most

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

AndyC 5 February 2026

Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure...

Read More

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

The Complete Guide to Authentication Implementation for Modern Applications

AndyC 31 January 2026

Authentication is the foundation of application security, yet it's one of the most frequently mishandled aspects of software development. With...

Read More

Enterprise PC upgrades in 2026: Higher prices, worse configurations

Alibaba’s Qwen3-Max-Thinking expands enterprise AI model choices

AndyC 28 January 2026

Alibaba Cloud’s latest AI model, Qwen3-Max-Thinking, is staking a claim as one of the world’s most advanced reasoning engines after...

Read More

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

10 Questions Enterprise Leaders Should Ask Before Running a Red Teaming Exercise

AndyC 24 January 2026

Red Teaming has become one of the most discussed and misunderstood practices in modern cybersecurity. Many organizations invest heavily in...

Read More

Common Apple Pay scams, and how to stay safe

Common Apple Pay scams, and how to stay safe

AndyC 23 January 2026

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step...

Read More

Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities

Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities

AndyC 23 January 2026

Image: Unsplash Two of the world’s most critical business platforms just dropped emergency security patches that could prevent complete network...

Read More

The Data Center Is Secure, But Your Users Are Not

The AI Fix #84: A hungry ghost trapped in a jar gains access to the Pentagon’s network

AndyC 21 January 2026

In episode 84 of The AI Fix, Graham and Mark stare straight into the digital abyss and ask the most...

Read More

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

When Space Isn’t Safe: Inside the European Space Agency’s Massive Cyberattack

AndyC 20 January 2026

In late 2025 and early 2026, one of the world’s most advanced scientific organizations, the European Space Agency (ESA), faced...

Read More

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

AndyC 3 February 2026

Digital Security It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these...

Read More

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

AndyC 3 February 2026

Digital Security It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these...

Read More

This month in security with Tony Anscombe – January 2026 edition

This month in security with Tony Anscombe – January 2026 edition

AndyC 31 January 2026

The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to...

Read More

DynoWiper update: Technical analysis and attribution

DynoWiper update: Technical analysis and attribution

AndyC 31 January 2026

In this blog post, we provide more technical details related to our previous DynoWiper publication. Key points of the report: ESET researchers identified new data-wiping...

Read More

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

AndyC 29 January 2026

ESET researchers have uncovered an Android spyware campaign leveraging romance scam tactics to target individuals in Pakistan. The campaign uses a malicious app posing as...

Read More

Trending InfoSec News

Drowning in spam or scam emails? Here’s probably why

AndyC 28 January 2026

Digital Security Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem...

Read More

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

AndyC 5 February 2026

Taiwanese operator of Incognito Market sentenced to 30 years over 5M darknet drug ring

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

AndyC 5 February 2026

Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well

Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well

AndyC 5 February 2026

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

The ‘Absolute Nightmare’ in Your DMs: OpenClaw Marries Extreme Utility with ‘Unacceptable’ Risk

AndyC 5 February 2026

When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit

Significant Ransomware & Firewall Misconfiguration Breach

AndyC 5 February 2026