FortiGate CVE-2025-59718 Exploitation: Incident Response Findings
Rapid7’s Incident Response (IR) team was engaged to investigate an incident involving exploitation of CVE-2025-59718 against a vulnerable FortiGate appliance. In December 2025, Fortinet...
Capita’s troubled Civil Service Pension Scheme hit by data breach
A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service's administrator, Capita, amid ongoing issues. -...
Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities
Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software - Read more
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
Cisco Talos uncovered a cluster of activity we track as UAT-10362 conducting spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and suspected universities to deliver a newly identified malware family, “LucidRook.” LucidRook is...
CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276
Information published. - Read more
TrueConf Zero-Day Attack
What is the Attack? Operation TrueChaos is a targeted cyber espionage...
The Growing Abuse of GitHub and GitLab in Phishing Campaigns
Author: Jacob Malimban, Intelligence TeamGitHub and GitLab are often used and trusted by programmers, project managers, and software end-users, but that trust is increasingly...
My Lovely AI – 106,271 breached accounts
In April 2026, the NSFW AI girlfriend platform My Lovely AI suffered a data breach that exposed over 100k users. The data included user-created...
Elastic Stack 9.3.3 released
Version 9.3.3 of the Elastic Stack was released today. We recommend you upgrade to this latest version. We recommend 9.3.3 over the previous versions...
Understanding and Anticipating Venezuelan Government Actions
Executive Summary Venezuelan Acting President Delcy Rodríguez’s policy decisions will affect economic and political stability in Venezuela in the coming months. Her approach...
Latest article
Windows Netlogon Remote Code Execution Vulnerability
What is the Vulnerability? A critical vulnerability, CVE-2026-41089, affecting the Windows...
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has...
ICYMI: May 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts,...
New China-Linked Threat Cluster OP-512 Targets IIS Servers With Cryptographically Unique Web Shell Framework
A newly identified threat cluster with suspected ties to China has been caught targeting Internet Information Services (IIS) web servers using a purpose-built web...
