The AiTM problem nobody's architecture actually solves
Accountability becomes the big issue following a breach – does the team know who’s responsible for what?
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1598 — Phishing for Information (Reconnaissance)
Clear filter138 articles found
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well ...
Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free
Carding forum B1ack’s Stash claims to have released millions of stolen CVV2 payment card records for free after suspending sellers. B1ack’s Stash, one of the...
7 hard truths security pros should know: 2026 DevOps Threats Report
In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2...
What happens when your identity provider becomes the kill chain
In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attacke...
How Parts Inventory Management Software Fixes Inventory Challenges
Why do maintenance teams struggle? Is it because they lack skills?
Key findings from the Verizon DBIR 2026: Slower vulnerability remediation meets faster exploitation
The 2026 Verizon Data Breach Investigations Report (DBIR) reveals a troubling trend: vulnerability exploitation has surged to become the number one initial a...
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m.
What to Look for When Choosing an ASPM Platform
Application security posture management (ASPM) has become a foundational capability for software-as-a-service (SaaS) and software companies building increasi...
How EM is Boosting the Career Trajectory of VM Analysts
As organizations shift from vulnerability management (VM) to exposure management (EM), the role of the VM analyst must evolve or become outmoded. This necess...
7 tips for accelerating cyber incident recovery
Despite strong and redundant defenses, enterprises remain vulnerable to a wide range of cyberattacks. And because attacks — and cyber incidents — are inevita...
iProov brings identity verification to video meetings to reduce fraud risks
iProov has launched iProov Verified Meetings, a new solution that enables organizations to verify the identity of video call participants without adding fric...
Microsoft May security patch fails for some due to boot partition size glitch
“Something didn’t go as planned. Undoing changes.
Critical bug in F5 NGINX actively exploited
Experts raise concerns because NGINX runs in front of one-third of al website worldwide.
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use.
Microsoft discloses Exchange zero-day with no patch yet available
Microsoft has disclosed a zero-day vulnerability that affects Exchange Server 2016, 2019, and Subscription Edition. This vulnerability would give bad actors ...
Why the best security investment a board can make in 2026 isn’t another tool
There is a conversation that happens in boardrooms every quarter that security leaders will recognize. The CISO presents the threat landscape.
Hackers Hide PureLogs Infostealer in PawsRunner Loader
Threat actors are increasingly hiding malware inside seemingly harmless files, and a new campaign shows just how effective this tactic has become. The attack...
AI shrinks vulnerability exploitation window to hours
Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Syn...
JDownloader Website Hack Exposes Windows and Linux Users to Malicious Installers
A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, repl...