MITRE ATT&CK Mapping

GBHackers General 9h ago

Top 10 Best Identity And Access Management (IAM) Companies 2026

In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become the foundational pilla...

T1598

GBHackers →

SANS ISC Data Breach Apple Intel 1d ago

TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)

This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Weap...

T1598

SANS ISC →

Trail of Bits Malware 1d ago

Simplifying MBA obfuscation with CoBRA

Mixed Boolean-Arithmetic (MBA) obfuscation disguises simple operations like x + y behind tangles of arithmetic and bitwise operators. Malware authors and sof...

T1027 T1598

Trail of Bits →

Help Net Security General 1d ago

Click, wait, repeat: Digital trust erodes one login at a time

Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a normal part of using digital services. ...

T1598

Help Net Security →

The Record General 1d ago

French Senate passes bill that would ban children under 15 from social media

If the French effort becomes law, it would make France the first European country to follow Australia’s lead by banning social media for young teenagers.

T1598

The Record →

GBHackers Zero-Day Google 2d ago

CISA Issues Alert on Chrome Zero-Day Under Active Exploitation

The U.S.

T1598 1 IOC

GBHackers →

CSO Online General 2d ago

Cybersecurity in the age of instant software

AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant...

T1598

CSO Online →

Graham Cluley General 2d ago

Smashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanished

A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 - and now sits on a fortune worth $400 million. Th...

T1598

Graham Cluley →

BleepingComputer Phishing Microsoft 2d ago

New EvilTokens service fuels Microsoft device code phishing attacks

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced feat...

T1566 T1598

BleepingComputer →

SC Media Ransomware 2d ago

Cyberattacks powered by stolen credentials on the rise

Cybersecurity incidents are increasingly centered on identity abuse, where stolen login credentials serve as the primary entry point for attackers, and the g...

T1078 T1598

SC Media →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Co...

T1598

Cisco Advisories →

SANS ISC Ransomware Apple Intel 3d ago

TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026).

T1598

SANS ISC →

SANS ISC Malware 3d ago

Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)

Today, most malware are called “fileless” because they try to reduce their footprint on the infected computer filesystem to the bare minimum. But they ne...

T1059 T1598

SANS ISC →

CSO Online Phishing 3d ago

Security awareness is not a control: Rethinking human risk in enterprise security

Organizations have been responding to phishing, business email compromise, and credential theft in essentially the same manner for over ten years. They essen...

T1566 T1078 T1598

CSO Online →

AWS Security Blog General Amazon 3d ago

New compliance guide available: ISO/IEC 27001:2022 on AWS

We’re excited to announce the release of our latest compliance guide, ISO/IEC 27001:2022 on AWS, which provides practical guidance for organizations designin...

T1598

AWS Security Blog →

SC Media Phishing Microsoft 3d ago

Illicit LNK files deploy Russian CTRL toolkit

Illicit LNK files deploy Russian CTRL toolkit The Hacker News reports that malicious Windows LNK files masquerading as private key folders have been tapped t...

T1566 T1598

SC Media →

CSO Online CVE F5 3d ago

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentic...

T1190 T1598 1 IOC

CSO Online →

Help Net Security General 3d ago

Pondurance MDR Essentials uses autonomous SOC to tackle AI-driven attacks

Pondurance announced MDR Essentials, MDR Essentials, an MDR service providing an autonomous SOC that reduces the time from threat detection to containment by...

T1598

Help Net Security →

Help Net Security General 4d ago

Codenotary AgentMon monitors agentic AI activity and behavior

Codenotary launched AgentMon, an enterprise-grade monitoring designed specifically for agentic networks, providing organizations with real-time visibility in...

T1598

Help Net Security →

Infosecurity Magazine Vulnerability Disclosure Check Point 4d ago

ChatGPT Security Issue Enabled Data Theft via Single Prompt

OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole

T1041 T1598

Infosecurity Magazine →