5 myths about Elastic Cloud Serverless debunked
Elastic Cloud Serverless APIs have no version numbers and won't break; they're managed like any SaaS service. This post busts five common myths from upgrade planning to architecture and compares the versioned Elastic Stack to Serverless. - Read more
Behind the console: Active phishing campaign targeting AWS console credentials
Datadog Security Research identified an active adversary-in-the-middle (AiTM) phishing campaign targeting AWS Console credentials via typosquatted domains that mimic AWS infrastructure. - Read more
Cognizant TriZetto Data Breach Exposes Health Information of 3.4 Million Patients
TriZetto Provider Solutions, a healthcare technology subsidiary of the IT services giant Cognizant, has officially disclosed a massive cybersecurity data breach affecting the sensitive health information of 3,433,965 patients. The healthcare organization recently filed a formal data breach notification revealing that malicious threat actors successfully compromised their external systems. This extensive breach heavily underscores the ongoing security...
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
Information published. - Read more
FBI Investigates Suspicious Activity in Surveillance Platform
The FBI is investigating suspicious cyber activity in a system used to process surveillance and wiretap warrants, raising concerns about security risks to sensitive data.
The post FBI Investigates Suspicious Activity in Surveillance Platform appeared first on TechRepublic. - Read more
Trump’s cyber strategy emphasizes offensive operations, deregulation, AI
The White House released President Donald Trump’s long-awaited cybersecurity strategy, a lean seven-page blueprint that breaks from past approaches by placing offensive cyber operations at the center of US policy. Developed by the Office of the National Cyber Director (ONCD), the strategy emphasizes disrupting adversaries, deregulating industry, and accelerating the adoption of artificial intelligence while...
Metasploit Wrap-Up 03/06/2026
Encoder exposed!Some of our releases add new ways in; this one adds new ways to stay in. There are, of course, still new RCE toys in the box (Tactical RMM via Jinja2 SSTI and an unauthenticated MajorDoMo exploit). Still, the underlying theme is payloads: more control over how they are packaged and delivered, and fewer "why did it...
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability
Added FAQ information. This is an informational change only. - Read more
LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability
LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell vulnerability.
The post LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability appeared first on TechRepublic. - Read more
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
