Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach shows a compromised OAuth app can lead to widespread impact across downstream customers.
The vulnerability allows attackers to read data from a LiteLLM proxy’s database and potentially modify it.
An analysis of the destructive malware reveals sophisticated living-off-the-land (LotL) techniques and detailed strategies for the widespread deletion of data.
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories.
A man accused of working as a hacker for China's Ministry of State Security has been extradited to the USA from Italy, and faces - if found guilty - the prospect of decades behind bars.
Forescout has identified tens of thousands of exposed RDP and VNC servers that can be mapped to specific industries.
AI-driven attacks uncovered in February 2026 automate kill chain and seize Domain Admin credentials in minutes, forcing faster defenses.
This guidance provides a roadmap for organizations to reference as they transition toward a zero trust architecture.
Integrated exposure platforms validate exploitability, correlate paths, and reduce priorities to 2%, improving enterprise risk reduction.
The hackers exfiltrated the data from Checkmarx’s GitHub environment on March 30, a week after publishing malicious code.
US service members received WhatsApp messages claiming they would be targeted with drones and missiles.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks.
