Native ACME Support Comes to NGINX
NGINX and Let's Encrypt share a common vision of an open and secure web. Now, with built-in support for ACME,...
AI-driven threat detection and response
Relegating time-consuming, data-intensive tasks to AI expedites teams' mean time to detect and respond, increases scale of data analysis, improves fidelity and accuracy of...
[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0:...
Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1 Arnie Cabral Thu, 08/28/2025 - 11:18
Security Center leverages...
The Prevalence of Web-Based RCE Vulnerabilities
Sensor Intel Series: July 2025 CVE Trends - Read more
CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions
A critical vulnerability in older versions of the Claude Code for Visual Studio Code (VS Code) and other IDE extensions allowed malicious websites to...
MCP vulnerability case study: SQL injection in the Postgres MCP server
Learn how vulnerability in Anthropic's reference Postgres MCP server allowed us to bypass the read-only restriction and execute arbitrary SQL statements. - Read...
Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer
Discover how attackers could quietly enumerate AWS resources via Resource Explorer, and how Datadog and AWS worked together to close the visibility gap. ...
End of Life Plan for RFC 6962 Certificate Transparency Logs
Update, August 18, 2025
We have updated the read-only and shutdown dates to ensure that our new Static CT API logs are fully trusted by...
Datadog threat roundup: Top insights for Q2 2025
Threat insights from Datadog Security Labs for Q2 2025. - Read more
Elastic Security: Announcing Agentic Query validation, Attack Discovery persistence, and automated scheduling and actions
With the latest updates to Attack Discovery and Elastic AI Assistant, customers can accelerate detection, reduce manual effort, and gain deeper insight into their...
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
