Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
ANY.RUN cuts MTTR by 21 minutes per case, reducing escalations and breach exposure in multi-OS attacks.
Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
LiteLLM 1.82.7–1.82.8 supply chain attack exposed 33,185 secrets across 6,943 machines, leaving 3,760 valid credentials active.
Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials.
The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign.
Qilin disables 300+ EDR drivers using BYOVD in 2025 attacks, delaying encryption six days, increasing breach impact.
The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely.
In one of his recent diaries, Johannes discussed how open redirects are actively being sought out by threat actors[1], which made me wonder about how commonly these mechanisms are actually misused…
BKA identified REvil leaders tied to 130 German attacks causing €35.4M damage, exposing key ransomware figures.
An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and…
No description available.
