Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations...
Year: 2026
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
î „Ravie Lakshmananî ‚Jan 31, 2026Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an "expansion in threat activity"...
CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms
î „Ravie Lakshmananî ‚Jan 31, 2026Network Security / SCADA CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks...
This month in security with Tony Anscombe – January 2026 edition
The year got off to a busy start, with January offering an early snapshot of the challenges that (not just)...
DynoWiper update: Technical analysis and attribution
In this blog post, we provide more technical details related to our previous DynoWiper publication. Key points of the report:...
We Keep Hearing the Same Question: Morpheus (AI SOC) vs. Traditional SOAR
In 2025, we spent a lot of time with enterprise SOC teams, CISOs, and large MSSPs. Discovery calls. Technical deep...
This Week in Scams: Dating App Breaches, TikTok Data, Grubhub Extortion
This week in scams, three headlines tell the same story: attackers are getting better at manipulating people, not just breaking into...
Bridging Compliance And Cybersecurity In Financial Reporting
Bridging Compliance And Cybersecurity In Financial Reporting Guest Article by Marcie Clark ,the Director of Regulatory Services for Donnelley Financial Solutions Although financial compliance...
How secure are secrets vaults in cloud environments
Are You Overlooking Non-Human Identities in Cloud Security? Machine identities have emerged as critical components that require immediate attention and...
What future trends will define Agentic AI governance
How Are Non-Human Identities Shaping Cloud Security? What does it take to bridge the gap between security and R&D teams...
NDSS 2025 – Silence False Alarms
Session 11A: Blockchain Security 2 Authors, Creators & Presenters: Qiyang Song (Institute of Information Engineering, Chinese Academy of Sciences; School...
Randall Munroe’s XKCD ‘Conic Sections’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security Bloggers...
After criticism, Microsoft promises big improvements for Windows 11
Windows developers are now focusing on improving the core experience in Windows 11, with Microsoft reportedly redirecting resources to address...
The Complete Guide to Authentication Implementation for Modern Applications
Authentication is the foundation of application security, yet it's one of the most frequently mishandled aspects of software development. With...
Agentic AI and Non‑Human Identities Demand a Paradigm Shift In Security: Lessons from NHIcon 2026
In the race to innovate, software has repeatedly reinvented how we define identity, trust, and access. In the 1990's, the...
