Security Blogs

Category Added in a WPeMatico Campaign

APT28 conducts long-term espionage on Ukrainian forces using custom malware

AndyC 11 March 2026

APT28 conducts long-term espionage on Ukrainian forces using custom malware Pierluigi Paganini March 10, 2026 APT28 used BEARDSHELL and COVENANT...

USENIX Security ’25 (Enigma Track) – Risk Is Not A Hammer, And Most Hazards Aren’t Nails

Twitter suspended 800 million accounts last year – so why does manipulation remain so rampant?

AndyC 11 March 2026

X, Elon Musk's social media site that many people (me included) still prefer to call Twitter, has told British MPs...

Threat actors use custom AuraInspector to harvest data from Salesforce systems

AndyC 11 March 2026

Threat actors use custom AuraInspector to harvest data from Salesforce systems Pierluigi Paganini March 10, 2026 Attackers are mass-scanning Salesforce...

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

AndyC 11 March 2026

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March...

Ericsson US confirms breach after third-party provider attack

AndyC 11 March 2026

Ericsson US confirms breach after third-party provider attack Pierluigi Paganini March 10, 2026 Ericsson US reports a data breach after...

Prevention is the Only Cloud Security Strategy That Works

Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform

AndyC 11 March 2026

Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform Pierluigi Paganini March 10, 2026 Authorities disrupted the Tycoon 2FA phishing-as-a-service platform used...

Weekly Update 494

AndyC 10 March 2026

10 March 2026 Since starting HIBP a dozen and a bit years ago, I've loaded an average of one breach...

FBI alert: scammers target zoning permit applicants

AndyC 10 March 2026

FBI alert: scammers target zoning permit applicants Pierluigi Paganini March 09, 2026 The FBI warns of phishing attacks where crooks...

Meta’s AI Safety Chief Couldn’t Stop Her Own Agent. What Makes You Think You Can Stop Yours?

Russia-linked hackers target Signal, WhatsApp of officials globally

AndyC 10 March 2026

Russia-linked hackers target Signal, WhatsApp of officials globally Pierluigi Paganini March 09, 2026 Russia-linked hackers are targeting Signal and WhatsApp...

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

AndyC 10 March 2026

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients Pierluigi Paganini March 09, 2026 A breach at Cognizant’s...

Anthropic Claude Opus AI model discovers 22 Firefox bugs

AndyC 10 March 2026

Anthropic Claude Opus AI model discovers 22 Firefox bugs Pierluigi Paganini March 09, 2026 Anthropic used Claude Opus 4.6 to...

AI Is Moving Faster Than Security Controls

AndyC 9 March 2026

AI is entering organisations faster than the security controls designed to govern it. Artificial intelligence is rapidly becoming embedded across...

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

AndyC 9 March 2026

Critical Nginx UI flaw CVE-2026-27944 exposes server backups Pierluigi Paganini March 08, 2026 Nginx UI flaw CVE-2026-27944 lets attackers download...

How AI Assistants are Moving the Security Goalposts

AndyC 9 March 2026

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate...

Massive GitHub malware operation spreads BoryptGrab stealer

AndyC 9 March 2026

Massive GitHub malware operation spreads BoryptGrab stealer Pierluigi Paganini March 08, 2026 Trend Micro found BoryptGrab stealer spreading through 100+...

Security Blogs

APT28 conducts long-term espionage on Ukrainian forces using custom malware

Threat actors use custom AuraInspector to harvest data from Salesforce systems

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

Ericsson US confirms breach after third-party provider attack

Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform

Weekly Update 494

FBI alert: scammers target zoning permit applicants

Russia-linked hackers target Signal, WhatsApp of officials globally

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

Anthropic Claude Opus AI model discovers 22 Firefox bugs

AI Is Moving Faster Than Security Controls

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

How AI Assistants are Moving the Security Goalposts

Massive GitHub malware operation spreads BoryptGrab stealer

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

As breakout time accelerates, prevention-first cybersecurity takes center stage

Digital assets after death: Managing risks to your loved one’s digital estate

This month in security with Tony Anscombe – March 2026 edition

RSAC 2026 wrap-up – Week in security with Tony Anscombe

Donate Bitcoin to this address

Donate Ethereum to this address

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed