Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
Learn to audit AI agents and stop data leaks. Join our webinar to find hidden risks and secure your modern agentic workflows.
CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks.
SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts.
Attack surface exposure leaves services reachable as exploits appear within 24–48 hours after disclosure, increasing breach risk.
APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.
Microsoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security update.
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.
Modified AuraInspector scans misconfigured Salesforce Experience Cloud sites, extracting CRM data and enabling targeted vishing campaigns.
The company, founded by Palo Alto Networks’ Nir Zuk, has developed a platform that focuses on data sovereignty.
CISA adds 3 exploited flaws—SolarWinds, Ivanti, Workspace One—to KEV after attacks, forcing federal patch deadlines in March 2026.
No description available.
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor.
