Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
CESER’s Project Armor is a five year initiative to harden the US critical energy infrastructure, including strengthening energy systems ‘to prevent and recover from wildfires and other hazards’.
Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access,
Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide persistence and lateral spread.
The attacks included a destructive infiltration of Poland's energy system in December and was suspected of originating in Russia.
Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic.
Google Ads malvertising spreads ScreenConnect malware using Huawei driver flaw, enabling EDR bypass and credential theft in U.S. tax searches.
An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. "The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails...
A summary of the announcements made by vendors on the first day of the RSAC 2026 Conference.
Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization and connection problems for classic Outlook users.
An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game cheats.
Passing MFA doesn't mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains why Zero Trust must verify both user identity and device health.
Bug bounty platform HackerOne is notifying hundreds of employees that their data was stolen after attackers hacked Navia, one of its U.S. benefits administrators.
