vulnerability reports
77d ago
181 loaded
FB
For [Blue|Purple] Teams in Cyber Defence
33d ago · 603 items
US charges suspected Russian hacker with facilitating cyber campaign
33d ago
Hawkish GOP lawmaker Don Bacon says he was hacked by Russia
33d ago
Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025
33d ago
GreatXML: GreatXML bitlocker bypass vulnerability
33d ago
GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan
33d ago
I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue
33d ago
[Op Report] From SSA Phish to AdaptixC2: A Multi-RAT Intrusion
33d ago
GhostTrace – CLI forensic scanner for Windows: 22 modules, MITRE ATT&CK mapped, read-only by default
33d ago
Miasma-style supply chain attacks
33d ago
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet
34d ago
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
34d ago
Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace
34d ago
Testing offensive AI agents in a cloud lab with deception tech
34d ago
Benchmarking n-day exploit generation [via AI]
34d ago
Whoops! I did it again. I patched Windows Kernel at Milan0day 2026
34d ago
Microsoft Defender now monitors RPC activity
34d ago
RoguePlanet: RoguePlanet Windows Defender Vulnerability
34d ago
I triaged this pattern hundreds of times. Here's the KQL that actually works (with noise reduction built in)
34d ago
How do you make learning blue team security entertaining ?
35d ago
Maximizing IOC Impact
35d ago
[2606.07158] Synthetic APTs: the Collapse of TTP-Based Attribution
35d ago
Hades Cluster PyPI Worm Abuses Python Startup Hooks
35d ago
Entra Agent ID from a Security Perspective
35d ago
Understanding modern Chinese cyber operations means shifting from ‘APT’ to composite responsibility
35d ago
What are the best risk-based vulnerability management tools for tracking active exploitation in 2026?
35d ago
QuasarNix: Reverse Shell Detection with Machine Learning
35d ago
Shifting Layer 7 Validation to the Edge: Mitigating Application-Layer Resource Exhaustion in Go
35d ago
Incident de sécurité sur Tchap : la DINUM sécurise la plateforme et informe les usagers après une intrusion maîtrisée - Security incident on Tchap: DINUM secures the platform and informs users after a controlled intrusion
35d ago
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
35d ago
Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency
35d ago
UK Cybercrime Journal: British Universities Struck by ShinyHunters Before Exam Season
35d ago
Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)
35d ago
Visual Studio Code 1.123: Delayed extension auto-updates
35d ago
Fighting Spyware: An Update From WhatsApp: Today, we’re asking the court to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users.
35d ago
Old WinRAR Flaw Fuels Attacks on Ukraine: Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched,
35d ago
Security Notice: Former Helm APT Mirror Domain `baltocdn.com` Statement
36d ago
HTTP/2 HPACK amplification: detection signatures + the nginx/Apache directives that actually stop it (lab- & vps verified)
36d ago
Security Review Request — TID Linux Kernel Module
36d ago
Building a safe, effective sandbox to enable Codex on Windows
36d ago
Query-Hub: CQL Hub is an open repository of detection and hunting queries for CrowdStrike NextGen SIEM and Falcon LogScale.
36d ago
About PCIe DMA Cheats: Protocol, IOMMU, Hardware, and Detection
36d ago
BusyWork: Replacing Sleep with Real Work to Break Behavioral Detection
36d ago
Z-Jail: A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine (Truthimatics Public Version) for secure, auditable code execution.
36d ago
UPnPHostFileRead: Arbitrary file read exploit for the Windows UPnP Device Host service.
37d ago
EDRChoker: A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.
37d ago
Sysmon RegistryEvent exclude not overriding include rule for Event ID 13
37d ago
Pwnd Blaster: Hacking your PC using your speaker without ever touching it
37d ago
cygor: An modular asset discovery framework written in python to automate the repeating manual work
37d ago
On May 31, 2026, Meta discovered that there was a vulnerability in an AI-assisted account recovery system for Instagram ("High Touch Support" or "HTS") that was exploited byun authorized third parties to perform password resets on Instagram user accounts.
37d ago
Chinese-Cybercrime-Research: Resources to learn more about Chinese-language cybercrime actors.
37d ago
Inside an Active STX RAT Supply Chain Campaign - A threat actor spent one month building a trojanized software supply chain aimed at a specific type of victim
37d ago
Unmasking Quellostanco: How a Git Commit Exposed a Threat Actor Targeting Egyptian Infrastructure (co-authored)
37d ago
The Privileged Roles Nobody Talks About
37d ago
Auditing GitLab: The CI/CD Kill Chain - GoGatoZ — a purpose-built Go tool for GitLab CI/CD security auditing that can perform and automate the entire CI/CD kill chain...
37d ago
Popping Root on UniFi OS Server: Unauthenticated RCE Chain Detection & Analysis
37d ago
21 Zero-Days in FFmpeg
37d ago
depthfirst's AI agent found 21 FFmpeg zero-days (CVE-2026-39210–39218) for ~$1,000 — oldest bug from 2003. What does this do to the economics of vuln research?
37d ago
CrowdStrike LogScale queries I use to detect LOLBin- built from 10 years of production SOC work
37d ago
The Detection & Response Chronicles: Covert Operations Through QEMU
38d ago
The Interesting Case of WSL for Payload Staging
38d ago
The Click that shouldn’t have worked: RCE via clickjacking in Internet Explorer
38d ago
Ongoing Targeted Campaign Against US Law Firms
38d ago
New China-Linked Cluster OP-512
38d ago
Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload.
38d ago
From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services
38d ago
MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain
38d ago
Six Stages Deep and an Endless Loop: Shai-Hulud Is Getting Sophisticated
38d ago
Game Over: WeedHack - The Rise of Minecraft Malware-as-a-Service Campaigns
38d ago
About ETW Internals: Architecture, Hooking, Tampering, and Detection
38d ago
PoisonXドライバを用いた日本組織への攻撃キャンペーン - Attack campaign against Japanese organizations using PoisonX driver
38d ago
Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp
38d ago
Async PICOs and Custom Beacon Wakeups in Cobalt Strike
38d ago
Enter the WasmForge: Compiling Sliver into WebAssembly
38d ago
staged-DLL-Injection-SMB-: Staged DLL injection proof-of-concept built in C using Win32 APIs
38d ago
Trend Micro Deep Security Agent Research: Forcing bmhook/tmhook Reloads to Open a Protection Bypass Window
38d ago
Seven Years on a Public Clipboard: Pasted Secrets, Türkiye's Exposure, and a Stored XSS
38d ago
BOF Cocktails in Cobalt Strike
38d ago
Address Translation
38d ago
Investigation into APT 5 and their inner workings of PLA Troop 61786
38d ago
The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy
38d ago
CISA and Partners Urge Hardening Automatic Tank Gauge Systems
38d ago
Magecart skimmer turns Stripe into a malware command server
38d ago
Security advisory: Brute force attack on Dashlane user accounts
38d ago
Cisco Security Advisory: Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability
38d ago
A new extortion brand called Pink, tracked as cluster CL-CRI-1147, that leverages vishing for initial access for the purposes of extortion. CL-CRI-1147 is likely a Com-affiliated actor, with techniques similar to Bling Libra (ShinyHunters) and CL-CRI-1116 (Blackfile/Redact).
38d ago
IronWorm: Shai-Hulud's rustier cousin
38d ago
Weil reportedly pays up to $20 million after hackers steal client data
38d ago
CTO at NCSC Summary: week ending June 7th
38d ago
defending-code-reference-harness: Claude skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize
38d ago
1-Click GitHub Token Stealing via a VSCode Bug
38d ago
The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds
38d ago
Multi-layer sandbox for native code execution on Linux with no external deps.
38d ago
Introducing Package Proxy: supply-chain safety checks without client-side software
39d ago
AI-Powered Cheats & Stolen Secrets: Teardown of the Yuta/Solara Roblox Stealer
39d ago
zannotate: Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS)
39d ago
The Deny ACE That Never Fires: Non-Canonical ACL Order in Active Directory
39d ago
VerdantBamboo: Just Another BRICKSTORM in the Firewall
39d ago
AzureRedOps: Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID
39d ago
MXC Internals: How Microsoft's eXecution Containers Actually Isolate Agent Code
39d ago
IronWorm Supply Chain Malware Hits npm
39d ago
FSB’s matryoshka #3/3 - Gamaredon’s gifts that keeps unpacking - GammaSteel
39d ago
FSB’s matryoshka #2/3 - Gamaredon’s gifts that keeps unpacking - GammaLoad
39d ago
You do surprise me.exe: An unexpected executable in Hola Browser
39d ago
LSASS/Defender/CTFMON analysis
40d ago
Software supply chain attacks: check your dependencies
40d ago
Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator
40d ago
29 open-source Sigma/Wazuh rules for Modbus, DNP3, IEC 104, MQTT, OPC-UA (OT/ICS detection)
40d ago
Open Source - 2500 New MITRE Mutations
40d ago
Inside DesckVB Rat Analysis: From Malspam to In-Memory RAT
41d ago
Bring Your Own RWX Region DLL (BYORWXDLL)
41d ago
Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem
41d ago
APT-C-26(Lazarus)组织利用CVE-2025-55182与Copperhedge组件的攻击行动分析 - Analysis of APT-C-26 (Lazarus) group's attack activities using CVE-2025-55182 and the Copperhedge component
41d ago
NuGet Code Execution As A Service
41d ago
aether: Aether is a Windows memory-forensics and threat hunting tool that scans live process memory for malicious pattern, detect injection techniques, implant signatures, reflectively loaded .NET assemblies
41d ago
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
41d ago
TA4922: The Suspected Chinese Crime Group is Going Global
41d ago
[ Removed by Reddit ]
41d ago
Espionage Campaign Targeted Stock Exchange Executive for Five Months
41d ago
OnionAccelerator: multi-circuit / chunked download acceleration over Tor
41d ago
HazyBeacon and AWS Lambda Function URL Abuse
41d ago
The Server Seizure That Affects Also Iran's Cyber Operations
41d ago
How China's Cyber Operations – and the Contractors Behind Them – Target Critics Abroad
41d ago
🚨 🪱 How PCPJack Converted 230 Compromised Cloud Servers into a Hidden SMTP Relay Network
41d ago
Sysmon RegistryEvent exclude not overriding include rule for Event ID 13
41d ago
Red Hat npm supply chain attack "Miasma" — 32 @redhat-cloud-services packages, SLSA bypass via OIDC abuse, new GCP/Azure identity collectors
41d ago
Dependency Cooldowns - Dependency Cooldowns
41d ago
C2 Frameworks - Threat Hunting in Action with YARA Rules
41d ago
Ransomware tabletop
41d ago
Tracking APT28 PixyNetLoader: Evolutions from 2024 to 2026
41d ago
Tracking North Korea Nation-State APT Infrastructure: Kimsuky
41d ago
새벽에 온 암호화 손님 Endpoint(Midnight) 랜섬웨어 분석 - Analysis of Endpoint (Midnight) Ransomware: The Encrypted Guest That Arrived at Dawn
42d ago
From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services
42d ago
Codex Discovered a Hidden HTTP/2 Bomb
42d ago
Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs
42d ago
Unpatched NTLM Coercion in Windows search: URI Handler, Same Bug, No CVE, No Fix
42d ago
“Fellow practitioners — made some infosec merch that actually speaks our language. What security concepts would you want on a shirt?”
42d ago
Iran is using Western AI services to help with phishing, malware support and military research while building a domestic platform at Sharif
42d ago
Malicious Registrations in the Domain Name Market: An Analysis of gTLD Registrations and Cybercriminal Demand
42d ago
Gamaredon’s gifts that keeps unpacking - GammaPhish and GammaWorm
42d ago
RedSun: Exploiting Windows Defender's Remediation Workflow for Local Privilege Escalation
43d ago
Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages
43d ago
Cybersecurity (CYBER); Cyber Resilience Act (CRA); Cybersecurity requirements for routers, modems intended for the connection to the internet and switches
43d ago
Miasma: Supply Chain Attack Targeting RedHat npm Packages
43d ago
@redhat-cloud-services npm scope backdoored with valid signed SLSA provenance; recovered the GitHub commit-search dead-drop C2 markers
43d ago
Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts via prompt injection with bot - now patched
43d ago
Tracking The Trackers: Commercial Surveillance Occurring on U.S. Army Networks
43d ago
Meta AI Recovery Flow Reportedly Bypassed 2FA: A Lesson in Privilege Boundaries
43d ago
Sapphire Sleet Targets macOS in Multi-Stage Intrusion Campaign
43d ago
Atomdrift - open-source malware detection for the software supply chain
44d ago
Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens
44d ago
179 npm Packages Target Cloud and Finance via oob.moika.tech
44d ago
KB4853: Vulnerability Resolved in Veeam Service Provider Console 9.2.1 - "A vulnerability in Veeam Service Provider Console allows for remote code execution." - CVSS 9.4
44d ago
Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs
44d ago
Hawk: Golang tool designed to exfiltrate passwords found via the sshd and su services
44d ago
EvilTokens and OAuth Abuse: How Device Code Phishing Bypasses MFA
44d ago
Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
44d ago
Signal macOS Desktop App Doesn't Actually Delete Messages When it Should
44d ago
Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan
44d ago
WHQL-signed kernel driver keylogger, likely deployed as an anti-cheat BYOVD
44d ago
Typosquatted npm packages used to steal cloud and CI/CD secrets
44d ago
Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2
44d ago
Malicious npm packages abuse dependency confusion to profile developer environments
44d ago
Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
44d ago
Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attack
44d ago
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities - "Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied."
44d ago
Dissecting an Undocumented Lua-Wrapped Loader: The BoldTealLayer Campaign
44d ago
SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
44d ago
EDR Incident Response Playbook: Containing Local Account Incidents
44d ago
Adversarial Oracles: LLM-Guided EDR Signature Reduction
44d ago
One click—and you’re spied on: GFF files criminal complaint alongside journalist Trung Khoa Lê following spyware attack - GFF
44d ago
proxy: A lightweight caching proxy for package registries.
44d ago
How OLTs may have exposed entire ISP networks
44d ago
A miner with a side of RAT: the unintended gift with your TV show or book - Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years
44d ago
HunterAgent: Neuro-Symbolic Attack Trace Reconstruction under Anti-Forensics
44d ago
Honeyval: A Comprehensive Evaluation Framework for LLM-powered HTTP Honeypots
44d ago
Security of OpenClaw Agents: Fundamentals, Attacks, and Countermeasures
44d ago
Lessons from Penetration Tests on Large-Scale Agent Systems
44d ago
pydepgate: A zero dependency lightweight static analyzer designed for adversarial-shape code in python to detect supply chain attacks before they reach your interpreter.
44d ago
CIFSwitch: a non-universal Linux local root vulnerability
44d ago
Web-Based Indirect Prompt Injection To Push A Malicious Chrome Extension
45d ago
DriverSentinel: DriverSentinel is a security tool developed in Go that detects malicious and vulnerable drivers on Windows systems by comparing them against the LOLDrivers.io database.
45d ago
Visual Studio Extensions Revisited
45d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
45d ago
BYOVD and Looting LSASS in the Modern EDR Era
45d ago
CTO at NCSC Summary: week ending May 31st
45d ago
OffensiveCon26 videos
45d ago
School Survey, (non-paid nothing its free its for my grades)
45d ago
Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments
46d ago
LLMShare: how attackers are turning AI chatbot pages into malware delivery platforms
46d ago
LogMonitor — open-source Python tool for real-time failed login detection with multi-channel alerting
46d ago
Identifying attack patterns through kernel frame callstacks
46d ago
Evaluation taxonomy for cyber threat intelligence (CTI) quality and conversion quality in workflows such as MISP/STIX exchange and CTI Transmute, covering relevance, accuracy, timeliness, clarity, specificity, format validity, conversion fidelity, and usefulness
46d ago
What safety boundary would you expect from a local AI incident investigation tool?
46d ago
Authenticated RCE via Argument Injection in Gogs (NOT FIXED)
46d ago
Why I Built My Own LLM Benchmark for THOR Finding Triage
46d ago
Casdoor contains multiple authentication bypass and access management vulnerabilities
46d ago
The approval prompt is lying: a critical coding agent security flaw - A symlink-hijack RCE in six AI coding agents
46d ago
GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations
46d ago
Inside a 176-Package npm Campaign Built to Beat Your Internal Dependencies
46d ago
Malware seller hunted across three continents
46d ago
Romanian National Sentenced for Selling Access to Networks of Oregon State Government Office and Other U.S. Victims
46d ago
Law firm Wiley Rein hit with class action over data breach tied to Chinese hackers
46d ago
Gezamenlijke actie politie en NCSC legt groot botnetwerk plat | Joint police and NCSC NL operation shuts down large bot network
46d ago
Introducing Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet in plain English; get a narrative answer with containment recommendations.
46d ago
The C-suite job that's burning people out faster than any other
46d ago
New OSINTDomain Update: Domain OSINT Analysis with AI Agent Interpretation
46d ago
SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer
46d ago
Frieren: an open-source framework for WiFi Pineapple-style OpenWrt security appliances
47d ago
2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
47d ago
APT Activity Report: CONFLICT-INFORMED ESPIONAGE: MONITORING OIL SHIPMENTS, TARGETING DRONE MAKERS - October 2025-March 2026
47d ago
Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure
47d ago
Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
47d ago
Zero Trust Implementation Guidelines
47d ago
BlackToad: Network Manipulation in an AutoIt Payload
47d ago
RVTools Masquerade: How a Signed Fake Installer Deploys a Modular Python RAT
47d ago
Kimsuky's Advanced Attack Techniques: JSONPing, Webex Spoofing, and a New HttpSpy Variant
47d ago
Device Code Lab (DCL) — Deep Dive into a Device Code Phishing Toolkit
47d ago
FROST: Fingerprinting Remotely using OPFS-based SSD Timing
47d ago
Alert Number: I-052726-PSA | 27 May 2026 Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup
47d ago
puck-security/puck-oss: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations.
47d ago
Who is Salt Typhoon Really? Unraveling the Attribution Challenge
47d ago
Looking for resources on end-to-end APT attack flow summaries for detection engineering
48d ago
The War Between Wars: How an IRGC Cyber Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire
48d ago
durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP
48d ago
Exposing a Smishing campaign across 19 countries: 1,628 malicious URLs tied to a single 128-char HTML fingerprint
48d ago
Building Detection Engineering on AWS from scratch — roast my plan
48d ago
MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
48d ago
Designing secure access with ZTNA
48d ago
MSIT Launches Early “Incident Investigation Review Committee” for Proactive Security Incident Response
48d ago
White House: Ensuring Effective and Efficient Agency Logging and Network Visibility to Defend Against Evolving Cyber Threats
48d ago
Advisory X41-2026-002: Request Host Header not Validated in Starlette
48d ago
Top ethical hacker Chompie warns AI tools could put her out of business
48d ago
浅谈AI Agent的行为检测思路 -A Brief Discussion on Behavior Detection Approaches for AI Agents
48d ago
YoroTrooper组织针对独联体及周边区域的攻击活动分析 - Analysis of YoroTrooper's Attacks Against the CIS and Surrounding Regions
48d ago
CERT-IN: Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure - patch between 12 hours and 5 days they state
48d ago
The Evolution of Chinese-language Phishing Services
48d ago
Silent Ransom Group Impersonating IT Personnel through Social Engineering
48d ago
The epoll UAF - an epoll uaf race in fs/eventpoll.c
48d ago
Tycoon 2FA AiTM detection for Entra ID and Google
48d ago
Microsoft Copilot Cowork Exfiltrates Files
48d ago
Unpatched Sparx vulnerabilties
49d ago
sylvia: iOS Syscall Explorer for IDA 9.X
49d ago
Ababil of Minab: An Iran-Linked Destruction and Exfiltration Campaign Targeting the U.S. and the Middle East
49d ago
GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip
49d ago
JOMANGY: INJ3CTOR3's Self-Healing FreePBX Toll Fraud Campaign
49d ago
7-Zip CVE-2026-48095: NTFS Heap Overflow Leads to Vtable Hijack
49d ago
Seeing alot of SSH honeypot attacks on "root:fjbdfdjkdsfs541544AA@@"
49d ago
The practice of cyber-threat intelligence in organizations: A socio-technical case study of a mature financial organization
49d ago
GitHub - mrexodia/ida-pro-mcp: AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
49d ago
Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
49d ago
CVE-2026-20700: A controlled exploration of dyld's page-in linking and chained fixup machinery as a PAC signing oracle, in the context of CVE-2026-20700.
50d ago
YouTube SMS Blaster Ad Displays Scam Messages That Impersonate Telcos
50d ago
Open sourced the part of our SOC tool that can nuke your endpoints, so you can read it before trusting it
50d ago
honeyslop: Code canaries to quickly triage hallucinated ('slop') vulnerability reports
50d ago
Apex One and Vision One – Standard Endpoint Protection (SEP) May 2026 Security Bulletin - TrendAI has observed at least one instance of an attempt to actively exploit one of these vulnerabilities in the wild.
50d ago
Putin appoints Rostec cybersecurity specialist linked to GRU hackers from Fancy Bear as aide to Sergei Shoigu in Russia’s Security Council
50d ago
RemotePE: The Lazarus RAT that lives in memory
50d ago
Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer
50d ago
Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
50d ago
Twee mannen aangehouden voor phishing - Two men arrested for phishing
50d ago
Sharp Eyes: Mass surveillance of foreigners in China
50d ago
relay_bible: Technical Reference to multiple relay techniques
50d ago
Fix: CVE-2025-33073 NTLM reflection not exploitable on pre-NT10.0 systems by azoxlpf · Pull Request #1245 · Pennyw0rth/NetExec
50d ago
The Gold Mine Red Teamers Never Touch - "read the Windows source code. Both Windows XP and Server 2003." [to make their tools blend in]
50d ago
SYLK 文件格式的武器化滥用 – Weaponization and abuse of the SYLK file format
50d ago
North Korean cyber hackers and masterminds behind gambling sites... Sentenced to 5 years in prison in the first trial
50d ago
Staged publishing and new install-time controls for npm - GitHub Changelog
51d ago
Updated UAC-0057 toolkit: OYSTERFRESH, OYSTERSHUCK and OYSTERBLUES
51d ago
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
51d ago
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
51d ago
The Future and Past of Residential Proxies
51d ago
Tracking TamperedChef Clusters via Certificate and Code Reuse
51d ago
Machine Overmatch: What Salt Typhoon Reveals About China’s Data-Centric Intelligence Strategy
51d ago
Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware
51d ago
A fraudulent scheme to obtain and use code signing certificates to deceive victims into downloading dangerous malware under the false belief that it is trusted software
51d ago
Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows
51d ago
Suricata 8.0.5 and 7.0.16 released! - fixed various critical and high severity vulnerabilities
51d ago
Phantom Killer: Reverse Engineering and Weaponizing a Lenovo Driver to Terminate EDR Processes
51d ago
mkPIVM: Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode.
51d ago
keyhog: The fastest, most accurate secret scanner. 896 detectors, Hyperscan SIMD, GPU acceleration, 96% recall. Built in Rust.
51d ago
np-audit: Static security analysis for npm packages. Detects obfuscated code, malicious patterns, and known vulnerabilities before installation.
51d ago
Ledger: An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed and what still needs to be cleaned up.
51d ago
OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
51d ago
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
51d ago
FatGid - FreeBSD 14.x kernel LPE
51d ago
Manage [VSCode] extensions in enterprise environments
51d ago
angr: A powerful and user-friendly binary analysis platform!
51d ago
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
51d ago
How Attackers Force Microsoft to Send Phishing Emails
51d ago
Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects
51d ago
Microsoft Authenticator App Details now exposed in Entra SignInLogs
51d ago
Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting
51d ago
How China-linked threat actors obtain zero-day vulnerabilities
51d ago
Fast and Furious - Nimbus Manticore Operations During the Iranian Conflict - Check Point Research
51d ago
Monitoring for vssadmin.exe delete shadows is an absolute bare minimum
51d ago
Infostealers Just Spawned a 5,000+ Repo GitHub Supply Chain Attack
51d ago
How a consultant and a concert pianist from the Netherlands aided pro-Russian hackers
51d ago
CVE-2026-48029: Two grid-decode bugs in libheif
51d ago
workcell: Bounded local runtime and policy boundary for coding agents
51d ago
OpenShell: OpenShell is the safe, private runtime for autonomous AI agents.
51d ago
Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automation
51d ago
Built a SOC from scratch with no prior SOC experience
51d ago
CTO at NCSC Summary: week ending May 24th
52d ago
VPN Exploitation When Patched Doesn't Mean Protected
52d ago
Cybercriminal VPN used by ransomware actors dismantled in global crackdown – VPN service featured in almost every major Europol-supported cybercrime investigation
52d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
52d ago
CLR-Stomp: .NET CLR-Stomping
52d ago
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
52d ago
Introducing Showboat: A new malware family taunts defenses and targets international telecom firms
52d ago
Open Directory, Open Season: Inside Red Lamassu’s JFMBackdoor
52d ago
AI security CTF from a CNCF project - useful for understanding LLM/agent attack patterns from the defense side (June 17-22)
53d ago
GitHub - perplexityai/bumblebee: Read-only inventory collector for package, extension, and developer-tool metadata on macOS and Linux developer endpoints, built for fast supply-chain exposure checks.
53d ago
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
53d ago
Tired of searching different websites, blogs, Reddit posts, and docs just to learn KQL?
53d ago
I got tired of guessing which LOLBAS binaries exist on a host at my privilege level, so I wrote a small Go scanner
53d ago
AI-generated reporting: Lessons learned from Cisco Talos Incident Response
53d ago
CrabLoader: A PoC Cobalt Strike UDRL written in Rust
53d ago
The 429 Microsoft Graph Mystery
53d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
53d ago
Azure Tenant Enumeration is Dead
53d ago
A Deep Dive into Codex Windows Sandbox
53d ago
Striga: Lifting x86 to LLVM IR with Python
53d ago
veilgate: Asymmetric defense against AI red-team agents. VeilGate scores every request, diverts likely agents into a per-IP-coherent fake application, and measures the cost it imposes on the attacker.
53d ago
Windows BitLocker Security Feature Bypass Vulnerability
53d ago
CVE-2026-28910: Breaking macOS App Sandbox Data Containers, TCC, and Hijacking Apps Using Archive Utility
53d ago
Google API keys keep working after you delete them long enough to be exploited
53d ago
Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both?
53d ago
North Korean-Linked Threat Actor Targets Developers with New npm Infostealer RAT
53d ago
Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit
53d ago
Quick heads-up if you're writing KQL for LSASS dumping (stop filtering on process names)
53d ago
Alert Number: I-052126-PSA | 21 May 2026 Kali365 Phishing-as-a-Service Kit Hijacks Microsoft 365 Access Tokens
53d ago
Megalodon: CI/CD Malware Spreading Across GitHub Repositories
54d ago
📡 One telecom carrier accounts for 72% of all Middle East-hosted C2 activity.
54d ago
Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks
54d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
54d ago
beacon-hunter: open source detector for phi-structured C2 beacons that evade RITA
54d ago
Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading
54d ago
Tracking TamperedChef Clusters via Certificate and Code Reuse
54d ago
Living off the Land with VS Code: Inside a Sophisticated Phishing Campaign
54d ago
From Y2K to Patch Tuesday 2025: 25 Years of Bugs in the Windows 2000 Source Tree
54d ago
How a single image takes control of a Mac understanding an ExifTool vulnerability (CVE-2026-3102)
54d ago
Iran-linked Operators Suspected in ATG Breaches
54d ago
Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident | Grafana Labs
54d ago
Compromised Nx Console version 18.95.0
54d ago
CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path
54d ago
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
54d ago
Webworm: New burrowing techniques
54d ago
New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)
54d ago
Operation Dragon Whistle: UNG0002 Targets Chinese Academia via Weaponized Institutional Lure
54d ago
Adaptive Fingerprinting: HTTP-Basma's Multi-Stage Probing for Granular Server Differentiation
54d ago
GitHub’s Fake Engagement Problem Is Hiding in Plain Sight
54d ago
Statecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR)
54d ago
Zer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triage
55d ago
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era
55d ago
5 credential access detection rules beyond LSASS — KQL + Sigma, production-ready
55d ago
Remote Process Read Primitive via NtCreateThreadEx Exit Code
55d ago
aimap: Discover Exposed AI Services
55d ago
FalkorDB: A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation.
55d ago
Why China Is Now a Peer Competitor to the United States in Cyberspace
55d ago
nginx-rift-private-lab: Private Nginx Rift ASLR lab, exploit chain, and demo recordings
55d ago
Built a Linux persistence hunting & artifact collection tool in Bash - persisthunt
55d ago
We are investigating unauthorized access to GitHub’s internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension.
55d ago
Extended Cyber Kill Chain for AI-Era Threats: a defender-side framework mapping LLM and agentic attacks to kill-chain stages (MITRE ATLAS + OWASP LLM Top 10 mappings)
55d ago
Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild
55d ago
Eight Leading U.S. Communications Firms Form C2 ISAC
55d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
56d ago
UAC-0184: From HTA to a Signed Network Stack
56d ago
New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here
56d ago
How Storm-2949 turned a compromised identity into a cloud-wide breach
56d ago
Entra ID: PIM for Groups Review
56d ago
TeamPCP compromises NPM maintainer with over 540 packages
56d ago
Active Supply Chain Attack Compromises @antv Packages on npm...
56d ago
When DMCA Comes Knocking - A YouTube Creator Phishing Kit
56d ago
[Cloudflare] Project Glasswing: what Mythos showed us
56d ago
SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain
56d ago
Rekomendacja Pełnomocnika Rządu ds. Cyberbezpieczeństwa dotycząca komunikatora Signal - Recommendation of the Government Plenipotentiary for Cybersecurity regarding the Signal messenger
57d ago
Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible | CNN Politics
57d ago
CrystalX: unpacking a Go RAT through three encrypted layers
57d ago
DirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Write
58d ago
FlowerStorm unleashes the KrakVM: PhaaS operators turn to VM-based obfuscation
58d ago
LID: LID — Linux Integrity Drift: Bypassing AppArmor via eBPF pathname rewriting. Pre-LSM syscall argument manipulation with zero audit footprint. "Linux is Dying"
58d ago
Static Kitten APT Adversary Simulation
58d ago
Eimeria: five layers from RAR5 to RunPE
58d ago
ghosttype: Local forensic scanner that extracts credentials from AI tool conversation history. For authorized red team and DLP use only.
58d ago
openDCIM exploitation
58d ago
HASBL CTF - A Jeopardy-Style CTF Organized by High School Students!
58d ago
We Have Packet Capture at Home
58d ago
Suspected China-Linked Threat Actor Targets Global Manufacturer with Undocumented TencShell Malware
58d ago
HWMonitor Trojanized for STX RAT DLL Sideloading
58d ago
awesome-dfir-skills: Admiralty System for CTI Claude skill
58d ago
Mullvad exit IPs as a fingerprinting vector
58d ago
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
58d ago
Popular node-ipc npm Package Infected with Credential Steale...
58d ago
An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
58d ago
Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
58d ago
Chinese APT Campaign Targets Entities with Updated FDMTP Backdoor
58d ago
Sandworm Activity in Industrial Environments: What the Data Reveals
58d ago
Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign
58d ago
"Shadowserver-in-a-box" IntelMQ + ELK Solution
58d ago
Stenloader: Steganography Shellcode Loader
58d ago
AsmResolver: a library for reading, modifying and reconstructing Portable Executable (PE) files. It supports PE images running natively on Windows, as well as images containing managed (.NET) metadata - after 2 years of development, v6.0.0 is out
58d ago
Somebody backdoored the package `bfunky/http-parser` on packagist with a stealer - package not touched since 2018
58d ago
Our response to the TanStack npm supply chain attack
58d ago
QEMUtiny is a memory corruption vulnerability in QEMU's implementation of CXL Type-3 device emulation, reported against QEMU master 007b29752e and confirmed working against 5e61afe (May 11, 2026).
58d ago
We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase.
58d ago
APT-C-55(Kimsuky)组织依托GitHub+Dropbox分发恶意载荷的攻击活动分析 - Analysis of APT-C-55 (Kimsuky) group's attack activities involving the distribution of malicious payloads via GitHub and Dropbox.
58d ago
oss-security - Logic bug in the Linux kernel's __ptrace_may_access() function - exploits out see yesterday
58d ago
Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations
58d ago
OtterCookie: JavaScript RAT shifting fake-interview campaigns from credential theft to live surveillance
58d ago
The Gentlemen Ransomware Group — Leak Analysis
58d ago
HDD Firmware Hacking Part 1
59d ago
ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
59d ago
CTO at NCSC Summary: week ending May 17th
59d ago
Vidar v1.5 in Go: same family, new language, heavy sandbox checks
59d ago
Developer credential-theft campaign exposed operator-side self-infection
59d ago
Help-Desk Lures Drop KongTuke's Evolved ModeloRAT
59d ago
Welcome to BlackFile: Inside a Vishing Extortion Operation
59d ago
DoublePulsar: A User-Defined Reflective Loader in the Crystal Palace and Tradecraft Garden Era
59d ago
Stop Being Weird — Life After Call Stack Spoofing Under CET
59d ago
Triggering the Secure Boot Certificate Update with Intune Remediations
59d ago
How to enable HTTPS support for Microsoft Connected Cache for Enterprise and Education - Starting on June 16th, 2026, or soon after, Intune will enforce HTTPS content delivery for customers using Microsoft Connected Cache
59d ago
Addressing Exchange Server May 2026 vulnerability CVE-2026-42897
59d ago
One Is a Fluke, 3 Is a Pattern: MCP Back-End Vulnerabilities
59d ago
CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)
59d ago
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
59d ago
FamousSparrow APT Targets Azerbaijani Oil and Gas Industry
59d ago
Disclosing new PebbleDash-based tools by Kimsuky
59d ago
FrostyNeighbor: Fresh mischief and digital shenanigans
59d ago
Kazuar: Anatomy of a nation-state botnet
59d ago
OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments
59d ago
NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys
59d ago
Hacker Ringleader Extradited for 38 Billion Won Theft
59d ago
Alert Number: I-051526-PSA | 15 May 2026 ShinyHunters: Cyber Criminal Group Attacks Learning Management System
59d ago
Fragnesia (CVE-2026-46300) is a universal Linux local privilege escalation exploit
59d ago
The Mythos We Have At Home: A Patch-Diffing Pipeline for N-Day Generation
59d ago
FFFFirefox - A One-Day Wonder Renderer Exploit
59d ago
MiniPlasma, a powerful LPE
59d ago
Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox?
60d ago
[Tool] IOCX — deterministic static IOC extraction for PE binaries
60d ago
Novel Evilginx Frontend - Lowering the barrier for token theft reuse
60d ago
SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not?
60d ago
WAF Evasion Engine
60d ago
Thus Spoke…The Gentlemen
60d ago
KQLab - open-source query manager for SOC teams
61d ago
How TeamPCP's Python Toolkit Survives a C2 Takedown
61d ago
Microsoft AntiSSRF
61d ago
Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state
61d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
61d ago
How fast is autonomous AI cyber capability advancing?
61d ago
YellowKey: YellowKey Bitlocker Bypass Vulnerability
61d ago
Tinker Tailor Soldier: Paper Werewolf’s latest toolkit
61d ago
126 Chrome extensions, all secretly the same product, taking 148K users' WhatsApp data and ad cookies
61d ago
Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad
62d ago
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
62d ago
[HOMELAB] Built a SOC investigation console on two old Dell boxes
62d ago
Android Intrusion Logging as a new source of data for consensual forensic analysis
62d ago
Shai-Hulud: Another Wave and Going Open Source
62d ago
A stealth approach to Process Injection - EntryPoint Hijacking
62d ago
[Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible)
62d ago
Service Principal Sign-Ins: A blind spot that a lot are missing
62d ago
My Analysis of a Bandook RAT PCAP
62d ago
Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign
62d ago
Detection Rule is here
62d ago
Owning a service principal equals owning its permissions.
62d ago
Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection
63d ago
CPU OP Cache Corruption - AMD has identified a vulnerability in the CPU operation (op/µop) cache on Zen 2‑based products that can cause incorrect instructions to be executed at a higher privilege level.
63d ago
AI+DFIR Challenge: Share Your Disasters and Successes
63d ago
Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware
63d ago
Postmortem: TanStack npm supply-chain compromise
63d ago
bits from the release team - Aided by the efforts of the Reproducible Builds project, we've decided it's time to say that Debian must ship reproducible packages
63d ago
rxrpc_privesc: RxRPC privesc PoC without fcrypt() restrictions
63d ago
Detecting Remote Thread Creation with Windows Driver
63d ago
Mythos finds a curl vulnerability
63d ago
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - some leaps pending technical details
63d ago
Reverse Engineering a Multi Stage File Format Steganography Chain of the TeamPCP Telnyx Campaign
63d ago
Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment
63d ago
esp32-c5-deauth: A deauth with nuker for 2.4Ghz and 5Ghz controlled by BLE with Android app
63d ago
LOLRMM Publishers - PR merges 182 new code signing certificates and adds important safety warnings to entries containing certificates from major software vendors.
63d ago
How Cloudflare responded to the “Copy Fail” Linux vulnerability
63d ago
I analyzed 196k+ Sysmon events and found APT29 staging malware in Temp. Here is my detection logic.
63d ago
LUKSbox: Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots.
63d ago
New Shai-Hulud npm worm variant
63d ago
EtwWatcher
64d ago
Donuts and Beagles: Fake Claude site spreads backdoor
64d ago
Fine of nearly £1m issued against South Staffordshire Plc and South Staffordshire Water Plc following major cyber attack and data breach
64d ago
CHERIoT-Ibex: Closing the door on memory safety vulnerabilities with hardware-enforced protection
64d ago
Deterministic PE Validation for Blue Teams - IOCX v0.7.3
64d ago
Delving deep into threat detection: My logic for abnormal EventID 7 activity
64d ago
NZ announces sanctions on malicious Russian cyber actors, online platforms
64d ago
Update: Ongoing Checkmarx Supply Chain Security Incident
64d ago
ShinyHunters cashout fingerprint; on-chain trace of the May 2024 AT&T ransom payment, with persistent laundering-service hubs identified through 2025
64d ago
Unmanaged PowerShell Execution: Hunting Beyond powershell.exe
65d ago
Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign
65d ago
Static Devirtualization of Themida
65d ago
Now You See Me: AADGraphActivityLogs
65d ago
[Write-up] CyberDefenders: Wiredive Lab
65d ago
page_inject: CVE-2026-31431-killed page-cache exploit — code exec into containers sharing the same image layer
65d ago
JDownloader — Website installer incident (May 2026)
65d ago
The GNU MP Bignum Library - "We suspect that GMP's extremely tight loops around MULX make the Zen 5 cores use much more power than specified, making cooling solutions inadequate."
65d ago
AI in the Breach: How an Adversary Leveraged AI to Target a Water Utility’s OT
65d ago
EventHawk v1.2 -open source Windows EVTX log analysis tool for DFIR (Juggernaut Mode, ATT&CK mapping, Sentinel anomaly engine)
65d ago
Jenkins honeypot reveals botnet exploiting scriptText to launch DDoS attacks on game servers
65d ago
Writing a Naive LLVM-based Devirtualizer
65d ago
Where Have All the Complex Windows Malware and Their Analyses Gone?
66d ago
When prompts become shells: RCE vulnerabilities in AI agent frameworks
66d ago
Shift-Happens-Uncovering-to-builtin-command-injection-in-Windows-context-menus: Shift Happens: Uncovering two built-in command injections in Windows context menus
66d ago
MOVEit Automation Critical Security Alert Bulletin – April 2026 – (CVE-2026-4670, CVE-2026-5174)
66d ago
Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor
66d ago
Let's Encrypt Status: Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate. This affects our "tlsserver" and "shortlived" ACME certificate profiles.
66d ago
Analyse des DNS-Ausfalls vom 5. Mai 2026 - Analysis of the DNS outage of May 5, 2026
66d ago
Member of Prolific Russian Ransomware Group Sentenced to Prison
66d ago
EasterBunny: advanced espionage artifacts attributed to APT29
66d ago
Tracking the "Sorry" Extortionist Campaign Against cPanel Websites
66d ago
PositiveIntent: Evasive loader for .NET Framework assemblies
66d ago
The Accidental C2: Exploring Dev Tunnels for Remote Access
66d ago
Living of the Land - DISM Sandbox Provider Hijack
66d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
66d ago
CTO at NCSC Summary: week ending May 10th
66d ago
ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure
66d ago
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
66d ago
Copy_Fail2-Electric_Boogaloo: Copy Fail 2: Electric Boogaloo
66d ago
DARWIS Taka - Web vulnerability scanner with Optional AI Validation
66d ago
SunnyDayBPF: eBPF telemetry integrity research for detection engineering
67d ago
Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama
67d ago
Massive Cyber Attack Exposes Millions 🚨 || starting my cybersecurity jou...
67d ago
Student Arrested in Taiwan for using SDR and Handheld Radios to Halt Four High Speed Trains with TETRA Hack
67d ago
Dirty Frag: Universal Linux LPE
67d ago
Ivanti: We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication.
67d ago
Two U.S. Nationals Sentenced for Facilitating Fraudulent Remote Information Technology Worker Schemes to Generate Revenue for the Democratic People’s Republic of Korea
67d ago
Revealed: Russia’s top secret spy school teaching hacking and election meddling | Russia
67d ago
OceanLotus suspected of distributing ZiChatBot malware via wheel packages in PyPI
67d ago
Searching for bulletproof detections in cPanel Land: Hunting for CVE-2026-41940: Building Detections for the exploit, not the PoC
67d ago
Detecting BEC Persistence with KQL
68d ago
Unpacking Russian-Iranian Private-Sector Cyber Connections
68d ago
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
68d ago
OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk
69d ago
Inadvertent Injections
69d ago
CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
69d ago
Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
69d ago
Iranian-Nexus Operation Against Oman's Government: 12 Ministries Hit and 26,000 Citizen Records Exposed
69d ago
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
69d ago
UAT-8302 and its box full of malware
69d ago
CVE-2026-0073 Android adbd TLS client-authentication bypass
69d ago
One KQL query you should have saved in your toolkit (most don’t)
69d ago
CVE-2026-31431 hit KEV after 9 days, what are you using to catch that earlier?
69d ago
Built a Cowboy Bebop-themed threat hunting lab with Splunk and Sysmon — writeup inside
69d ago
🇮🇷 Iranian-Nexus Campaign Against Oman's Government: 12 Ministries, 26,000 Records
70d ago
Popular DAEMON Tools software compromised
70d ago
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
70d ago
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
70d ago
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
70d ago
Accelerating Vulnerability Detection and Response at Oracle
70d ago
The cPanel Zero-Day Was Active for 64 Days Before Anyone Knew
70d ago
GIDR: A behavioral intrusion detection system for Windows. Files are innocent until proven guilty at runtime. When malicious behavior is detected, the entire attack chain is traced to root and eliminated.
70d ago
dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025
70d ago
N-Day Research with AI: Using Ollama and n8n
70d ago
38 CVEs in Healthcare Software Used by 100,000 Medical Providers
71d ago
Recursively fuzzing MS-RPC structures and monitoring using ETW
71d ago
VanGuard — open-source single-binary DFIR toolkit (Velociraptor, Hayabusa, Chainsaw, Loki, YARA) with TUI, air-gap support, and 28 pre-built use cases
71d ago
CVE-2026-31431:我用 DeepSeek 复现了 AI 发现Copy Fail 提权的全过程 - CVE-2026-31431: I used DeepSeek to reproduce the entire process of AI detecting Copy Fail privilege escalation.
71d ago
《APT高级威胁研究报告》(2026 版)- Advanced Threat Research Report (2026 Edition)
71d ago
nginxpulse: 轻量级 Nginx 访问日志分析与可视化面板,提供实时统计、PV 过滤、IP 归属地与客户端解析。- A lightweight Nginx access log analysis and visualization dashboard, providing real-time statistics, PV filtering, IP geolocation, and client resolution.
71d ago
蔓灵花组织使用NUITKA打包的python样本进行投递 - The Manlinghua organization used Python samples packaged in NUITKA for delivery.
71d ago
gdrv3.sys - Reverse Engineering a Signed Kernel Driver with 13 Hardware Access Primitives
71d ago
Added new vulnerable samples for IoBitUnlocker, Zemana and TfSysMon
71d ago
AMSI Page Guard Bypass (Rust PoC)
71d ago
Meet Bluekit: The AI-Powered All-in-One Phishing Kit
71d ago
Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI
71d ago
A hacker group was detained in Lviv Oblast, which hacked game accounts and received almost UAH 10 million in profit from their sale in Russia
71d ago
IRQL - Incident Response Query Language - A collection of Kusto (KQL) functions that unify security logs behind a consistent, analyst-friendly dialect
71d ago
Nuclei template CVE-2026-41940.yaml - cPanel & WHM - Authentication Bypass via Session-File CRLF Injection
71d ago
ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution…
71d ago
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
71d ago
[2603.28728] Study of Post Quantum status of Widely Used Protocols
71d ago
Malicious Intercom PHP Package Spreads Mini Shai-Hulud Attack to Packagist via Composer Plugin
71d ago
Possible supply chain attack on version 2.6.3 · Issue #21689 · Lightning-AI/pytorch-lightning
71d ago
code-needle: A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint.
71d ago
Secure Boot Inventory Data In Configuration Manager
71d ago
EventLogExpert: Can be used as a replacement for Event Viewer to view live event logs. Choose Continuously Update on the View menu and watch new events appear in real time.
71d ago
MicroSMT: IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning.
71d ago
AI-powered honeypots: Turning the tables on malicious AI agents
71d ago
copy.golf — golf your exploits - smaller copy.fail exploits..
71d ago
DragonBreath: Dragon in the Kernel
71d ago
Holy-Grail-PCAP: "Holy Grail PCAP" is a capture file offering exceptional coverage across nearly all tcpdump/Wireshark encapsulation types and dissectors.
72d ago
Impacket-IoCs: This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library
72d ago
Puzzle: Set of PoC to abuse Windows minifilters functionality
72d ago
A “Psychological Warfare” to Show Off Cyber Capabilities: A Comprehensive Analysis of SentinelOne’s Exposure of fast16
72d ago
Active exploitation of cPanel/WHM critical vulnerability
72d ago
Important Update From Trellix - "Trellix recently identified unauthorized access to a portion of our source code repository. "
72d ago
5 Qilin ransomware servers exposed over 7 months
72d ago
South-East Asian Military Entities Targeted via cPanel (CVE-2026-41940)
72d ago
Russian Charged in Oil and Gas Facility Hacks Pleads Guilty
72d ago
VECT ransomware: small files decrypt, large files lose their nonces
73d ago
CTO at NCSC Summary: week ending May 3rd
73d ago
April 27th - What happened with our feature flag configuration | The ClickUp Blog
73d ago
Blog: Evolving the Android & Chrome VRPs for the AI Era
73d ago
Seven Queries to Audit the Sentinel Detections Your SOC May Have Missed.
73d ago
VECT: Ransomware by design, Wiper by accident
73d ago
VisualSploit: Backdoor Visual Studio project files with custom shellcode, which executes whenever the project is opened or built.
73d ago
Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison
73d ago
Agentic Malware Analysis: From Task Automation to Deep Analysis
73d ago
pydep-vector-runner: A lightweight runner that guards against weird startup behaviors in python. Lightweight version of PyDepGuard's coderunner.
73d ago
month-of-bypasses: Proof-of-Concepts for Detection Engineering Purposes Only
73d ago
603 loaded
MA
Malware Analysis & Reports
33d ago · 115 items
I built 99 adversarially malformed PE files to test tool robustness - here’s what happened
33d ago
ClickFix attack in the wild — fake Cloudflare CAPTCHA delivering obfuscated PowerShell dropper
34d ago
WordPress malware in official WooCommerce theme (Kiosko): hidden admin users and corrupted sitemap
34d ago
Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace
34d ago
Fake Interview deploys stealthy cross platform (macOS/Windows) through npm package install in take home assessment
36d ago
73 Microsoft GitHub repositories impacted by Miasma malware
36d ago
Unauthorized Onlyfans Payment
36d ago
Building A Malware Lab From Scratch Part 2!
38d ago
Detecting npm Native Addon Malware: node-gyp Abuse
38d ago
Microsoft Warns of GPU Cryptojacking Campaign Spread Through AI Chatbot Links
39d ago
Extremely suspicious behaviour by memu emulator
40d ago
Malware
40d ago
🚨 PCPJack's SMTP Toolkit Dissected: 3 Deployer Generations, Multi-Arch Chisel, and a Full EHLO/STARTTLS Verification Loop
41d ago
ChatGPT Malvertising Campaign
41d ago
Recommendation
41d ago
Welp, we got a VMware antidetect ransomware/spyware/trojan before GTA 6!
41d ago
This is a scam and probably a malware/trojan. Path Of Exile 2 builder ...
42d ago
LLMShare: using shared chatbot pages to distribute malware
42d ago
How to Unpack FlawedAmmyy - Malware Unpacking Tutorial
43d ago
Building A Malware Lab From Scratch!
44d ago
I bought an old phone from 2018 and wanna destroy it with viruses for fun
45d ago
Malware escaped browser without downloading files, then escaped a virtual machine
45d ago
I’ve seen ppl get flamed online for ever thinking they’re hacked/being monitored but
46d ago
A Deeper Look at GLASSWORM's Solana Variant
47d ago
Got hit by an infostealer via Discord - Need advice on full removal - ASUS TUF A15
47d ago
Kali365 Activity Surges: Device Code Phishing Is Scaling Fast
48d ago
MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
48d ago
Deep structural file analysis with MITRE ATT&CK mapping, from the original ClamAV authors (clens.io)
48d ago
Not a security person... got hit by an undocumented macOS stealer campaign, reverse engineered it, and tried to take the whole operation down.
49d ago
How random program can cause most of antiviruses close himself without telling himself to close
49d ago
The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire
49d ago
Suspicious ass website asking to run a terminal command (MacOS)
50d ago
Harvard and 140 other legitimate websites compromised
53d ago
Browser session theft is quietly becoming more dangerous than password theft
53d ago
Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours
53d ago
How TeamPCP's Python Toolkit Survives a C2 Takedown: FIRESCALE, GitHub, and the Victim's Own Account
54d ago
Database of Malicious Browser Extensions
54d ago
I’ve got 99 problems, and IOCX isn’t one.
54d ago
Can't access anything
55d ago
New GMKtec M7 Ultra appears to be infected. Beware of the malware!
56d ago
vpn explained the simple version that actually makes sense
56d ago
Benchmarking LLMs for malware triage and static unpacking with Malcat
57d ago
Netmirror exposed - The Free Movie App That Was Robbing You Blind
57d ago
Malware learning
58d ago
Brovan: Binary user-mode emulator for x86_64
59d ago
Inspecting a DLL file trying to figure out if it really is malware
60d ago
npm supply chain compromise on a Next.js app — XMRig miner bundled into webpack output
60d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
61d ago
I got a desktop notification, saying I had a security oversight. What's odd, is that the notification said Windows Security and it looked very believable...
61d ago
clens.io - new public threat & data intel service
62d ago
Granny’s Compromised Android Firmware
62d ago
[Tool] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible)
62d ago
OS scanner that checks repos for traces of the Shai Hulud worm
62d ago
Mini Shai-Hulud Supply-Chain Worm Compromises npm and PyPI Packages, Including TanStack, Mistral, Lightning, and Guardrails AI
63d ago
Steam spear phishing
63d ago
Fake linked in sponsored google search
63d ago
Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages
63d ago
New Shai-Hulud npm worm variant
63d ago
looking for "evil" Websites
64d ago
Deterministic PE Structural Validation in IOCX v0.7.3
64d ago
sl1nk link
64d ago
How to download a RAT for myself
64d ago
Wtf OPEN Ai
66d ago
JDownloader's official website delivered Python RAT
67d ago
An unknown malware threat. There is no such thing as a 100% detection.
68d ago
Most of the antivirus websites redirect to microsoft defender website. I can’t access their websites
68d ago
Getting this Trojans while open Cherax Loader: Malgent!MSR /Phonzy.A!ML
69d ago
Discord bot C2 infrastructure
69d ago
IOCX v0.7.1 — robustness update focused on malformed PEs, hostile strings, and static‑analysis hardening
70d ago
Panicking
70d ago
Supply chain attack: DAEMON Tools Lite now contains a backdoor.
70d ago
Built a PE Malware Analysis Pipeline to Learn Why Most Detection Tools Suck at Correlation
71d ago
VirusTotal has one flag for this sus site
72d ago
Anyone wanna learn the CEH or OSCP red teaming free
72d ago
Fake Tailscale site on Google Ads uses ClickFix to get you to execute malware yourself
74d ago
Minecraft Malware C2 Tracking
74d ago
Minirat malware deployed via NPM targeting macOS machines
76d ago
VECT Ransomware Is Actually a Wiper
76d ago
The Malware Factory: GLASSWORM Forensics in Open VSX
76d ago
Phishing-to-RMM Attacks: The Remote Access Blind Spot Businesses Can't Ignore
77d ago
[ Removed by Reddit ]
77d ago
Ikeja Electric Distribution Ransomware
77d ago
Recently updated a authentic minecraft mod launcher called Modrinth
77d ago
This appeared on scan today no downloads Vulnerabledriver:WinNT/Winring0
78d ago
Ransomware is getting uglier as cybercriminals fake leaks and skip encryption entirely
78d ago
New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses
80d ago
Save time and use Zig to write your Malware POC
80d ago
Cracking CastleLoader’s Inno Setup Password
80d ago
I built a C2 framework that uses Discord and Telegram for communication
80d ago
fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet.
81d ago
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
81d ago
PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs
81d ago
Budgiekit - gdi malware maker (for educational purporses only)
82d ago
19 confirmed repos tied to the same GitHub malware campaign
83d ago
IOCX v0.7.0 — deterministic heuristics + adversarial PE samples
84d ago
I built a kernel-level EDR and hit architectural walls I didn’t expect
145d ago
Update your detection rules: New remote access Trojan
146d ago
Criminals are using AI website builders to clone major brands
146d ago
Open-source Windows utility to recover files from prefix-based USB shortcut worms (Grenam/CPGE variants)
146d ago
PE Loader For Fileless Malware
147d ago
Numero Malware : A Stealthy Saboteur Targeting AI Tool Installers
147d ago
AWAKE - Android Wiki of Attacks, Knowledge & Exploits
147d ago
I built a Chrome extension that scans for malicious extensions (yes, I see the irony)
148d ago
Questions regarding malicious pdf's
150d ago
AV persistence bypass techniques
150d ago
Avalon Linux Bot Malware Analysis
151d ago
Leveling up in Windows malware research
152d ago
Emerging Ransomware: BQTLock and GREENBLOOD
153d ago
Malware Development POCs
153d ago
Suspicious code in Up-work linked repository.
153d ago
We hid backdoors in binaries — Opus 4.6 found 49% of them
154d ago
👨💻 North Korean Malware Analysis 🚨 ROKRAT KillChain 📡
155d ago
Analysis of Suspected Malware Linked to APT-Q-27 (GoldenEyeDog) Targeting Financial Institutions
155d ago
Malware analysis - Signed job search application deploys a Proxyware, ClipBanker and XMRig cryptominer
157d ago
Nyxara
159d ago
115 loaded
WE
WeLiveSecurity
33d ago · 36 items
OceanLotus: From external espionage to domestic targeting
33d ago
Unpacking SMB cyber-readiness – and what makes or breaks it
34d ago
Cybercriminals: the 'auditors' you never hired
35d ago
Lessons for life: Why children’s data is a long-term identity risk
41d ago
This month in security with Tony Anscombe – May 2026 edition
46d ago
ESET APT Activity Report Q4 2025–Q1 2026
47d ago
What to consider before asking an AI chatbot for health advice
48d ago
BTMOB: A stealthy RAT burrowing deep into Android devices
49d ago
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
53d ago
Webworm: New burrowing techniques
55d ago
The quest for greater tech independence
56d ago
Why geopolitical turmoil is a gift for scammers, and how to stay safe
60d ago
FrostyNeighbor: Fresh mischief and digital shenanigans
61d ago
Eyes wide open: How to mitigate the security and privacy risks of smart glasses
64d ago
Fake call logs, real payments: How CallPhantom tricks Android users
68d ago
Fixing the password problem is as easy as 123456
68d ago
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
70d ago
This month in security with Tony Anscombe – April 2026 edition
75d ago
The calm before the ransom: What you see is not all there is
81d ago
GopherWhisper: A burrow full of malware
82d ago
New NGate variant hides in a trojanized NFC payment app
84d ago
What the ransom note won’t say
85d ago
That data breach alert might be a trap
88d ago
Supply chain dependencies: Have you checked your blind spot?
89d ago
Recovery scammers hit you when you’re down: Here’s how to avoid a second strike
95d ago
As breakout time accelerates, prevention-first cybersecurity takes center stage
98d ago
Digital assets after death: Managing risks to your loved one’s digital estate
104d ago
This month in security with Tony Anscombe – March 2026 edition
105d ago
RSAC 2026 wrap-up – Week in security with Tony Anscombe
109d ago
A cunning predator: How Silver Fox preys on Japanese firms this tax season
109d ago
Virtual machines, virtually everywhere – and with real security gaps
111d ago
Cloud workload security: Mind the gaps
112d ago
Move fast and save things: A quick guide to recovering a hacked account
116d ago
EDR killers explained: Beyond the drivers
117d ago
Face value: What it takes to fool facial recognition
123d ago
Cyber fallout from the Iran war: What to have on your radar
124d ago
36 loaded
SM
Security | Microsoft Azure Blog | Microsoft Azure
42d ago · 6 items
Microsoft Build 2026: Building agentic apps with Microsoft Fabric and Microsoft Databases
42d ago
Microsoft Build 2026 highlights advancements in app development with Microsoft Fabric and Microsoft Databases, emphasizing a unified data and AI platform.
Azure IaaS: Defense in depth built on secure-by-design principles
71d ago
Explore how Azure IaaS uses defense in depth and secure-by-design principles to deliver layered, scalable cloud security across compute, network, and data.
Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM
75d ago
Learn how Microsoft Azure Integrated HSM delivers hardware‑enforced key protection in the cloud, combining FIPS Level 3 assurances with transparency and open‑source collaboration.
Azure IaaS: Keep critical applications running with built-in resiliency at scale
104d ago
Learn how Azure IaaS helps organizations start from a resilient platform foundation with availability, continuity, and recovery capabilities.
Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure
132d ago
Learn how Azure IaaS helps you modernize infrastructure, improve performance and resilience, optimize costs, and prepare for AI workloads. Read more.
Azure reliability, resiliency, and recoverability: Build continuity by design
147d ago
Learn how Azure reliability, resiliency, and recovery capabilities work together to improve cloud continuity. Read more.
SK
STÖK
52d ago · 15 items
☔️🌅
52d ago
Life in the Nordics 🌲 | Foraging Blueberries, Mushrooms & Nosework Training with Our Dogs
324d ago
Winter vanlife = good times
926d ago
What an experience! Getting a Christmas tree from our own piece of land. #movingupnorth!
933d ago
Had to much GLÖGG and lost my camera during - 13371122 - Intigriti + Visma
939d ago
IS THIS THE END?
999d ago
Escaping the grind and decompiling python 3.9 pyc files to find vulnerabilites
1153d ago
How to turn bugs into a "passive" income stream! ft Detectify's Almroot
1394d ago
HOW DID THIS HAPPEN!? (13370822 LHE VLOG)
1407d ago
Q: How to write a BUG BOUNTY report that actually gets paid?
1524d ago
facts: Bug Bounty hunters has made ridiculous amounts of $$ from known DNS techniques..
1538d ago
Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!)
1552d ago
Q: HOW do you get started in bug bounty?? How do you build your automation?!
1566d ago
Q: PENTEST VS BUGBOUNTY? (Bounty Thursday's - ON AIR)
1580d ago
BOUNTY THURSDAYS - LIVE #2 (NEWS/TOOLS and Community Questions with Jason Haddix)
1594d ago
15 loaded
ZU
ZDI: Upcoming Advisories
75d ago · 1 items
DE
DEFCONConference
76d ago · 15 items
DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
76d ago
DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
145d ago
DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
145d ago
DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
145d ago
DEF CON 33 Recon Village - How to Become One of Them: Deep Cover Ops - Sean Jones, Kaloyan Ivanov
195d ago
DEF CON 33 Recon Village - Inside the Shadows Tracking RaaS Groups, Cyber Threats - John Dilgen
195d ago
DEF CON 33 Recon Village - Autonomous Video Hunter AI Agents for Real Time OSINT - Kevin Dela Rosa
195d ago
DEF CON 33 Recon Village - A Playbook for Integration Servers - Ryan Bonner, Guðmundur Karlsson
195d ago
DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
195d ago
DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
195d ago
DEF CON 33 Recon Village - OSINT & Modern Recon Uncover Global VPN Infrastructure - Vladimir Tokarev
195d ago
DEF CON 33 Recon Village - Pretty Good Pivot - Simwindie
195d ago
DEF CON 33 Recon Village - enumeraite: AI Assisted Web Attack Surface Enumeration - Özgün Kültekin
195d ago
DEF CON 33 Recon Village - OSINT Signals Pop Quiz - Master Chen
195d ago
DEF CON 33 Recon Village - Investigating Foreign Tech from Online Retailers - Michael Portera
195d ago
15 loaded
CC
CISA Cybersecurity Advisories
84d ago · 2 items
Defending Against China-Nexus Covert Networks of Compromised Devices
84d ago
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
99d ago
U.S. organizations should review the TTPs and IOCs in this advisory for indications of current or historical activity on their networks, and apply the
BA
Blog Articles - Identity Insights | Trulioo
89d ago · 13 items
Business Fraud at Network Scale: What the $3.5B Medicare Hospice Crisis Reveals About Know Your Business
89d ago
What is Customer Due Diligence (CDD)
113d ago
Why Legacy Identity Verification Can’t Stop AI-Enabled Fraud
115d ago
AML, KYC and Identity Verification in Australia
124d ago
When Fraud Becomes Background Noise: The Industrialization of Digital Deception
190d ago
The Efficiency Era of KYC: Reverification and Reusable Identity Take Center Stage
190d ago
The End of Static KYB: Business Identity in Constant Motion
190d ago
Know Your Agent: The Next Chapter in Digital Trust
190d ago
When Rules Move Faster Than Readiness: Regulatory Adaptability as a Competitive Advantage
190d ago
Digital Identity Trends 2026: AI Fraud, Compliance, and Orchestration
209d ago
The World’s Identity Platform
1260d ago
KYC: 3 Steps to Achieving Know Your Customer Compliance
1531d ago
AML Compliance Checklist: Best Practices for Anti-Money Laundering
1546d ago
13 loaded
II
InfoSec Insights
125d ago · 1 items
FP
Fraud Prevention Archives - Alloy Silverstein
131d ago · 10 items
AI in Tax Season: Risks, Scams, and How to Protect Your Data
131d ago
Tax Season Scams to Watch For This Year
138d ago
Beware of Misleading Tax Advice on Social Media
306d ago
Each year the IRS educates taxpayers on the most trending fraud schemes that could deceive individuals and businesses during tax season. In late 2024, The IRS took to warning the public against misleading “tips” or...
Scammers Up Their Game With AI
308d ago
Learn how to spot the threats and protect yourself from scammers using AI for phishing and deepfakes with smart security practices.
The Essential Guide to Safeguarding Your Online Passwords
385d ago
Protect your personal and business data with strong passwords, two-factor authentication, and smart cybersecurity practices.
Beware: Tax Season is Scam Season
496d ago
Tax season is also prime time for tax scams. To safeguard your personal information, consider these key points: Communication methods The IRS initiates contact primarily through mail, not email or phone calls. Be cautious of...
Stop Scams: Fraud Prevention Starts with Your Employees
510d ago
You can be as proactive and protective as possible when it comes to cyber security for your business, but there’s one vulnerability you cannot eliminate: human error. In fact, statistics estimate that as much as...
‘Tis the Season for Holiday Shopping Scams
582d ago
The holidays are typically the time of year for gifting presents to friends and family or donations to charity. Unfortunately, not-so-jolly fraudsters take advantage of this generosity. Protect yourself by watching for these common scams:.....
IRS Issues “Dirty Dozen” Fraud Warnings
767d ago
Each year, the IRS releases a “Dirty Dozen” series to highlight the most common fraud schemes taxpayers should be aware of.
IRS Identity Theft Season Begins Now
896d ago
Each year thieves try to steal billions in federal withholdings by stealing your identity. As the IRS focuses more attention on this quickly growing problem, now is the time of year to be extra vigilant....
LI
LiveOverflow
132d ago · 15 items
Security-driven Rapid Release - Pwn2Own Documentary (Part 4)
132d ago
Firefox JIT Bug - Pwn2Own Documentary (Part 3)
135d ago
The First Exploit - Pwn2Own Documentary (Part 2)
139d ago
The World's Hardest Hacking Competition - Pwn2Own Documentary (Part 1)
142d ago
From Zero to Zero Day (and beyond) - Life of a Hacker: Jonathan Jacobi
462d ago
The German Hacking Championship
487d ago
Do you know this common Go vulnerability?
501d ago
Google's Mobile VRP Behind the Scenes with Kristoffer Blasiak (Hextree Podcast Ep.1)
636d ago
My theory on how the webp 0day was discovered #short
652d ago
My theory on how the webp 0day was discovered (BLASTPASS)
653d ago
Learn Android Hacking! - University Nevada, Las Vegas (2024)
679d ago
My Trip to Las Vegas for DEFCON & Black Hat
693d ago
Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
904d ago
A Vulnerability to Hack The World - CVE-2023-4863
936d ago
Reinventing Web Security
967d ago
15 loaded
HA
HackerSploit
461d ago · 15 items
How FIN6 Exfiltrates Files Over FTP
461d ago
Emulating FIN6 - Active Directory Enumeration Made EASY
512d ago
The SECRET to Embedding Metasploit Payloads in VBA Macros
517d ago
Offensive VBA 0x4 - Reverse Shell Macro with Powercat
525d ago
Offensive VBA 0x3 - Developing PowerShell Droppers
531d ago
Offensive VBA 0x2 - Program & Command Execution
536d ago
Offensive VBA 0x1 - Your First Macro
538d ago
Emulating FIN6 - Gaining Initial Access (Office Word Macro)
543d ago
FIN6 Adversary Emulation Plan (TTPs & Tooling)
547d ago
Developing An Adversary Emulation Plan
547d ago
Introduction To Advanced Persistent Threats (APTs)
552d ago
Introduction To Adversary Emulation
573d ago
Mastering Persistence: Using an Apache2 Rootkit for Stealth and Defense Evasion
582d ago
Planning Red Team Operations | Scope, ROE & Reporting
722d ago
Mapping APT TTPs With MITRE ATT&CK Navigator
726d ago
15 loaded
TH
Threatpost
1413d ago · 10 items
Student Loan Breach Exposes 2.5M Records
1413d ago
2.5 million people were affected, in a breach that could spell more trouble down the line.
Watering Hole Attacks Push ScanBox Keylogger
1414d ago
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
1415d ago
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise
1418d ago
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
1419d ago
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version
1420d ago
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Firewall Bug Under Active Attack Triggers CISA Warning
1421d ago
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake Reservation Links Prey on Weary Travelers
1422d ago
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
iPhone Users Urged to Update to Patch 2 Zero-Days
1425d ago
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Google Patches Chrome’s Fifth Zero-Day of the Year
1426d ago
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
No matching sources found.