Operational Cyber Threat Intelligence
Key Takeaways The average organization today relies on multiple platforms and tools delivering round-the-clock feeds of security information and alerts. Under this...
Trusted hosts bypass via SSH
CVSSv3 Score: 1.8
An Improper Privilege Management vulnerability in FortiOS, FortiProxy and FortiPAM may allow an authenticated administrator to bypass...
Addressing the vulnerability prioritization challenge
How do you prioritize what vulnerabilities to patch when you have thousands of alerts and critical remote code execution flaws buried next to...
Personal details of Tate galleries job applicants leaked online
Sensitive information relates to more than 100 individuals and their refereesPersonal details submitted by applicants for a job at Tate art galleries have been...
Akira Ransomware
FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has...
A 2025 look at real-world Kubernetes version adoption
A 2025 look at real-world Kubernetes version adoption - Read more
Celebrating partner excellence: The 2025–2026 Elastic Partner Awards
The Elastic Partner Awards honor partners for driving customer impact through innovation, AI, and cloud adoption. Follow this blog for updates as winners are...
MUT-4831: Trojanized npm packages deliver Vidar infostealer malware
Analysis of a threat actor campaign targeting Windows users with Vidar infostealer malware via malicious npm packages - Read more
International Threats – Infection URLs Used in Regional Phishing Campaigns
By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, and a considerable number of analyzed campaigns...
A runtime security approach to detecting supply chain attacks
Detecting software supply chain attacks through runtime security. - Read more
Latest article
Oracle PeopleSoft Zero-Day
What is the Attack? Google Threat Intelligence Group (GTIG) and Mandiant...
Mistic Backdoor Blends With Microsoft Endpoint Security Tooling to Evade Detection
A new and stealthy backdoor named Mistic has been quietly targeting corporate networks since April 2026, disguising itself using the names and appearance of...
Restrict AWS Management Console access to expected networks with sign-in resource-based policies and RCPs
Amazon Web Services (AWS) recently announced support for resource-based policies and resource control policies (RCPs) for AWS Sign-In. By using resource-based policies and RCPs,...
Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People
Xsolis confirmed a healthcare data breach affecting nearly 1.4 million people after a phishing attack exposed health and identity data.
The post Healthcare Vendor Xsolis...
