Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, many executive teams and boards have treated a large vulnerability backlog as an uncomfortable but...
The cybercriminals have leaked more than 300GB of files allegedly stolen from the tire giant.
The startup integrates with existing cybersecurity stacks, ingests and normalizes data, and delivers intelligence to reduce risks.
A new vulnerability (CVE-2026-0866) has been published: Zombie Zip.
The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration.
Microsoft patches 84 vulnerabilities, including two public zero-days, strengthening defenses against privilege escalation and cloud token theft.
Industrial giants Siemens, Schneider Electric, Mitsubishi Electric, and Moxa have published new ICS Patch Tuesday advisories.
UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.
Five malicious Rust crates and an AI bot exploited CI/CD pipelines and GitHub Actions in Feb 2026, stealing developer secrets and tokens.
Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well.
No description available.
