Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge
Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge Tenable Research has identified and responsibly disclosed a vulnerability to Nanobot.The nanobot WhatsApp bridge server (`bridge/src/server.ts`)...
Gogs Cross-Repository Comment Deletion via DeleteComment
Gogs Cross-Repository Comment Deletion via DeleteComment Tenable Research has identified and responsibly disclosed an Insecure Direct Object References (IDOR) vulnerability to Gogs. The POST...
APOIA.se – 450,764 breached accounts
In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum. In January 2026, the company confirmed it...
Making sense of AI’s role in cyber security
Cyber security companies have jumped on the AI bandwagon. We look at where artificial intelligence is a useful add-on and where it poses potential...
Network Intelligence: Your Questions, Global Answers
The Problem with Pre-Packaged Intelligence Security teams are drowning in threat intelligence feeds. Hundreds of vendors promise comprehensive coverage, real-time alerts, and actionable...
Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop
Microsoft’s February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical...
Viral AI Caricatures Highlight Shadow AI Dangers
A viral AI caricature trend may be exposing sensitive enterprise data, fueling shadow AI risks, social engineering attacks, and LLM account compromise.
The post Viral...
Critical BeyondTrust RS vulnerability exploited in active attacks
Researchers warn that a critical vulnerability patched this week in BeyondTrust Remote Support is being exploited in the wild to...
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant Denial of Wallet with Log Analytics
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant Denial of Wallet with Log Analytics Tenable Research has identified and responsibly disclosed a Denial of Wallet...
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant BigQuery Leak with Log Analytics
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant BigQuery Leak with Log Analytics Tenable Research has identified and responsibly disclosed a data exfiltration vulnerability in...
Latest article
Patch Tuesday – March 2026
Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence...
AWS European Sovereign Cloud achieves first compliance milestone: SOC 2 and C5 reports plus...
In January 2026, we announced the general availability of the AWS European Sovereign Cloud, a new, independent cloud for Europe entirely located...
Google’s $32B Wiz Acquisition Set to Become Israel’s Largest Tech Deal Ever
Google’s $32 billion Wiz acquisition is nearing completion, marking a record Israeli tech exit and a major bet on cloud security.
The post Google’s $32B...
OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap
OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity - Read more
