Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism.
Other noteworthy stories that might have slipped under the radar: Supreme Court hacker sentenced, Lovable exposed user data, Google expands enterprise security.
NASA OIG exposed a 2017–2021 spear-phishing campaign by Song Wu, leading to DOJ charges and export control violations.
Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missing.
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw.
In the last six months, companies have seen a significant influx of AI-powered phishing, as cyberattackers progress from small campaigns to 1-to-1 personalized attacks.
Lazarus continues leveraging ClickFix for initial access and data theft, in this case, against Mac-centric organizations and their high-value leaders.
From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase.
Locked Shields has grown significantly over the past 16 years, with only four nations participating in the first edition.
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
AI agents inherit hidden authority from fragmented identities, creating a delegation gap that demands real-time governance.
26 FakeWallet apps since fall 2025 hijack crypto recovery phrases via Apple App Store China accounts, enabling wallet theft.
