A 2025 look at real-world Kubernetes version adoption
A 2025 look at real-world Kubernetes version adoption - Read more
MUT-4831: Trojanized npm packages deliver Vidar infostealer malware
Analysis of a threat actor campaign targeting Windows users with Vidar infostealer malware via malicious npm packages - Read more
International Threats – Infection URLs Used in Regional Phishing Campaigns
By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, and a considerable number of analyzed campaigns...
A runtime security approach to detecting supply chain attacks
Detecting software supply chain attacks through runtime security. - Read more
Google Cloud Platform (GCP) Google Security Operations SIEM Tenant Service Account of the SecOps...
Google Cloud Platform (GCP) Google Security Operations SIEM Tenant Service Account of the SecOps Instance Access Token Leak Tenable Research has identified and responsibly...
Google Cloud Platform (GCP) Google Security Operations IDE Code Execution Protection Bypass
Google Cloud Platform (GCP) Google Security Operations IDE Code Execution Protection Bypass Tenable Research has identified and responsibly disclosed a safety mechanism bypass vulnerability...
[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities
Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50
Tenable Identity Exposure leverages third-party software to help provide...
WordPress – Ultimate Dashboard exposed API Key
WordPress - Ultimate Dashboard exposed API Key Ultimate Dashboard allows to replace the default WordPress dashboard widgets with your own and give the WordPress...
Knee-jerk corporate responses to data leaks protect brands like Qantas — but consumers are...
When courts ban people from accessing leaked data – as happened after the airline’s data breach – only hackers and scammers winFollow our Australia...
Datadog threat roundup: Top insights for Q3 2025
Threat insights from Datadog Security Labs for Q3 2025. - Read more
Latest article
Chromium: CVE-2026-2319 Race in DevTools
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. -...
Substack Breach May Have Leaked Nearly 700,000 User Details Online
Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online.
The post...
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics - Read more
The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP
I don’t know about you, but when I think about “critical vulnerabilities,” I usually picture ransomware, data theft, or maybe a server falling over...
