known

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

AndyC 18 March 2026

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial...

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog

AndyC 17 March 2026

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 16, 2026...

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog

AndyC 14 March 2026

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 13, 2026 U.S. Cybersecurity and...

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog

AndyC 13 March 2026

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 12, 2026 The U.S....

Storage vendor offers a real guarantee — but check out those fine-print exceptions

March 2026 Patch Tuesday fixes two zero-day vulnerabilities

AndyC 12 March 2026

Microsoft releases important security updates on the second Tuesday of every month, known as Patch Tuesday. This month’s update...

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

AndyC 12 March 2026

Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain...

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

AndyC 11 March 2026

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March...

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

AndyC 10 March 2026

Ravie LakshmananMar 09, 2026DevOps / Threat Intelligence The North Korean threat actor known as UNC4899 is suspected to be behind...

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

AndyC 7 March 2026

Ravie LakshmananMar 06, 2026Threat Intelligence / Cyber Espionage The Pakistan-aligned threat actor known as Transparent Tribe has become the latest...

U.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog

AndyC 7 March 2026

U.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 06, 2026 U.S. Cybersecurity...

Invisible Threats: Source Code Exfiltration in Google Antigravity – FireTail Blog

AndyC 5 March 2026

‍ TL;DR: We explored a known issue in Google Antigravity where attackers can silently exfiltrate proprietary source code By...

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog

AndyC 5 March 2026

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 04, 2026...

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

AndyC 4 March 2026

Ravie LakshmananMar 03, 2026Malware / Phishing The threat activity cluster known as SloppyLemming has been attributed to a fresh set...

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

AndyC 28 February 2026

Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh...

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

AndyC 27 February 2026

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 26, 2026 U.S. Cybersecurity and...

known

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog

March 2026 Patch Tuesday fixes two zero-day vulnerabilities

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

U.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog

Invisible Threats: Source Code Exfiltration in Google Antigravity – FireTail Blog

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

Face value: What it takes to fool facial recognition

Cyber fallout from the Iran war: What to have on your radar

Sednit reloaded: Back in the trenches

What cybersecurity actually does for your business

How SMBs use threat research and MDR to build a defensive edge

Protecting education: How MDR can tip the balance in favor of schools

Donate Bitcoin to this address

Donate Ethereum to this address

Google’s $32B Wiz Bet: Why Security Consolidation Means You’re Losing Negotiating Power

Enterprise AI Agent Governance: A Layered Approach (Build, Deployment and Runtime)

Threat Detection with MITRE ATT&CK and D3FEND AI Agent

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed