ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns.
The post ClickUp Data...
What the March 2026 Threat Technique Catalog update means for your AWS environment
The AWS Customer Incident Response Team (AWS CIRT) regularly encounters patterns that repeat across their engagements when helping customers respond to security...
New BlobPhish Attack Leverages Browser Blob Objects to Steal Users’ Login Credentials
A sophisticated, memory-resident phishing campaign called BlobPhish, active since October 2024, that exploits browser Blob URL APIs to silently steal credentials from Microsoft 365...
Medtronic Confirms Data Breach After ShinyHunters Claims
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda - Read more
Why AI agents are triggering a rethink of enterprise identity
The Computer Weekly Security Think Tank considers the intersection of AI and IAM. In this article, we look at the specific impacts of agentic...
Chromium: CVE-2026-6920 Out of bounds read in GPU
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2026) for more information. - Read...
Get Motivated: What to Expect from Our Keynote at Rapid7’s Global Cybersecurity Summit
Security teams prepare for incidents every day. Alerts are tuned, playbooks are built, and processes are tested. But when something actually happens, the challenge...
Five defender priorities from the Talos Year in Review
A familiar theme in security right now is that the barrier to entry for attackers is at an all-time low. AI tools can spin...
VECT: Ransomware by design, Wiper by accident
Key Takeaways
Check Point Research discovers that the VECT 2.0 ransomware permanently destroys “large files” rather than encrypting them. A critical flaw in the...
Critical Cursor bug could turn routine Git into RCE
Security researchers have disclosed a high-severity vulnerability affecting the Cursor IDE, allowing arbitrary code execution on a developer’s machine through...
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
