Blog
The Team PCP Snowball Effect: A Quantitative Analysis
The PCP Team's supply chain attacks compromised two critical components of the development ecosystem: AquaSecurity's trivy-action and the Python...
Criminals are renting virtual phones to bypass bank security
Researchers at Group-IB warn about criminals using virtual Android devices to bypass modern security solutions. Cloud phones are virtual...
Got a “Court Notice” Text? Ignore It. Plus, the Crunchyroll Breach: This Week in Scams
A text that looks like it came straight from a courthouse is making the rounds across the U.S. And yes,...
U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 27, 2026 The U.S....
Bogus Avast website fakes virus scan, installs Venom Stealer instead
A fake website impersonating Avast antivirus is tricking people into infecting their own computers. The site looks legitimate, runs...
Digital Marketing for SaaS Companies: Solving the Biggest Growth and Customer Acquisition Challenges
SaaS companies face unique marketing challenges that traditional businesses rarely encounter. Instead of selling one-time products, SaaS businesses depend...
Anthropic wins reprieve against US DoD ban, buying time for contractors to assess AI supply chains
She added, “At oral argument, government counsel suggested that Anthropic showed its subversive tendencies by ‘questioning’ the use of its...
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Ravie LakshmananMar 27, 2026Ransomware / Malware Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for...
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s...
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Ravie LakshmananMar 27, 2026Threat Intelligence / Vulnerability A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber...
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Ravie LakshmananMar 27, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if...
SEC Rules – Crypto IS A Security – Sometimes
There’s a classic Saturday Night Live sketch where Chevy Chase and Gilda Radner pitch “Shimmer”—a product that’s both a...
The 3 Security KPIs That Cut Through Alert Noise
TL;DR Three application security KPIs cut through alert noise to reveal actual risk: viable attack count, vulnerability escape rate...
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks Pierluigi Paganini March 27, 2026 China-linked Red Menshen APT...