Anthropic Claude Code Action Runner Arbitrary Code Execution via Malicious MCP Server Configuration
Anthropic Claude Code Action Runner Arbitrary Code Execution via Malicious MCP Server Configuration The claude-code-action GitHub Action checks out the PR head branch when...
The long road to your crypto: ClipBanker and its marathon infection chain
At the start of the year, a certain Trojan caught our eye due to its incredibly long infection chain. In most cases, it kicks...
From Tax Refund to Total Compromise: IRS-Themed Phishing Email Drives Full-Stack Financial Fraud
Author: Intelligence Team, Kahng AnCofense PDC (Phishing Defense Center) and Cofense Intelligence have found an Internal Revenue Service (IRS)-spoofing email that purports to give...
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8562
A look at how Kubernetes CVE-2020-8562 allows attackers to bypass API server proxy protections using DNS rebinding - Read more
Third-Party Risk Is an Intelligence Operation. It’s Time We Treated It Like One.
For years, the cybersecurity industry has treated third-party risk management as a compliance exercise. Assess your vendors. Assign a score. File the report....
A framework for securely collecting forensic artifacts into S3 buckets
When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and...
Arelion employs NETSCOUT Arbor DDoS protection products
Arelion operates the world’s best-connected IP fiber backbone, providing high-capacity transit services to a variety of the globe’s leading ISPs...
Why Operationalizing AI Security Is the Next Great Enterprise Hurdle
NWN launches an AI-powered security platform to tackle tool sprawl, alert fatigue, and modern cyber threats in the era of agentic enterprises.
The post Why...
Microsoft 365 Network-Level Disruption Affecting Exchange Online, Teams, and Core Suite Services
A network-level disruption struck multiple Microsoft 365 services on Wednesday evening, knocking out or degrading access to Exchange Online, Microsoft Teams, and the broader...
FortiGate CVE-2025-59718 Exploitation: Incident Response Findings
Rapid7’s Incident Response (IR) team was engaged to investigate an incident involving exploitation of CVE-2025-59718 against a vulnerable FortiGate appliance. In December 2025, Fortinet...
Latest article
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has...
ICYMI: May 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts,...
New China-Linked Threat Cluster OP-512 Targets IIS Servers With Cryptographically Unique Web Shell Framework
A newly identified threat cluster with suspected ties to China has been caught targeting Internet Information Services (IIS) web servers using a purpose-built web...
Meta: NSO Tried Targeting WhatsApp Users Despite Court Order
Meta says WhatsApp disrupted new NSO-linked phishing attacks and is asking a court to hold the spyware firm in contempt.
The post Meta: NSO Tried...
