Try our new dimensional analysis Claude plugin
We’re releasing a new Claude plugin for developing and auditing code that implements dimensional analysis, a technique we explored...
Month: March 2026
Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw
It’s only on rare occasions that anyone pays attention to the acknowledgment section of a vulnerability disclosure. But for...
OpenAI’s Sora exit signals enterprise-first AI shift
“There is an increased focus on securing enterprise clients by OpenAI,” said Anushree Verma, senior director analyst at Gartner. “The...
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber...
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
The Hacker NewsMar 25, 2026Cybercrime / Ransomware The U.S. Department of Justice (DoJ) said a Russian national has been sentenced...
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than...
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
Ravie LakshmananMar 25, 2026Network Security / Data Protection The U.S. Federal Communications Commission (FCC) said on Monday that it was...
4 Best Free VPNs
In a world of targeted ads and intrusive malware, virtual private networks (VPNs) are one of the best ways to...
Coding Agents Widen Your Supply Chain Attack Surface
The software supply chain attack has been one of the most studied threat vectors in enterprise security. However, most of the defensive architecture built around it was designed with a specific attacker model in mind — one where, for instance, the entity making decisions inside the build pipeline was an actual engineer following a process. Think of a malicious actor looking for a weak point in the dependency chain such as a compromised package,...
Which Came First: The System Prompt, or the RCE?
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude...
Cloud workload security: Mind the gaps
Business Security As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning Tomáš...
Quantum-Hardened Granular Resource Authorization Policies
The big shift from Apple ID to Apple Account Ever wonder why that little button on your screen suddenly...
Mandiant Global Median Dwell Time Deteriorates from 11 to 14 Days
Oh snap. My single most important cybersecurity metric deteriorated again. In the M-Trends report for calendar year 2024, Mandiant’s global median...
Data breach at Dutch Ministry of Finance impacts staff following cyberattack
Data breach at Dutch Ministry of Finance impacts staff following cyberattack Pierluigi Paganini March 24, 2026 Dutch Ministry of Finance...
Why trust in Agentic AI security is essential?
How Can Organizations Build Trust in Agentic AI Security Systems? Can the management of Non-Human Identities (NHIs) enhance the...
