Winter 2025 SOC 1 report is now available with 184 services in scope
Amazon Web Services (AWS) is pleased to announce that the Winter 2025 System and Organization Controls (SOC) 1 report is now available....
AI Hype vs. Reality: Is AI Really Rewriting the Vulnerability Equation?
AI vulnerability research and discovery capabilities are improving, but they have not changed the fundamentals of vulnerability management. Instead, they are scaling up...
Evolution of Chinese-Language Guarantee Telegram Marketplaces
Executive Summary Chinese-language, Telegram-based “guarantee” marketplaces are increasingly popular among Chinese-speaking criminal groups despite the widely publicized shutdown of Huione Guarantee in 2025....
Nation states responsible for ‘nationally significant’ cyber attacks against UK, says NCSC chief
The UK is facing four nationally significant cyber attacks a week, the majority from hostile states, NCSC chief, Richard Horne, will warn at the...
Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained
OverviewFor executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization...
CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability
Acknowledgement added. This is an informational change only. - Read more
Microsoft GitHub Repository Windows-driver-samples Workflow Remote Code Execution
Microsoft GitHub Repository Windows-driver-samples Workflow Remote Code Execution The GitHub public repository at https://github.com/microsoft/Windows-driver-samples has a GitHub Action configured which allows for Remote Code...
[Podcast] It’s not you, it’s your printer: State-sponsored and phishing threats in 2025
In this episode, we unpack state-sponsored and phishing trends from the 2025 Talos Year in Review. Amy and Martin Lee explore the alarming rise...
Phishing and MFA exploitation: Targeting the keys to the kingdom
In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts....
Silex Technology SD-330AC and AMC Manager
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without...
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
