Trending Now
Featured news
npm (Shai-Hulud) Supply Chain Attack
What is the Attack? On November 24, 2025, Shai Hulud launches...
Tech News
Tech
Axios npm Package Compromised
On March 31, 2026, the Axios npm package was compromised via a maintainer account takeover. Two malicious versions were published - axios@1.14.1 and...
Security
Inside Ink Dragon: Revealing the Relay Network and Inner Workings of...
Key Findings
In recent months, Check Point Research has identified a new wave of attacks attributed to the Chinese threat actor Ink Dragon. Ink Dragon overlaps...
Most popular
Beers with Talos breaks down the 2025 Talos Year in Review
The Beers with Talos B team (that’s Hazel, Bill, Joe and Dave) break down (sometimes in the literal sense) the 2025 Talos Year in...
Hey Belfast, Imperva’s Moving Into The Neighborhood
As a local, I’m very excited to be Imperva’s first Belfast hire, in charge of spinning up the operation in our new European location.
Imperva...
Blind SSRF/DoS in Java TLS x509 AIA Extension
Blind SSRF/DoS in Java TLS x509 AIA Extension A Blind Server-Side Request Forgery (SSRF) vulnerability exists in Oracle Java 21. The vulnerability, which leads...
Read: How To Build Resilient Cloud Configuration Shields
Configurable systems have a high level of flexibility and are better adapted to most customer needs, but their management isn’t a trivial task in...
LATEST ARTICLES
Latest article
Unpatched ChromaDB flaw leaves servers open to remote code execution
Researchers have published details about a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and...
[R1] Sensor Proxy Version 1.4.0 Fixes Multiple Vulnerabilities
Sensor Proxy Version 1.4.0 Fixes Multiple Vulnerabilities Jason Schavel Thu, 05/21/2026 - 16:00
Sensor Proxy leverages third-party software to help provide underlying functionality....
AWS KY3P report now available for third-party supplier due diligence
We’re excited to announce that Amazon Web Services (AWS) has completed the S&P Global Know Your Third Party (KY3P) assessment of its security posture....
Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access...
