Aggregating 3005 articles from trusted cybersecurity sources
Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (A...
As AI deployment races ahead, security scrambles to keep up. Nikesh Arora on why AI's biggest risk is treating security as an afterthought.
When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle
Download Recorded Future's 2026 State of Security report which provides comprehensive threat intelligence on geopolitical fragmentation, state-sponsored oper...
The global threat landscape didn't simplify in 2025 — it shattered. The 2026 State of Security report represents Insikt Group's most comprehensive threat int...
In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exi...
Securing every identity in the age of AI is foundational. Discover how Palo Alto Networks and CyberArk redefine identity security for the modern enterprise.
Discover how Autonomous Threat Operations reduces 27 manual steps to as few as 5 largely automated ones, delivering the speed, scale, and effectiveness that ...
FortiGuard Labs details a new XWorm RAT campaign using multi-language phishing emails, Excel exploits (CVE-2018-0802), HTA execution, and fileless .
It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy.
Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentr...
Welcome to the Top 10 Web Hacking Techniques of 2025, the 19th edition of our annual community-powered effort to identify the most innovative must-read web s...
This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each y...
A hacker is selling a 340M OnlyFans user database allegedly built by matching old breach data and public profiles to real OnlyFans accounts.
Lawmakers in both houses of Congress are demanding answers from the U.S.
Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make ...
Keepnet, an Extended Human Risk Management (xHRM) platform, today announced that its voice and SMS phishing simulation data contributed to the 2026 Verizon D...
Security researchers discovered an open Elasticsearch instance belonging to Wahlap, a prominent arcade game manufacturer that collaborates with industry gian...
The large-scale data breach reportedly hit Unimed, a company that handles billing services for privately insured and self-paying patients on behalf of numero...
A GitHub leak exposed CISA credentials, sparking concerns over secrets management and leadership.
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, al...
For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations...
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a po...