Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.
Password audits often focus on complexity rules but miss the accounts attackers actually target. Specops Software explains how breached passwords, orphaned users, and service accounts can leave organizations exposed.
Microsoft has confirmed that it's still working to fully address a known issue that causes bright white flashes when opening the File Explorer on some Windows 11 systems.
Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Fake CAPTCHA pages instruct victims to paste malicious commands in the Windows Terminal instead of the Run dialog.
Abusing DNS record management controls, the threat actor hides the location of malicious content via Cloudflare.
An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows and Linux, likely for spying.
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Bitdefender GravityZone webinar shows how mid-market teams consolidate security tools to reduce complexity and improve resilience.
Threat actors replace legitimate commands on the cloned installation webpages with malicious commands.
Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, energy, and govt sectors
