Fall 2025 PCI DSS compliance package available now
Amazon Web Services (AWS) is pleased to announce that two additional AWS services and one additional AWS Region have been added to...
Shape the future in Sydney: Forge the Future hackathon
Elastic hackathon judge Nils Thomsen explains why Sydney’s Forge the Future hackathon is your chance to hack for good with AI. He seeks solutions...
Best Ransomware Detection Tools
Key Takeaways Effective ransomware detection requires three complementary layers: endpoint and extended detection and response (EDR/XDR) to monitor device-level activity, network detection...
December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity
December 2025 witnessed a dramatic 120% increase in high-impact vulnerabilities, with Recorded Future's Insikt Group® identifying 22 vulnerabilities requiring immediate remediation, up from...
Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users
Prominent crime forum BreachForums has suffered a new and possibly fatal blow to its reputation after the revelation that a...
Palo Alto Networks Introduces New Vibe Coding Security Governance Framework
Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools - Read more
Hackers Infiltrated n8n’s Community Node Ecosystem With a Weaponized npm Package
Attackers have successfully infiltrated n8n’s community node ecosystem using a malicious npm package disguised as a legitimate Google Ads integration tool. The attack reveals...
Google Chrome Pushes Critical Security Update for 3B Users
Google patched high-severity CVE-2026-0628 in Chrome 143 and added Push API rate limits to curb notification spam, with penalties up to 14 days.
The post...
Business leaders see AI risks and fraud outpacing ransomware, says WEF
C-suite executives are more concerned with risks arising from AI vulnerabilities and cyber fraud than ransomware, according to the World Economic Forum -...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2025-8110 Gogs Path Traversal Vulnerability
This type of vulnerability is a frequent attack vector for malicious...
Latest article
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send operational commands...
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
