Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
Google is testing Merkle Tree Certificates in Chrome to enable quantum-resistant HTTPS, reduce TLS handshake data & launch a new root store by 2027.
Weekly cybersecurity recap covering active exploits, AI abuse, exposed cloud assets, critical CVEs, and evolving threat trends.
Forward Edge-AI's new Isidore Quantum is a compact, low-power hardware device designed to defend sensitive operational technology endpoints against future quantum attacks.
SafeLine self-hosted WAF blocks SaaS bot abuse with 99.45% accuracy, cutting fake sign-ups and stabilizing CPU usage.
APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
Attackers could have exploited the vulnerability to escalate privileges, violate user privacy while browsing, and access sensitive resources.
North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and crypto scams.
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle…
Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
Pentagon labels Anthropic a supply chain risk after dispute over mass surveillance and autonomous weapons use.
HBO's "The Pitt" is showing audiences what a real Mississippi healthcare system is going through this week, thanks to a ransomware attack.
