2024 Vulnerability Scanning Surges 91%
Scans intensify, looking for a critical vulnerability in TBK DVR devices. - Read more
Encryption for Everybody
2025 marks ten years of Let’s Encrypt. Already this year we’ve taken steps to continue to deliver on our values of user privacy,...
Scaling Our Rate Limits to Prepare for a Billion Active Certificates
Let’s Encrypt protects a vast portion of the Web by providing TLS certificates to over 550 million websites—a figure that has grown by 42%...
AI-powered fraud detection: Protecting financial services with Elastic
Discover how Elastic uses AI and ML to revolutionize fraud detection in financial services. From real-time anomaly detection to predictive analytics, learn how institutions...
Ending Support for Expiration Notification Emails
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be...
Continued Scanning for CVE-2023-1389
TP-Link draws the attention of the US Government. - Read more
Elastic recruiters reveal how to stand out in your job search
We asked Elastic recruiters for their best tips on how to stand out in the application and interview process and how they advise their...
Announcing Six Day and IP Address Certificate Options in 2025
This year we will continue to pursue our commitment to improving the security of the Web PKI by introducing the option to get certificates...
`Host` header injection
CVSSv3 Score: 4.1
An externally controlled reference to a resource in another sphere vulnerability in multiple products may allow an...
The Dangers of DNS Hijacking
How expired domains and improper DNS management can lead to severe security risks like MitM attacks, fraudulent TLS/SSL certifications, and more. - Read more
Latest article
Siemens KACO Blueplanet Inverters
View CSAF
Summary
KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial number and misuse them...
Windows Netlogon Remote Code Execution Vulnerability
What is the Vulnerability? A critical vulnerability, CVE-2026-41089, affecting the Windows...
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has...
ICYMI: May 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts,...
