Native ACME Support Comes to NGINX
NGINX and Let's Encrypt share a common vision of an open and secure web. Now, with built-in support for ACME,...
AI-driven threat detection and response
Relegating time-consuming, data-intensive tasks to AI expedites teams' mean time to detect and respond, increases scale of data analysis, improves fidelity and accuracy of...
[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0:...
Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1 Arnie Cabral Thu, 08/28/2025 - 11:18
Security Center leverages...
The Prevalence of Web-Based RCE Vulnerabilities
Sensor Intel Series: July 2025 CVE Trends - Read more
CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions
A critical vulnerability in older versions of the Claude Code for Visual Studio Code (VS Code) and other IDE extensions allowed malicious websites to...
MCP vulnerability case study: SQL injection in the Postgres MCP server
Learn how vulnerability in Anthropic's reference Postgres MCP server allowed us to bypass the read-only restriction and execute arbitrary SQL statements. - Read...
Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer
Discover how attackers could quietly enumerate AWS resources via Resource Explorer, and how Datadog and AWS worked together to close the visibility gap. ...
End of Life Plan for RFC 6962 Certificate Transparency Logs
Update, August 18, 2025
We have updated the read-only and shutdown dates to ensure that our new Static CT API logs are fully trusted by...
Datadog threat roundup: Top insights for Q2 2025
Threat insights from Datadog Security Labs for Q2 2025. - Read more
Elastic Security: Announcing Agentic Query validation, Attack Discovery persistence, and automated scheduling and actions
With the latest updates to Attack Discovery and Elastic AI Assistant, customers can accelerate detection, reduce manual effort, and gain deeper insight into their...
Latest article
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency
Hackers are turning everyday software searches into a trap. A sophisticated cryptojacking campaign is actively targeting users who search for popular PC utilities online,...
Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports...
