Is it time for internet services to adopt identity verification?
Should verified identities become the standard online? Australia’s social media ban for under-16s shows why the question matters.
General
20 articles
Your personal information is on the dark web. What happens next?
If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do.
Practitioners Reveal What Makes Threat Intelligence Programs Mature
Threat intelligence practitioners from Global Payments, Adobe, and Superhuman reveal how mature CTI programs transform data overload into strategic business ...
Detect Go’s silent arithmetic bugs with go-panikint
Go’s arithmetic operations on standard integer types are silent by default, meaning overflows “wrap around” without panicking. This behavior has hidden an en...
This month in security with Tony Anscombe – December 2025 edition
As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year
A brush with online fraud: What are brushing scams and how do I stay safe?
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.
Can chatbots craft correct code?
I recently attended the AI Engineer Code Summit in New York, an invite-only gathering of AI leaders and engineers. One theme emerged repeatedly in conversati...
ESET Threat Report H2 2025
A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Black Hat Europe 2025: Was that device designed to be on the internet at all?
Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found
Locks, SOCs and a cat in a box: What Schrödinger can teach us about cybersecurity
If you don’t look inside your environment, you can’t know its true state – and attackers count on that
HTTPS certificate industry phasing out less secure domain validation methods
Posted by Chrome Root Program Team Secure connections are the backbone of the modern web, but a certificate is only as trustworthy as the validation process ...
The Fragile Lock: Novel Bypasses For SAML Authentication
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Further Hardening Android GPUs
Posted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with Arm to conduct an i...
The big catch: How whaling attacks target top executives
Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.
Architecting Security for Agentic Capabilities in Chrome
Posted by Nathan Parker, Chrome security team Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challen...
Android expands pilot for in-call scam protection for financial apps
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advan...
Oversharing is not caring: What’s at stake if your employees post too much online
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into tr...
What parents should know to protect their children from doxxing
Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.
MDR is the answer – now, what’s the question?
Why your business needs the best-of-breed combination of technology and human expertise
Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing
Posted by Dave Kleidermacher, VP, Platforms Security & Privacy, Google Technology should bring people closer together, not create walls. Being able to commun...