Signal responds to phishing attacks with new in-app security warnings
Signal is adding new protections for users following recent phishing and social engineering attacks. In March, the FBI and CISA issued a warning stating that...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1598 — Phishing for Information (Reconnaissance)
Clear filter135 articles found
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
Attackers can compromise systems in minutes while patching and response still take hours or days. Picus Security breaks down why autonomous validation is bec...
Infostealer Malware Fuels Corporate Breaches From Personal Devices
Infostealer malware is no longer just a consumer nuisance it has become a direct bridge between personal device infections and full-scale enterprise breaches...
The hidden risk of non-human identities in AI adoption
An employee with persistent, unsupervised admin access across critical systems, with no audit trail, no clear owner, and no regular access reviews, would rai...
When "idle" isn't idle: how a Linux kernel optimization became a QUIC bug
We investigated a bug where CUBIC's congestion window became pinned at its minimum floor, causing a performance to plummet. The fix involved correctly measur...
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
View CSAF Summary ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicl...
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
View CSAF Summary ABB became aware of multiple internally discovered vulnerabilities in the WebPro SNMP card PowerValue for the product versions listed as af...
ABB AC500 V3 Multiple Vulnerabilities
View CSAF Summary ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. An update is available that resolves ...
ABB Automation Builder Gateway for Windows
View CSAF Summary ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. The Windows gateway is accessible rem...
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecom...
Bringing AI Code Security into Qualys ETM
A first-class data model for the next generation of findings AI-driven code security is becoming a real category. Anthropic’s Claude Code Security and OpenAI...
New cPanel and WHM Vulnerabilities Expose Servers to Code Execution and DoS Attacks
cPanel and WebHost Manager (WHM) are critical administrative control panels used by hosting providers globally to manage servers, websites, and databases. Du...
Top 10 Best Secure Code Review Services For Developers in 2026
In the rapidly evolving landscape of software development, where speed and agility often take precedence, the imperative for robust security cannot be overst...
Your CTEM program is probably ignoring MCP. Here’s how to fix it
Model Context Protocol (MCP) is the connective tissue of modern AI tooling and has quietly become one of the most significant blind spots in modern security ...
Helping North Korean IT remote workers is becoming a fast track to prison
Two U.S.
AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy
The Pentagon is integrating AI into military operations, transforming cybersecurity, targeting, and command systems into a unified warfare architecture. May ...
Object First Fleet Manager simplifies distributed backup storage
Object First released Object First Fleet Manager, a cloud-based service that simplifies the management of distributed Ootbi backup storage deployments for Ve...
PoC Exploit Released for Dirty Frag Linux Kernel Vulnerability
A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed “Dirty Frag”. This universal local privilege escalation vulnerability allows att...
Your coworker might be selling company logins, and thinks it’s fine
Employee behavior once considered unacceptable is becoming tolerated across various industries, particularly in IT and telecommunications, and at all levels ...
Become a millionaire by bug hunting on Android
Over the past decade, Google has introduced a wide range of bug bounty programs for its software and services. The company has now announced that the reward ...