2024 Vulnerability Scanning Surges 91%
Scans intensify, looking for a critical vulnerability in TBK DVR devices. - Read more
Encryption for Everybody
2025 marks ten years of Let’s Encrypt. Already this year we’ve taken steps to continue to deliver on our values of user privacy,...
Scaling Our Rate Limits to Prepare for a Billion Active Certificates
Let’s Encrypt protects a vast portion of the Web by providing TLS certificates to over 550 million websites—a figure that has grown by 42%...
AI-powered fraud detection: Protecting financial services with Elastic
Discover how Elastic uses AI and ML to revolutionize fraud detection in financial services. From real-time anomaly detection to predictive analytics, learn how institutions...
Ending Support for Expiration Notification Emails
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be...
Continued Scanning for CVE-2023-1389
TP-Link draws the attention of the US Government. - Read more
Announcing Six Day and IP Address Certificate Options in 2025
This year we will continue to pursue our commitment to improving the security of the Web PKI by introducing the option to get certificates...
Elastic recruiters reveal how to stand out in your job search
We asked Elastic recruiters for their best tips on how to stand out in the application and interview process and how they advise their...
`Host` header injection
CVSSv3 Score: 4.1
An externally controlled reference to a resource in another sphere vulnerability in multiple products may allow an...
The Dangers of DNS Hijacking
How expired domains and improper DNS management can lead to severe security risks like MitM attacks, fraudulent TLS/SSL certifications, and more. - Read more
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
