News

CISA and the NSA warn that Chinese state-sponsored attackers are deploying malware dubbed BRICKSTORM on VMware servers to perform lateral movement inside victim networks.

Dec 5, 2025 4 mins

Advanced Persistent Threats Cyberattacks Cybercrime

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an attack researchers nicknamed PromptPwnd.

Dec 5, 2025 4 mins

CI/CD Code Security Devops

Cloudflare firewall reacts badly to React exploit mitigation

In attempting to fix one problem, Cloudflare caused another.

Dec 5, 2025 3 mins

Cloud Security Network Security Security

Coupang breach of 33.7 million accounts allegedly involved engineer insider

South Korea’s worst data breach in over a decade raises concerns about poor authentication key management and a potential insider threat.

Dec 4, 2025 5 mins

Cyberattacks Data Breach E-commerce Services

Suspicious traffic could be testing CDN evasion, says expert

SANS Institute honeypots recently captured curious requests with CDN-related headers.

Dec 4, 2025 5 mins

Cybercrime Malware Security

AI creates new security risks for OT networks, warns NSA

Although intended for OT administrators, new multi-agency AI guidelines raise issues that apply across IT networks as well.

Dec 4, 2025 4 mins

Artificial Intelligence Critical Infrastructure IT Strategy

Windows shortcuts’ use as a vector for malware may be cut short

A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while Microsoft prefers to tell the whole story.

Dec 4, 2025 4 mins

Endpoint Protection Vulnerabilities Windows Security

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j – as an emergency, warns one expert.

Dec 3, 2025 5 mins

Developer Development Tools Vulnerabilities

RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments

Researchers found that .env files inside cloned repositories could be used to change the Codex CLI home directory path and load a rogue configuration file leading to arbitrary command execution.

Dec 3, 2025 5 mins

Artificial Intelligence Generative AI Vulnerabilities

Hybrid 2FA phishing kits are making attacks harder to detect

A new Salty-Tycoon hybrid is slipping through defenses undetected, and weakening enterprise MFA.

Dec 3, 2025 3 mins

Authentication Multifactor Authentication Phishing

Get poetic in prompts and AI will break its guardrails

Twenty-five frontier proprietary and open-weight models yielded high attack success rates when prompted in verse, indicating a deeper, underlying problems in their ability to process ambiguity veiled in poetry.

Dec 3, 2025 7 mins

Artificial Intelligence

Newly discovered malicious extensions could be lurking in enterprise browsers

Once-trusted Chrome and Edge add-ons have quietly turned into tools for data harvesting, search manipulation, and a remote-execution backdoor affecting more than 4.3 million users.

Dec 2, 2025 4 mins

Browser Security Cybercrime Malware

Microsoft gives Windows admins a legacy migration headache with WINS sunset

Although organizations have until 2034 to remove the name server technology, that’s not long for OT platforms that still depend on it.

Dec 1, 2025 6 mins

Endpoint Protection Network Administrator Windows Security

Contagious Interview attackers go ‘full stack’ to fool developers

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a development and delivery pipeline to drop malware.

Dec 1, 2025 4 mins

Code Security Security Security Practices

RomCom tries dropping a not-so-romantic payload on Ukraine-linked US firms

The new RomCom campaign uses SocGholish fake update lures to deliver its Mythic Agent tool against US firms doing business with Ukraine.

Nov 28, 2025 3 mins

Cyberattacks Cybercrime Security

Scattered Lapsus$ Hunters target Zendesk users with fake domains

Researchers found over 40 fake domains using the same setup as the group's August Salesforce attack.

Nov 28, 2025 5 mins

Cyberattacks Cybercrime Malware

Show me more

Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense

By Joan Goodchild

Dec 3, 202527 mins

Artificial IntelligenceCSO and CISOPhishing

The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College

Nov 19, 202523 mins

CyberattacksCybercrimeRisk Management

CISO Reality: Record Pay, Rising Pressure, and Retention Risk

By Joan Goodchild

Dec 10, 202527 mins

CSO and CISOSecurity Infrastructure

Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense

By Joan Goodchild

Dec 3, 202527 mins

Artificial IntelligenceCSO and CISOPhishing

The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College

Nov 19, 202523 mins

CyberattacksCybercrimeRisk Management

Fortinet admins urged to update software to close FortiCloud SSO holes

Making cybercrime illegal won't stop it; making cybersec research legal may

Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix

Hundreds of Ivanti EPM systems exposed online as critical flaw patched

Key cybersecurity takeaways from the 2026 NDAA

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Gemini for Chrome gets a second AI agent to watch over it

Manufacturing fares better against ransomware — with room for improvement

Apache Tika hit by critical vulnerability thought to be patched months ago

Keep AI browsers out of your enterprise, warns Gartner

Warning: React2Shell vulnerability already being exploited by threat actors

Insecure use of Signal app part of wider Department of Defense problem, suggests Senate report

Chinese cyberspies target VMware vSphere for long-term persistence

AI in CI/CD pipelines can be tricked into behaving badly

Cloudflare firewall reacts badly to React exploit mitigation

Coupang breach of 33.7 million accounts allegedly involved engineer insider

Suspicious traffic could be testing CDN evasion, says expert

AI creates new security risks for OT networks, warns NSA

Windows shortcuts’ use as a vector for malware may be cut short

Developers urged to immediately upgrade React, Next.js

RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments

Hybrid 2FA phishing kits are making attacks harder to detect

Get poetic in prompts and AI will break its guardrails

Newly discovered malicious extensions could be lurking in enterprise browsers

Microsoft gives Windows admins a legacy migration headache with WINS sunset

Contagious Interview attackers go ‘full stack’ to fool developers

RomCom tries dropping a not-so-romantic payload on Ukraine-linked US firms

Scattered Lapsus$ Hunters target Zendesk users with fake domains

Show me more

Cybersecurity isn’t underfunded — It’s undermanaged

How to justify your security investments

How can staff+ security engineers force-multiply their impact?

CISO Reality: Record Pay, Rising Pressure, and Retention Risk

Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense

The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College

CISO Reality: Record Pay, Rising Pressure, and Retention Risk

Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense

The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College

From our editors straight to your inbox