that’s

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

AndyC 26 March 2026

Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than...

Read More

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

AndyC 18 February 2026

A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior,...

Read More

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

AndyC 14 February 2026

Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and...

Read More

NDSS 2025 – Rethinking Trust In Forge-Based Git Security

We’ve Reached the “Customers Want Security” Stage, and AI Is Listening

AndyC 23 January 2026

I’ve seen this movie before. That’s why a recent LinkedIn post by Ilya Kabanov stopped me mid-doomscroll. Kabanov described how...

Read More

Cloud workload security: Mind the gaps

Cloud workload security: Mind the gaps

AndyC 25 March 2026

Business Security As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning Tomáš Foltýn 24 Mar 2026 • ...

Read More

Move fast and save things: A quick guide to recovering a hacked account

Move fast and save things: A quick guide to recovering a hacked account

AndyC 21 March 2026

Cybercriminals go after people’s personal information across every kind of online platform, including WhatsApp, Instagram, LinkedIn, Roblox, YouTube and Spotify, not to mention finance apps....

Read More

EDR killers explained: Beyond the drivers

EDR killers explained: Beyond the drivers

AndyC 20 March 2026

In recent years, EDR killers have become one of the most commonly seen tools in modern ransomware intrusions: an attacker acquires high privileges, deploys such...

Read More

Face value: What it takes to fool facial recognition

Face value: What it takes to fool facial recognition

AndyC 14 March 2026

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026...

Read More

Cyber fallout from the Iran war: What to have on your radar

Cyber fallout from the Iran war: What to have on your radar

AndyC 13 March 2026

The war in Iran was less than 24 hours old when it produced a historic first: the deliberate targeting of commercial data centers. On March...

Read More

Sednit reloaded: Back in the trenches

Sednit reloaded: Back in the trenches

AndyC 11 March 2026

Since April 2024, Sednit’s advanced development team has reemerged with a modern toolkit centered on two paired implants, BeardShell and Covenant, each using a different...

Read More

The Dark Side of DDoS: Why DDoS Downtime is Harder to Prevent

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

AndyC 26 March 2026

NDSS 2025 – Rethinking Trust In Forge-Based Git Security

How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack

AndyC 26 March 2026

NDSS 2025 – Rethinking Trust In Forge-Based Git Security

Before the Lights Go Out

AndyC 26 March 2026

Apple’s AI endgame: Why waiting for Siri could make it a winner

Vicarius Launches vIntelligence, a Second Flagship Product for Continuous Agentic Validation

AndyC 26 March 2026

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

AndyC 26 March 2026