Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
View CSAF
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker's systems.
Claude Code bypasses security controls by acting locally before monitoring, exposing data risks and audit gaps.
Raven’s platform observes applications at runtime to detect anomalous behavior and prevent cyberattacks.
A new Android malware called Perseus is checking user-curated notes to steal sensitive information, like passwords, recovery phrases, or financial data.
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned.
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild.
DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple countries.
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia.
