HTTPS certificate industry phasing out less secure domain validation methods
Posted by Chrome Root Program Team Secure connections are the backbone of the modern web, but a certificate is only as trustworthy as the validation process ...
Threat Intelligence Feed
Aggregating 4662 articles from trusted cybersecurity sources
Latest News
Seeking symmetry during ATT&CK® season: How to harness today’s diverse analyst and tester landscape to paint a security masterpiece
Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience.
The Fragile Lock: Novel Bypasses For SAML Authentication
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Implications of Russia-India-China Trilateral Cooperation
Examines Russia-India-China trilateral cooperation, U.S.
Further Hardening Android GPUs
Posted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with Arm to conduct an i...
The big catch: How whaling attacks target top executives
Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.
GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries
November 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from October
November 2025 CVE landscape: 10 exploited critical vulnerabilities, a 69% drop from October, and why Fortinet and Samsung flaws need urgent patching.
5 Real-Word Third-Party Risk Examples
Explore 5 third-party risk examples, from vendor data breaches to supply chain attacks and learn how third-party risk management can prevent cyberattacks.
Architecting Security for Agentic Capabilities in Chrome
Posted by Nathan Parker, Chrome security team Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challen...
When the Digital World Turns Physical: The Expanding Role of Threat Intelligence in Executive Protection
Discover how converged threat intelligence protects executives from deepfakes, doxxing, and cyber-enabled physical threats with Recorded Future.
Critical React2Shell Vulnerability Under Active Exploitation by Chinese Threat Actors
A critical vulnerability in React Server Components is allegedly being actively exploited by multiple Chinese threat actors, Recorded Future recommends organ...
Data Breaches
Video service Vimeo confirms Anodot breach exposed user data
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot ...
Vimeo Confirms User and Customer Data Breach
The ShinyHunters group is threatening to leak stolen files unless Vimeo agrees to pay a ransom. The post Vimeo Confirms User and Customer Data Breach appeare...
Video site Vimeo blames security incident on Anodot breach
The hackers did not access video content, user logins or payment card information, and there was no disruption to Vimeo’s services,
Udemy allegedly breached by ShinyHunters, data leak warned
Cybernews reports that U.S-based.
Medtronic Confirms Data Breach After ShinyHunters Claims
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [.
Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
Application security provider Checkmarx has officially confirmed a new security incident involving the exposure of its internal GitHub repository. On April 2...
Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic. The post Medtronic Hack Confirmed ...
Claude Opus 4.6-Powered AI Coding Agent Wipes Production Database in 9 Seconds
A Claude Opus 4.6-powered AI coding agent operating through the Cursor editor autonomously deleted the production database and backups of SaaS startup Pocket...
Lazarus Doesn't Need AGI
Explore the 2026 Claude Mythos breach, supply chain risks, and the $2B+ crypto theft pipeline.
ADT confirms data breach after ShinyHunters threatens data leak
The breach affected customer and prospective customer data, including names, phone numbers, and addresses.
Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records
Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corpo...