Addressing the vulnerability prioritization challenge
How do you prioritize what vulnerabilities to patch when you have thousands of alerts and critical remote code execution flaws buried next to...
Personal details of Tate galleries job applicants leaked online
Sensitive information relates to more than 100 individuals and their refereesPersonal details submitted by applicants for a job at Tate art galleries have been...
Akira Ransomware
FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has...
A 2025 look at real-world Kubernetes version adoption
A 2025 look at real-world Kubernetes version adoption - Read more
Celebrating partner excellence: The 2025–2026 Elastic Partner Awards
The Elastic Partner Awards honor partners for driving customer impact through innovation, AI, and cloud adoption. Follow this blog for updates as winners are...
MUT-4831: Trojanized npm packages deliver Vidar infostealer malware
Analysis of a threat actor campaign targeting Windows users with Vidar infostealer malware via malicious npm packages - Read more
International Threats – Infection URLs Used in Regional Phishing Campaigns
By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, and a considerable number of analyzed campaigns...
A runtime security approach to detecting supply chain attacks
Detecting software supply chain attacks through runtime security. - Read more
Github Copilot Chat Prompt Injection via Filename
Github Copilot Chat Prompt Injection via Filename A prompt injection vulnerability exists in Github Copilot Chat version 0.28.0. We have verified this vulnerability is...
Google Cloud Platform (GCP) Google Security Operations SIEM Tenant Service Account of the SecOps...
Google Cloud Platform (GCP) Google Security Operations SIEM Tenant Service Account of the SecOps Instance Access Token Leak Tenable Research has identified and responsibly...
Latest article
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency
Hackers are turning everyday software searches into a trap. A sophisticated cryptojacking campaign is actively targeting users who search for popular PC utilities online,...
Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports...
