Amtrak – 2,147,679 breached accounts
In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak. The group typically compromises organisations' Salesforce instances before demanding a ransom and...
4 Essential Integration Workflows for Operationalizing Threat Intelligence Recorded Future
Integrate, don't replace. Recorded Future enriches your existing security tools by automatically layering in contextual threat intelligence, reducing manual...
gnutls-cli Lack of Size Restriction on X.509 AIA CA Issuers Certificate
gnutls-cli Lack of Size Restriction on X.509 AIA CA Issuers Certificate Tenable Research has identified that gnutls-cli does not restrict the size of the...
McGraw Hill – 13,500,136 breached accounts
In April 2026, education company McGraw Hill confirmed a data breach following an extortion attempt. Attributed to a Salesforce misconfiguration, the company stated the...
From Bazooka to Fake Nikes
Business impersonation is the hidden thread connecting old and new fraud. Discover how the same core tactic is fueling...
The case for dependency cooldowns in a post-axios world
Understanding npm and the importance of dependency cooldowns. - Read more
Threat landscape for industrial automation systems in Q4 2025
Statistics across all threats
The percentage of ICS computers on which malicious objects were blocked has been decreasing since the beginning of 2024. In Q4...
Out-Of-Bounds Write in administrative interface
CVSSv3 Score: 6.7
An out-of-bounds write vulnerability in FortiWeb CGI daemon may allow a remote privileged attacker to execute arbitrary...
Azure-Hosted Scanning Cluster Launches WordPress Webshell Discovery Campaign
Sensor Intel Series: March 2026 CVE Trends - Read more
Your Supply Chain Breach Is Someone Else’s Payday
TeamPCP exploited a single stolen credential to gain write access to trusted software repositories, inject credential-harvesting malware, and cascade...
Latest article
New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents not by killing their...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Information published. - Read more
Baker Distributing – 102,935 breached accounts
In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site. In early...
AI Upgrades, Security Flaws, and SpaceX’s Record IPO Define the Week in Tech
See what you missed in Daily Tech Insider from June 1–5.
The post AI Upgrades, Security Flaws, and SpaceX’s Record IPO Define the Week in...
