FOE
The Hacker News
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
FOE
The Hacker News
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
FOE
CSO Online
Critical sandbox bypass fixed in popular Thymeleaf Java template engine
FOE
Ars Technica (Security)
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"
FRIEND
Schneier on Security
Friday Squid Blogging: New Giant Squid Video
FOE
CSO Online
Flawed Cisco update threatens to stop APs from getting further patches
FOE
Dark Reading
How NIST's Cutback of CVE Handling Impacts Cyber Teams
FRIEND
EFF Deeplinks
Keep Pushing: We Get 10 More Days to Reform Section 702
FOE
Bleeping Computer
Payouts King ransomware uses QEMU VMs to bypass endpoint security
FOE
Dark Reading
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
FRIEND
SecurityWeek
White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology
FOE
The Register (Security)
CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack
FOE
The Register (Security)
Opsec oopsie: Dutch navy frigate location outed by mailing it a Bluetooth tracker
FOE
Bleeping Computer
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
FRIEND
SecurityWeek
CoChat Launches AI Collaboration Platform to Combat Shadow AI
FOE
Dark Reading
Every Old Vulnerability Is Now an AI Vulnerability
FOE
Bleeping Computer
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
FOE
The Hacker News
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
FRIEND
Dark Reading
Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs
FOE
CSO Online
White House moves to give federal agencies access to Anthropic’s Claude Mythos
FOE
Bleeping Computer
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
FOE
SecurityWeek
In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
FOE
CSO Online
Caught, Quarantined, Re-installed: RedSun turns Microsoft Defender on itself
FOE
Schneier on Security
Mythos and Cybersecurity
FRIEND
Ars Technica (Security)
Recent advances push Big Tech closer to the Q-Day danger zone
FRIEND
The Hacker News
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
FOE
SecurityWeek
Another DraftKings Hacker Sentenced to Prison
FOE
SecurityWeek
Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed
FRIEND
CSO Online
Palo Alto’s Helmut Reisinger sees a cyber sea change ahead as AI advances
FOE
The Register (Security)
Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug
FOE
SecurityWeek
Recent Apache ActiveMQ Vulnerability Exploited in the Wild
FOE
Bleeping Computer
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
FOE
Privacy International
Voter Disenfranchisement: A Privacy Issue
FOE
SecurityWeek
Two North Korean IT Worker Scheme Facilitators Jailed in the US
FOE
SecurityWeek
ZionSiphon Malware Targets ICS in Water Facilities
FOE
Bleeping Computer
Microsoft: Some Windows servers enter reboot loops after April patches
FOE
SecurityWeek
Cursor AI Vulnerability Exposed Developer Devices
FOE
The Hacker News
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
FOE
Bleeping Computer
Man gets 30 months for selling thousands of hacked DraftKings accounts
FOE
The Register (Security)
Claude Opus wrote a Chrome exploit for $2,283
FRIEND
SecurityWeek
53 DDoS Domains Taken Down by Law Enforcement
FOE
Bleeping Computer
Recently leaked Windows zero-days now exploited in attacks
FRIEND
The Hacker News
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
FRIEND
CSO Online
Positiv denken für Sicherheitsentscheider: 6 Mindsets, die Sie sofort ablegen sollten
FOE
Risky Business News
Risky Bulletin: NIST gives up enriching most CVEs
FOE
The Hacker News
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
FOE
SANS Internet Storm Center
Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
FOE
The Register (Security)
Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researcher says
FOE
CSO Online
Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE
FRIEND
Bleeping Computer
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
FOE
CSO Online
RCE by design: MCP architectural choice haunts AI agent ecosystem
FOE
Bleeping Computer
ZionSiphon malware designed to sabotage water treatment systems
FOE
CSO Online
NIST cuts down CVE analysis amid vulnerability overload
FRIEND
Dark Reading
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
FOE
EFF Deeplinks
Stop New York's Attack on 3D Printing
FOE
Bleeping Computer
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
FOE
Dark Reading
North Korea Uses ClickFix to Target macOS Users' Data
FOE
Dark Reading
'Harmless' Global Adware Transforms Into an AV Killer
FOE
The Register (Security)
North Korea targets macOS users in latest heist
FOE
The Hacker News
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
FRIEND
SecurityWeek
Government Can’t Win the Cyber War Without the Private Sector
FOE
Bleeping Computer
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
FOE
EFF Deeplinks
How Push Notifications Can Betray Your Privacy (and What to Do About It)
FRIEND
Dark Reading
Two-Factor Authentication Breaks Free from the Desktop
FRIEND
Bleeping Computer
Google expands Gemini AI use to fight malicious ads on its platform
FOE
Dark Reading
Microsoft's Original Windows Secure Boot Certificate Is Expiring
FOE
The Register (Security)
Americans who masterminded Nork IT worker fraud sentenced to 200 months behind bars
FRIEND
SecurityWeek
OpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos Reveal
FOE
Bleeping Computer
New ATHR vishing platform uses AI voice agents for automated attacks
FOE
Bleeping Computer
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
FOE
Privacy International
What is digital fingerprinting: Is my device ever truly anonymous?
FOE
The Hacker News
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
FOE
The Register (Security)
Git identity spoof fools Claude into giving bad code the nod
FOE
SecurityWeek
Data Breach at Tennessee Hospital Affects 337,000
FRIEND
SecurityWeek
Artemis Emerges From Stealth With $70 Million in Funding
FOE
CSO Online
Microsoft’s Windows Recall still allows silent data extraction
FOE
Bleeping Computer
Cisco says critical Webex Services flaw requires customer action
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
CISA Alerts
Horner Automation Cscape and XL4, XL7 PLC
FOE
CISA Alerts
Delta Electronics ASDA-Soft
FOE
CISA Alerts
AVEVA Pipeline Simulation
FOE
CISA Alerts
Anviz Multiple Products
FOE
The Hacker News
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
FOE
CSO Online
Behind the Mythos hype, Glasswing has just one confirmed CVE
FOE
SecurityWeek
Splunk Enterprise Update Patches Code Execution Vulnerability
FOE
The Register (Security)
Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed
FOE
The Hacker News
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
FRIEND
SecurityWeek
Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest
FOE
The Hacker News
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
FRIEND
SecurityWeek
NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software
FOE
Bleeping Computer
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
FOE
The Hacker News
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
FOE
SecurityWeek
Cisco Patches Critical Vulnerabilities in Webex, ISE
FOE
The Register (Security)
Microsoft announces product it doesn't want you to buy: Extended security updates for old Exchange, and Skype for Biz
FOE
CSO Online
Insurance carriers quietly back away from covering AI outputs
FOE
Schneier on Security
Human Trust of AI Agents
FOE
SecurityWeek
Ransomware Hits Automotive Data Expert Autovista
FRIEND
CSO Online
The endless CISO reporting line debate — and what it says about cybersecurity leadership
FOE
SecurityWeek
Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments
FOE
Bleeping Computer
US nationals behind DPRK IT worker 'laptop farm' sent to prison
FOE
The Register (Security)
Server-room lock was nothing but a crock
FOE
Bleeping Computer
Microsoft: April Windows Server 2025 update may fail to install
FOE
The Hacker News
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
FOE
Dark Reading
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
FOE
Risky Business News
Srsly Risky Biz: It Is Time to Ban Sale of Precise Geolocation
FOE
CSO Online
Was bei der Cloud-Konfiguration schiefläuft – und wie es besser geht
FOE
The Register (Security)
Google Chrome lacks protection against one of the most basic and common ways to track users online
FOE
Recorded Future Blog
From Bazooka to Fake Nikes
FOE
CISA KEV
CVE-2026-34197: Apache ActiveMQ Improper Input Validation Vulnerability
FOE
Sophos News
QEMU abused to evade detection and enable ransomware delivery
FOE
SANS Internet Storm Center
[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)
FOE
Sophos News
QEMU abused to evade detection and enable ransomware delivery
FOE
Bleeping Computer
Critical Nginx UI auth bypass flaw now actively exploited in the wild
FOE
Bleeping Computer
New AgingFly malware used in attacks on Ukraine govt, hospitals
FOE
Dark Reading
Critical MCP Integration Flaw Puts NGINX at Risk
FOE
The Register (Security)
Anthropic's Project Glasswing CVE tally is still anyone's guess
FOE
CSO Online
Critical nginx UI tool vulnerability opens web servers to full compromise
FOE
Ars Technica (Security)
"TotalRecall Reloaded" tool finds a side entrance to Windows 11's Recall database
FOE
Bleeping Computer
WordPress plugin suite hacked to push malware to thousands of sites
FOE
EPIC
Maine Legislature Fails to Enact Maine Online Data Privacy Act
FOE
EPIC
EPIC Supports South Carolina Bills to Rein in Chatbot Harms
FOE
Dark Reading
Navigating the Unique Security Risks of Asia's Digital Supply Chain
FOE
Bleeping Computer
Signed software abused to deploy antivirus-killing scripts
FOE
The Register (Security)
Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP
FOE
The Hacker News
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
FOE
SecurityWeek
Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
FRIEND
Bleeping Computer
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
FOE
The Register (Security)
Automotive data biz Autovista blames ransomware for service disruption
FOE
Dark Reading
Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now
FOE
EFF Deeplinks
EFF Calls on Kuwait to Release Journalist Ahmed Shihab-Eldin
FOE
Bleeping Computer
CISA flags Windows Task Host vulnerability as exploited in attacks
FOE
SecurityWeek
Exploited Vulnerability Exposes Nginx Servers to Hacking
FOE
Dark Reading
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests
FOE
Bleeping Computer
Rolling Networks: Securing the Transportation Sector
FRIEND
SecurityWeek
Capsule Security Emerges From Stealth With $7 Million in Funding
FOE
SecurityWeek
‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks
FOE
The Register (Security)
French cops free mother and son after 20-hour crypto kidnap ordeal
FOE
SecurityWeek
100 Chrome Extensions Steal User Data, Create Backdoor
FOE
SecurityWeek
CISO Conversations: Ross McKerchar, CISO at Sophos
FOE
The Hacker News
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
FRIEND
The Hacker News
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
FOE
SecurityWeek
Mirax RAT Targeting Android Users in Europe
FOE
CSO Online
Copilot and Agentforce fall to form-based prompt injection tricks
FOE
Dark Reading
Microsoft, Salesforce Patch AI Agent Data Leak Flaws
FOE
The Register (Security)
Ancient Excel bug comes out of retirement for active attacks
FOE
Bleeping Computer
Microsoft: April updates trigger BitLocker key prompts on some servers
FOE
EFF Deeplinks
Digital Hopes, Real Power: The Rise of Network Shutdowns
FOE
SecurityWeek
Two Vulnerabilities Patched in Ivanti Neurons for ITSM
FRIEND
The Register (Security)
Raspberry Pi OS ends open-door policy for sudo
FOE
The Hacker News
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
FOE
SecurityWeek
$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks
FRIEND
Schneier on Security
Defense in Depth, Medieval Style
FOE
SecurityWeek
Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections
FRIEND
Bleeping Computer
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
FOE
The Register (Security)
UK told its Big Tech habit is now a national security risk
FOE
CSO Online
The deepfake dilemma: From financial fraud to reputational crisis
FOE
SecurityWeek
Fortinet Patches Critical FortiSandbox Vulnerabilities
FOE
CSO Online
7 biggest healthcare security threats
FOE
CSO Online
The need for a board-level definition of cyber resilience
FOE
The Hacker News
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
FOE
The Register (Security)
Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users
FOE
SecurityWeek
ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories
FRIEND
CSO Online
Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action
FOE
Risky Business News
Risky Bulletin: Malicious LLM proxy routers found in the wild
FRIEND
The Hacker News
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
FOE
CSO Online
Curity looks to reinvent IAM with runtime authorization for AI agents
FOE
CSO Online
April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs
FOE
SANS Internet Storm Center
Scanning for AI Models, (Tue, Apr 14th)
FRIEND
Dark Reading
Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity
FRIEND
Recorded Future Blog
4 Essential Integration Workflows for Operationalizing Threat Intelligence Recorded Future
FRIEND
Sophos News
Secure by Design: Building cybersecurity into the foundation
FOE
Recorded Future Blog
Your Supply Chain Breach Is Someone Else's Payday
FRIEND
Bleeping Computer
Microsoft adds Windows protections for malicious Remote Desktop files
FOE
Bleeping Computer
Crypto-exchange Kraken extorted by hackers after insider breach
FOE
Krebs on Security
Patch Tuesday, April 2026 Edition
FOE
Dark Reading
Privilege Elevation Dominates Massive Microsoft Patch Update
FRIEND
The Register (Security)
Commvault has a Ctrl+Z for rogue AI agents
FOE
The Register (Security)
Microsoft's massive Patch Tuesday: It's raining bugs
FOE
Bleeping Computer
Over 100 Chrome extensions in Web Store target users accounts and data
FRIEND
CSO Online
4 questions to ask before outsourcing MDR
FOE
Dark Reading
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
FOE
CSO Online
5 trends defining the future of AI-powered cybersecurity
FOE
The Intercept (Privacy)
Dem Leaders Aren’t Even Bothering to Rally Caucus Against Trump Domestic Spying Powers
FRIEND
Ars Technica (Security)
UK gov's Mythos AI tests help separate cybersecurity threat from hype
FOE
SecurityWeek
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
FRIEND
Bleeping Computer
Microsoft releases Windows 10 KB5082200 extended security update
FOE
Bleeping Computer
McGraw-Hill confirms data breach following extortion threat
FRIEND
Bleeping Computer
Windows 11 cumulative updates KB5083769 & KB5082052 released
FRIEND
SANS Internet Storm Center
Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)
FOE
Bleeping Computer
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
FOE
SecurityWeek
Adobe Patches 55 Vulnerabilities Across 11 Products
FOE
Bleeping Computer
Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
FOE
CSO Online
EU regulators largely denied access to Anthropic Mythos
FOE
Dark Reading
Wargame Exercise Demonstrates How Social Media Manipulation Works
FOE
EFF Deeplinks
Google Broke Its Promise to Me. Now ICE Has My Data.
FRIEND
Schneier on Security
Upcoming Speaking Engagements
FOE
EFF Deeplinks
EFF to State AGs: Investigate Google's Broken Promise to Users Targeted by the Government
FOE
BrightTALK InfoSec
Learning from Mistakes: Hard Lessons in Building Cyber Defenses
FOE
BrightTALK InfoSec
AI Agents Unleashed: Governing the Invisible Workforce
FOE
The Hacker News
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
FRIEND
Bleeping Computer
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
FRIEND
The Hacker News
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
FRIEND
EPIC
Virginia Governor Signs Bill Banning Sale of Precise Location Data
FOE
The Hacker News
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
FOE
EPIC
Government AI Is Coming for Your Data
FRIEND
Bleeping Computer
5 Ways Zero Trust Maximizes Identity Security
FOE
BrightTALK InfoSec
The Pitfalls of Cybersecurity, Privacy and AI Law in 2026
FOE
The Register (Security)
No honor among thieves as 0APT threatens rival ransomware gang Krybit
FOE
SecurityWeek
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
FOE
SecurityWeek
Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members
FOE
CSO Online
China-linked cloud credential heist runs on typos and SMTP
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE
SecurityWeek
SAP Patches Critical ABAP Vulnerability
FOE
SecurityWeek
Triad Nexus Evades Sanctions to Fuel Cybercrime
FOE
Schneier on Security
How Hackers Are Thinking About AI
FRIEND
SecurityWeek
Google Adds Rust DNS Parser to Pixel Phones for Better Security
FOE
The Hacker News
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
FOE
The Hacker News
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
FOE
SecurityWeek
Nightclub Giant RCI Hospitality Reports Data Breach
FRIEND
CSO Online
How AI is transforming threat detection
FOE
CSO Online
The AI inflection point: What security leaders must do now
FOE
SecurityWeek
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
FOE
The Hacker News
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
FOE
CSO Online
Cyber-Inspekteur: Hybride Attacken nehmen weiter zu
FOE
The Hacker News
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
FOE
The Hacker News
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
FRIEND
Recorded Future Blog
A New Way to Buy Recorded Future: Solutions and Packages Built for the 2026 Threat Landscape
FRIEND
Recorded Future Blog
A New Way to Buy Recorded Future: Solutions and Packages Built for the 2026 Threat Landscape
FOE
CSO Online
Anthropic’s Mythos signals a structural cybersecurity shift
FOE
EFF Deeplinks
The Dangers of California’s Legislation to Censor 3D Printing
FOE
Bleeping Computer
European Gym giant Basic-Fit data breach affects 1 million members
FOE
Dark Reading
Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
FOE
The Register (Security)
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
FOE
Dark Reading
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
FOE
Dark Reading
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
FOE
Bleeping Computer
Stolen Rockstar Games analytics data leaked by extortion gang
FOE
EPIC
EPIC joins ACLU’s ‘Eyewear, Not Spyware!’ campaign to fight Meta’s surveillance glasses
FOE
Bleeping Computer
Critical flaw in wolfSSL library enables forged certificate use
FRIEND
EPIC
EPIC Files Amicus Brief Countering Big Tech Claim that Surveillance-Based Feeds Are Protected by the First Amendment
FRIEND
EFF Deeplinks
EFF 🤝 HOPE: Join Us This August!
FOE
Dark Reading
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
FOE
Bleeping Computer
FBI takedown of W3LL phishing service leads to developer arrest
FOE
The Register (Security)
Fake Linux leader using Slack to con devs into giving up their secrets
FOE
Bleeping Computer
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
FOE
EFF Deeplinks
Hot Off the Press: EFF's Updated Guide to Tech at the US-Mexico Border
FOE
Bleeping Computer
New Booking.com data breach forces reservation PIN resets
FOE
The Hacker News
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
FRIEND
Schneier on Security
On Anthropic’s Mythos Preview and Project Glasswing
FRIEND
EFF Deeplinks
Speaking Freely: Dr. Jean Linis-Dinco
FOE
Bleeping Computer
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
FOE
EFF Deeplinks
War as a Pretext: Gulf States Are Tightening the Screws on Speech—Again
FOE
Dark Reading
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
FOE
The Hacker News
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
FOE
The Register (Security)
Booking.com warns reservation data may have checked out with intruders
FOE
SecurityWeek
Booking.com Says Hackers Accessed User Information
FOE
Bleeping Computer
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
FOE
SecurityWeek
BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings
FOE
Privacy International
Moving Goalposts: Football, Facial Recognition and the Expansion of Surveillance
FOE
SANS Internet Storm Center
Scans for EncystPHP Webshell, (Mon, Apr 13th)
FOE
The Hacker News
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
FOE
CSO Online
Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure
FOE
SecurityWeek
OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
FOE
CISA Alerts
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
FOE
CSO Online
Seven IBM WebSphere Liberty flaws can be chained into full takeover
FOE
The Hacker News
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
FRIEND
SecurityWeek
International Operation Targets Multimillion-Dollar Crypto Theft Schemes
FOE
The Register (Security)
Gym giant Basic-Fit confirms data on a million members stolen in cyberattack
FOE
SecurityWeek
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
FOE
The Register (Security)
Rockstar Games gets a taste of grand theft data amid ShinyHunters threat of 'Pay or leak'
FOE
Schneier on Security
AI Chatbots and Trust
FOE
SecurityWeek
Fake Claude Website Distributes PlugX RAT
FRIEND
The Register (Security)
NHS pays £46K to prep next Microsoft licensing round
FOE
The Hacker News
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
FOE
CSO Online
CISOs tackle the AI visibility gap
FRIEND
SecurityWeek
Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users
FOE
The Hacker News
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
FRIEND
CSO Online
Was ist Federated Identity Management?
FRIEND
Risky Business News
Risky Bulletin: France takes first steps to ditch Windows for Linux
FOE
The Register (Security)
China wants AI to prepare school lessons and mark homework
FOE
Recorded Future Blog
March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day
FOE
The Register (Security)
Anthropic's mysterious Mythos AI threatens to upend the infosec world
FOE
Bleeping Computer
Critical Marimo pre-auth RCE flaw now under active exploitation
FOE
SecurityWeek
Adobe Patches Reader Zero-Day Exploited for Months
FOE
The Hacker News
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
FOE
The Hacker News
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
FOE
Bleeping Computer
Over 20,000 crypto fraud victims identified in international crackdown
FOE
The Register (Security)
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
FOE
The Register (Security)
Hungarian government creds left in the safe hands of 'FrankLampard'
FOE
The Hacker News
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
FOE
Bleeping Computer
ChatGPT rolls out new $100 Pro subscription to challenge Claude
FRIEND
CSO Online
Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises
FOE
EPIC
Oklahoma, Alabama enact weak privacy laws
FOE
Dark Reading
Hims Breach Exposes the Most Sensitive Kinds of PHI
FOE
Dark Reading
Your Next Breach Will Look Like Business as Usual
FOE
CSO Online
Old Docker authorization bypass pops up despite previous patch
FOE
EPIC
Massachusetts Supreme Judicial Court Recognizes Section 230 Is No Bar to Social Media Design Claims
FOE
Bleeping Computer
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
FRIEND
Dark Reading
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
FRIEND
Dark Reading
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
FOE
SecurityWeek
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
FOE
CSO Online
Hacker Unknown now known, named on Europol’s most-wanted list
FOE
Bleeping Computer
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
FOE
EFF Deeplinks
We Need You: Our Privacy Cannot Afford a Clean Extension of Section 702
FOE
SecurityWeek
Juniper Networks Patches Dozens of Junos OS Vulnerabilities
FOE
Dark Reading
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
FOE
The Hacker News
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
FOE
CSO Online
Hungarian government email passwords exposed ahead of election
FOE
Bleeping Computer
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
FOE
Dark Reading
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
FOE
The Register (Security)
CPUID site hijacked to serve malware instead of HWMonitor downloads
FOE
SecurityWeek
Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday
FOE
Bleeping Computer
Microsoft: Canadian employees targeted in payroll pirate attacks
FOE
SecurityWeek
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
FOE
CSO Online
Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes
FRIEND
The Register (Security)
Project Glasswing and open source software: The good, the bad, and the ugly
FRIEND
The Register (Security)
Britain seeks views before it drops the hammer on signal jammers
FOE
The Hacker News
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
FOE
SecurityWeek
Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
FRIEND
Bleeping Computer
Google rolls out Gmail end-to-end encryption on mobile devices
FRIEND
Schneier on Security
Sen. Sanders Talks to Claude About AI and Privacy
FOE
Privacy International
Dangerous data
FOE
CSO Online
Why most zero-trust architectures fail at the traffic layer
FRIEND
SecurityWeek
MITRE Releases Fight Fraud Framework
FOE
SecurityWeek
Critical Marimo Flaw Exploited Hours After Public Disclosure
FOE
CSO Online
The cyber winners and losers in Trump’s 2027 budget
FOE
CSO Online
CMMC compliance in the age of AI
FOE
The Register (Security)
Unpacking AI security in 2026 from experimentation to the agentic era
FOE
The Intercept (Privacy)
A Redditor Criticized ICE. Trump Is Trying to Unmask Them by Dragging the Company to a Secret Grand Jury.
FRIEND
The Hacker News
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
FRIEND
SecurityWeek
Google Rolls Out Cookie Theft Protections in Chrome
FOE
The Hacker News
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
FOE
SecurityWeek
Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
FOE
SANS Internet Storm Center
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
FOE
The Hacker News
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
FOE
Risky Business News
Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs
FOE
CSO Online
Was CISOs von Moschusochsen lernen können
FOE
Recorded Future Blog
VIP Credential Monitoring Blog
FOE
CSO Online
Hackers have been exploiting an unpatched Adobe Reader vulnerability for months
FOE
Bleeping Computer
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
FOE
Bleeping Computer
New VENOM phishing attacks steal senior executives' Microsoft logins
FOE
EFF Deeplinks
Yikes, Encryption’s Y2K Moment is Coming Years Early
FOE
Dark Reading
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
FOE
Dark Reading
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
FOE
Bleeping Computer
Healthcare IT solutions provider ChipSoft hit by ransomware attack
FRIEND
EPIC
EPIC Testifies in Support of Rhode Island Age-Appropriate Design Code Approach
FOE
CSO Online
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
FRIEND
Bleeping Computer
Google Chrome adds infostealer protection against session cookie theft
FOE
The Register (Security)
Crypto? Huh. Good gawd y'all, what is it good for? $45M in this case
FRIEND
EPIC
EPIC Endorses Youth AI Privacy Act to Protect Minors from Chatbot Harms
FOE
Dark Reading
Do Ceasefires Slow Cyberattacks? History Suggests Not
FOE
The Hacker News
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
FOE
EFF Deeplinks
Comparison Shopping Is Not a (Computer) Crime
FOE
The Register (Security)
'Several dozen' high-value corporations hit by new extortion crew in helpdesk phishing spree
FOE
EFF Deeplinks
EFF is Leaving X
FOE
The Hacker News
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
FOE
Bleeping Computer
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
FOE
The Register (Security)
Chevin pulls the handbrake on FleetWave software after security scare
FOE
The Register (Security)
Months-old Adobe Reader zero-day uses PDFs to size up targets
FOE
Bleeping Computer
When attackers already have the keys, MFA is just another door to open
FOE
The Register (Security)
Microsoft locks out VeraCrypt and WireGuard devs, blames verification process
FOE
SecurityWeek
Apple Intelligence AI Guardrails Bypassed in New Attack
FOE
SecurityWeek
Can we Trust AI? No – But Eventually We Must
FOE
The Register (Security)
Security researchers tricked Apple Intelligence into cursing at users. It could have been a lot worse
FOE
The Hacker News
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
FOE
Sophos News
We let OpenClaw loose on an internal network. Here’s what it found
FOE
Sophos News
The vulnerability flood is here. Here’s what it means – and how to prepare
FOE
CSO Online
Weak at the seams
FOE
SecurityWeek
Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access
FRIEND
Bleeping Computer
Webinar: From noise to signal - What threat actors are targeting next
FOE
CISA Alerts
Contemporary Controls BASC 20T
FOE
CISA Alerts
GPL Odorizers GPL750
FOE
SecurityWeek
Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
FOE
CSO Online
New ClickFix variant bypasses Apple safeguards with one‑click script execution
FOE
The Register (Security)
Zephyr Energy loses £700K in cyber hit that rerouted contractor payment
FOE
The Hacker News
The Hidden Security Risks of Shadow AI in Enterprises
FOE
The Hacker News
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
FRIEND
SecurityWeek
The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security
FOE
Schneier on Security
On Microsoft’s Lousy Cloud Security
FOE
The Hacker News
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
FOE
Bleeping Computer
Eurail says December data breach impacts 300,000 individuals
FOE
SecurityWeek
Google Warns of New Campaign Targeting BPOs to Steal Corporate Data
FOE
Bleeping Computer
Hackers exploiting Acrobat Reader zero-day flaw since December
FOE
CSO Online
Patch windows collapse as time-to-exploit accelerates
FOE
CSO Online
Weak at the seams
FOE
SecurityWeek
Adobe Reader Zero-Day Exploited for Months: Researcher
FOE
SecurityWeek
300,000 People Impacted by Eurail Data Breach
FOE
The Register (Security)
Sticky-note security turned gym into hall of '80s horrors
FOE
Bleeping Computer
Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot
FOE
The Register (Security)
Cryptographers place $5,000 bet whether quantum will matter
FOE
Bleeping Computer
Microsoft suspends dev accounts for high-profile open source projects
FOE
SecurityWeek
$3.6 Million Stolen in Bitcoin Depot Hack
FRIEND
CSO Online
So geht Post-Incident Review
FRIEND
Risky Business News
Srsly Risky Biz: American Diplomats to Fight Propaganda… on X
FOE
SecurityWeek
Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long
FOE
CSO Online
Questions raised about how LinkedIn uses the petabytes of data it collects
FOE
Dark Reading
Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers
FOE
SANS Internet Storm Center
Number Usage in Passwords: Take Two, (Thu, Apr 9th)
FOE
Sophos News
Adobe Reader zero-day vulnerability in active exploitation
FOE
Sophos News
We let OpenClaw loose on an internal network. Here’s what it found
FRIEND
Recorded Future Blog
Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.
FOE
Sophos News
The vulnerability flood is here. Here’s what it means – and how to prepare
FOE
Sophos News
We let OpenClaw loose on an internal network. Here’s what it found
FOE
Bleeping Computer
Hackers use pixel-large SVG trick to hide credit card stealer
FOE
Bleeping Computer
Google: New UNC6783 hackers steal corporate Zendesk support tickets
FOE
The Register (Security)
Criminal wannabes even more dangerous than the pros, says ex-FBI cyber chief
FOE
Ars Technica (Security)
Iran-linked hackers disrupt operations at US critical infrastructure sites
FOE
Dark Reading
Threat Actors Get Crafty With Emojis to Escape Detection
FOE
Dark Reading
AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties
FOE
EFF Deeplinks
Banning New Foreign Routers Mistargets Products to Fix Real Problem
FOE
Bleeping Computer
New macOS stealer campaign uses Script Editor in ClickFix attack
FOE
Bleeping Computer
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
FRIEND
CSO Online
Arelion employs NETSCOUT Arbor DDoS protection products
FRIEND
CSO Online
6 Winter 2026 G2 Leader Badges prove this DDoS protection stands out
FOE
The Hacker News
New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
FOE
CSO Online
How botnet-driven DDoS attacks evolved in 2H 2025
FOE
Bleeping Computer
13-year-old bug in ActiveMQ lets hackers remotely execute commands
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)
FOE
The Hacker News
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
FOE
EFF Deeplinks
👁 Selling Mass Surveillance | EFFector 38.7
FOE
Dark Reading
Fraud Rockets Higher in Mobile-First Latin America
FRIEND
CSO Online
Yael Nardi joins Minimus as Chief Business Officer to drive hyper-growth
FRIEND
SecurityWeek
Data Leakage Vulnerability Patched in OpenSSL
FRIEND
Dark Reading
Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus
FOE
SecurityWeek
RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
FOE
SANS Internet Storm Center
More Honeypot Fingerprinting Scans, (Wed, Apr 8th)
FRIEND
Dark Reading
Niobium Introduces The Fog
FRIEND
Dark Reading
Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams
FOE
Bleeping Computer
Is a $30,000 GPU Good at Password Cracking?
FOE
The Hacker News
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
FOE
Dark Reading
Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
FOE
Sophos News
Is compliance complexity outpacing IT capacity?
FOE
SecurityWeek
FBI: Cybercrime Losses Neared $21 Billion in 2025
FOE
SecurityWeek
Massachusetts Hospital Diverts Ambulances as Cyberattack Causes Disruption
FOE
CSO Online
Hackers exploit a critical Flowise flaw affecting thousands of AI workflows
FOE
CSO Online
Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
SecurityWeek
Evasive Masjesu DDoS Botnet Targets IoT Devices
FOE
The Register (Security)
Dutch healthcare software vendor goes dark after ransomware attack
FRIEND
The Hacker News
Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
FOE
SecurityWeek
Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover
FOE
Ars Technica (Security)
Thousands of consumer routers hacked by Russia's military
FOE
CSO Online
LLM-generated passwords are indefensible. Your codebase may already prove it
FOE
SecurityWeek
US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking
FOE
CSO Online
Forest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessions
FOE
Schneier on Security
Python Supply-Chain Compromise
FOE
The Register (Security)
NHS Scotland-linked domains caught serving pr0n and dodgy sports streams
FOE
CSO Online
The zero-day timeline just collapsed. Here’s what security leaders do next
FRIEND
CSO Online
Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents
FRIEND
The Hacker News
Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
FRIEND
CSO Online
The tabletop exercise grows up
FOE
EFF Deeplinks
Digital Hopes, Real Power: How the Arab Spring Fueled a Global Surveillance Boom
FOE
The Hacker News
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
FRIEND
Bleeping Computer
Microsoft rolls out fix for broken Windows Start Menu search
FOE
The Register (Security)
Microsoft hints at bit bunkers for war zones
FOE
Risky Business News
Risky Bulletin: Cybercrime losses passed $20 billion last year
FOE
The Hacker News
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
FOE
CSO Online
Tipps für CISOs, die die Branche wechseln wollen
FOE
SecurityWeek
Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks
FOE
Sophos News
Is compliance complexity outpacing IT capacity?
FOE
Sophos News
Is compliance complexity outpacing IT capacity?
FOE
The Register (Security)
Anthropic: All your zero-days are belong to Mythos
FOE
The Register (Security)
Iran cyber actors disrupting US water, energy facilities, FBI warns
FRIEND
CSO Online
What Anthropic Glasswing reveals about the future of vulnerability discovery
FOE
Bleeping Computer
Hackers exploit critical flaw in Ninja Forms WordPress plugin
FOE
Bleeping Computer
FBI: Americans lost a record $21 billion to cybercrime last year
FOE
CSO Online
Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw
FOE
The Register (Security)
Hundreds of orgs compromised daily in Microsoft device code phishing attacks
FOE
Dark Reading
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'
FOE
Dark Reading
Grafana Patches AI Bug That Could Have Leaked User Data
FOE
Bleeping Computer
Snowflake customers hit in data theft attacks after SaaS integrator breach
FRIEND
EFF Deeplinks
EU Parliament Blocks Mass-Scanning of Our Chats—What's Next?
FRIEND
CSO Online
5 practical steps to strengthen attack resilience with attack surface management
FOE
CSO Online
5 steps to strengthen supply chain security and improve cyber resilience
FRIEND
CSO Online
5 ways to strengthen identity security and improve attack resilience
FOE
SecurityWeek
Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
FOE
SANS Internet Storm Center
A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)
FOE
Bleeping Computer
US warns of Iranian hackers targeting critical infrastructure
FOE
The Register (Security)
US cybercrime losses pass $20B for first time as AI boosts online fraud
FRIEND
Schneier on Security
Cybersecurity in the Age of Instant Software
FOE
Krebs on Security
Russia Hacked Routers to Steal Microsoft Office Tokens
FOE
Bleeping Computer
Max severity Flowise RCE vulnerability now exploited in attacks
FOE
The Register (Security)
Russia's Fancy Bear still attacking routers to boost fake sites, NCSC warns
FOE
The Hacker News
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
FOE
SecurityWeek
The New Rules of Engagement: Matching Agentic Attack Speed
FRIEND
SecurityWeek
Trent AI Emerges From Stealth With $13 Million in Funding
FRIEND
Bleeping Computer
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
FOE
SecurityWeek
Critical Flowise Vulnerability in Attacker Crosshairs
FOE
The Hacker News
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
FOE
Dark Reading
RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever
FOE
Dark Reading
Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends
FOE
Dark Reading
Lies, Damned Lies, and Cybersecurity Metrics
FRIEND
SecurityWeek
Severe StrongBox Vulnerability Patched in Android
FOE
Bleeping Computer
Why Your Automated Pentesting Tool Just Hit a Wall
FOE
SecurityWeek
GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data
FRIEND
SecurityWeek
Webinar Today: Why Automated Pentesting Alone Is Not Enough
FRIEND
Dark Reading
Focusing on the People in Cybersecurity at RSAC 2026 Conference
FOE
CSO Online
Zero‑click Grafana AI attack can enable enterprise data exfiltration
FOE
The Hacker News
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
FOE
The Hacker News
[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk
FOE
CISA Alerts
Mitsubishi Electric GENESIS64 and ICONICS Suite products
FOE
CISA Alerts
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
FOE
SecurityWeek
GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack
FOE
The Hacker News
The Hidden Cost of Recurring Credential Incidents
FOE
SecurityWeek
Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
FOE
CSO Online
Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks
FOE
CSO Online
Supply chain security is now a board-level issue: Here’s what CSOs need to know
FOE
Schneier on Security
Hong Kong Police Can Force You to Reveal Your Encryption Keys
FRIEND
SecurityWeek
German Police Unmask REvil Ransomware Leader
FOE
CSO Online
The rise of proactive cyber: Why defense is no longer enough
FOE
CSO Online
The noisy tenants: Engineering fairness in multi-tenant SIEM solutions
FOE
The Hacker News
New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
FOE
SecurityWeek
White House Seeks to Slash CISA Funding by $707 Million
FOE
The Hacker News
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
FOE
SecurityWeek
Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack
FOE
The Hacker News
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
FRIEND
The Register (Security)
Yahoo<i>!</i> Japan’s owner consolidating 164 OpenStack clusters into one
FOE
Bleeping Computer
German authorities identify REvil and GangCrab ransomware bosses
FOE
The Register (Security)
AI agents found vulns in this popular Linux and Unix print server
FOE
Bleeping Computer
New GPUBreach attack enables system takeover via GPU rowhammer
FOE
Dark Reading
AI-Assisted Supply Chain Attack Targets GitHub
FOE
Dark Reading
Axios Attack Shows Social Complex Engineering Is Industrialized
FOE
Dark Reading
Fortinet Issues Emergency Patch for FortiClient Zero-Day
FOE
Bleeping Computer
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
FRIEND
Bleeping Computer
Microsoft fixes Classic Outlook bug causing email delivery issues
FOE
Schneier on Security
New Mexico’s Meta Ruling and Encryption
FOE
The Hacker News
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
FOE
The Register (Security)
Attackers exploited this critical FortiClient EMS bug as a 0-day
FOE
Bleeping Computer
Microsoft removes Support and Recovery Assistant from Windows
FOE
Bleeping Computer
Microsoft links Medusa ransomware affiliate to zero-day attacks
FOE
Bleeping Computer
Drift $280M crypto theft linked to 6-month in-person operation
FOE
The Hacker News
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
FOE
Bleeping Computer
CISA orders feds to patch exploited Fortinet EMS flaw by Friday
FOE
SecurityWeek
Google DeepMind Researchers Map Web Attacks Against AI Agents
FOE
Dark Reading
Automated Credential Harvesting Campaign Exploits React2Shell Flaw
FOE
Dark Reading
Shadow AI in Healthcare Is Here to Stay
FOE
Bleeping Computer
Why Simple Breach Monitoring is No Longer Enough
FRIEND
Dark Reading
OWASP GenAI Security Project Gets Update, New Tools Matrix
FOE
The Hacker News
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
FOE
The Hacker News
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
FOE
CSO Online
North Korean hackers abuse LNKs and GitHub repos in ongoing campaign
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
The Hacker News
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
FOE
SecurityWeek
Guardarian Users Targeted With Malicious Strapi NPM Packages
FOE
SecurityWeek
North Korean Hackers Target High-Profile Node.js Maintainers
FRIEND
Schneier on Security
Google Wants to Transition to Post-Quantum Cryptography by 2029
FOE
The Hacker News
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
FOE
CSO Online
Authentication is broken: Here’s how security leaders can actually fix it
FOE
SecurityWeek
Fortinet Rushes Emergency Fixes for Exploited Zero-Day
FOE
CSO Online
6 ways attackers abuse AI services to hack your business
FOE
CSO Online
Escaping the COTS trap
FOE
SANS Internet Storm Center
How often are redirects used in phishing in 2026?, (Mon, Apr 6th)
FOE
The Hacker News
BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
FOE
Risky Business News
Risky Bulletin: New Cambodian law will put scam compound operators in prison for life
FOE
Krebs on Security
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
FOE
The Register (Security)
Anthropic sure has a mess on its hands thanks to that Claude Code source leak
FOE
Bleeping Computer
Traffic violation scams switch to QR codes in new phishing texts
FOE
Bleeping Computer
New FortiClient EMS flaw exploited in attacks, emergency patch released
FOE
The Hacker News
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
FOE
Bleeping Computer
Hackers exploit React2Shell in automated credential theft campaign
FOE
The Register (Security)
Researchers didn’t want to glamorize cybercrims. So they roasted them
FOE
Ars Technica (Security)
CBP facility codes sure seem to have leaked via online flashcards
FOE
The Hacker News
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
FOE
The Hacker News
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
FOE
Bleeping Computer
Axios npm hack used fake Teams error fix to hijack maintainer account
FOE
Bleeping Computer
Device code phishing attacks surge 37x as new kits spread online
FOE
SecurityWeek
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack
FRIEND
EFF Deeplinks
Triple Header for Privacy’s Defender in New York
FOE
The Register (Security)
Trump wants to take a battle axe to CISA again and slash $707M from budget
FOE
EFF Deeplinks
The FAA’s “Temporary” Flight Restriction for Drones is a Blatant Attempt to Criminalize Filming ICE
FRIEND
Schneier on Security
Friday Squid Blogging: Jurassic Fish Chokes on Squid
FOE
Dark Reading
Inconsistent Privacy Labels Don't Tell Users What They Are Getting
FOE
Bleeping Computer
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
FOE
Bleeping Computer
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
FOE
Ars Technica (Security)
OpenClaw gives users yet another reason to be freaked out about security
FOE
CSO Online
Security lapse lets researchers view React2Shell hackers’ dashboard
FOE
CSO Online
A core infrastructure engineer pleads guilty to federal charges in insider attack
FOE
Bleeping Computer
Hims & Hers warns of data breach after Zendesk support ticket breach
FOE
EFF Deeplinks
Tech Nonprofits to Feds: Don’t Weaponize Procurement to Undermine AI Trust and Safety
FOE
The Hacker News
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
FOE
CSO Online
Google patches fourth Chrome zero-day so far this year
FOE
CSO Online
Internet Bug Bounty program hits pause on payouts
FRIEND
Dark Reading
Apple Breaks Precedent, Patches DarkSword for iOS 18
FOE
CSO Online
Claude Code is still vulnerable to an attack Anthropic has already fixed
FOE
Bleeping Computer
Die Linke German political party confirms data stolen by Qilin ransomware
FOE
CSO Online
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
FOE
The Register (Security)
Hybrid work, expanded risk: what needs to change
FRIEND
EFF Deeplinks
Double Shot of Privacy's Defender in D.C.
FOE
The Hacker News
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
FOE
EPIC
New EPIC Resource Calls on Congress to Close the Data Broker Loophole
FOE
Dark Reading
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting
FOE
Bleeping Computer
Evolution of Ransomware: Multi-Extortion Ransomware Attacks
FRIEND
Sophos News
Sophos Gartner Peer Insights MDR
FRIEND
Dark Reading
Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)
FOE
Dark Reading
Source Code Leaks Highlight Lack of Supply Chain Oversight
FRIEND
Dark Reading
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain
FOE
SecurityWeek
TrueConf Zero-Day Exploited in Asian Government Attacks
FOE
SecurityWeek
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
FOE
SecurityWeek
Critical ShareFile Flaws Lead to Unauthenticated RCE
FRIEND
Dark Reading
CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry
FOE
Bleeping Computer
Microsoft still working to fix Exchange Online mailbox access issues
FOE
Schneier on Security
Company that Secretly Records and Publishes Zoom Meetings
FOE
The Hacker News
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
FOE
The Hacker News
Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture
FOE
SecurityWeek
Mobile Attack Surface Expands as Enterprises Lose Control
FOE
SecurityWeek
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
FOE
SecurityWeek
T-Mobile Sets the Record Straight on Latest Data Breach Filing
FOE
SecurityWeek
North Korean Hackers Drain $285 Million From Drift in 10 Seconds
FOE
The Hacker News
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
FOE
Bleeping Computer
Man admits to locking thousands of Windows devices in extortion plot
FRIEND
CSO Online
12 cyber industry trends revealed at RSAC 2026
FOE
The Hacker News
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
FRIEND
Bleeping Computer
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
FOE
Bleeping Computer
CERT-EU: European Commission hack exposes data of 30 EU entities
FRIEND
CSO Online
Die besten XDR-Tools
FRIEND
CSO Online
Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative
FOE
Risky Business News
Risky Bulletin: Russia will revoke licenses for unruly ISPs
FRIEND
Recorded Future Blog
Day in the Life: Product Manager at Recorded Future
FRIEND
Sophos News
Sophos named a 2026 Gartner® Peer Insights™ Customers' Choice for Managed Detection and Response
FRIEND
EFF Deeplinks
Weakening Speech Protections Will Punish All of Us—Not Just Meta
FOE
CSO Online
Cisco fixes critical IMC auth bypass present in many products
FRIEND
EFF Deeplinks
A Baseless Copyright Claim Against a Web Host—and Why It Failed
FOE
Bleeping Computer
Claude Code leak used to push infostealer malware on GitHub
FOE
Dark Reading
Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate
FOE
The Hacker News
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
FRIEND
Dark Reading
Security Bosses Are All-In on AI. Here's Why
FOE
Bleeping Computer
Drift loses $280 million North Korean hackers seize Security Council powers
FOE
Bleeping Computer
Drift loses $280 million as hackers seize Security Council powers
FOE
SecurityWeek
Critical Vulnerability in Claude Code Emerges Days After Source Leak
FOE
EFF Deeplinks
Print Blocking Won't Work - Permission to Print Part 2
FOE
EFF Deeplinks
Print Blocking is Anti-Consumer - Permission to Print Part 1
FOE
The Register (Security)
They thought they were downloading Claude Code source. They got a nasty dose of malware instead
FRIEND
Schneier on Security
US Bans All Foreign-Made Consumer Routers
FOE
Ars Technica (Security)
New Rowhammer attacks give complete control of machines running Nvidia GPUs
FRIEND
SecurityWeek
Apple Rolls Out DarkSword Exploit Protection to More Devices
FOE
Dark Reading
Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026
FOE
Dark Reading
RSAC 2026: AI Dominates, But Community Remains Key to Security
FOE
Bleeping Computer
Residential proxies evaded IP reputation checks in 78% of 4B sessions
FOE
The Hacker News
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
FOE
EFF Deeplinks
Google and Amazon: Acknowledged Risks, And Ignored Responsibilities
FOE
SANS Internet Storm Center
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
FRIEND
SecurityWeek
Cybersecurity M&A Roundup: 38 Deals Announced in March 2026
FOE
EPIC
EPIC Joins Coalition Call to Halt Meta’s Plans for Facial Recognition ‘Smart’ Glasses
FOE
Bleeping Computer
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
FOE
Bleeping Computer
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
FOE
Bleeping Computer
Medtech giant Stryker fully operational after data-wiping attack
FOE
Dark Reading
Bank Trojan 'Casbaneiro' Worms Through Latin America
FOE
The Hacker News
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
FOE
CSO Online
EvilTokens abuses Microsoft device code flow for account takeovers
FOE
SecurityWeek
Cisco Patches Critical and High-Severity Vulnerabilities
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
CISA Alerts
Yokogawa CENTUM VP
FOE
CISA Alerts
Hitachi Energy Ellipse
FOE
CISA Alerts
Siemens SICAM 8 Products
FOE
SecurityWeek
250,000 Affected by Data Breach at Nacogdoches Memorial Hospital
FOE
The Hacker News
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
FOE
The Hacker News
The State of Trusted Open Source Report
FOE
EFF Deeplinks
EFF’s Submission to the UN OHCHR on Protection of Human Rights Defenders in the Digital Age
FOE
Bleeping Computer
Critical Cisco IMC auth bypass gives attackers Admin access
FOE
SecurityWeek
Mercor Hit by LiteLLM Supply Chain Attack
FOE
Schneier on Security
Possible US Government iPhone Hacking Tool Leaked
FOE
SecurityWeek
Sophisticated CrystalX RAT Emerges
FOE
The Hacker News
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
FOE
Bleeping Computer
Microsoft links Classic Outlook issue to email delivery problems
FRIEND
CSO Online
Cybersecurity in the age of instant software
FOE
Bleeping Computer
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
FRIEND
SecurityWeek
Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents
FOE
The Register (Security)
The company's biggest security hole lived in the breakroom
FRIEND
The Hacker News
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
FRIEND
SecurityWeek
Linx Security Raises $50 Million for Identity Security and Governance
FOE
CSO Online
Tools, um MCP-Server abzusichern
FOE
Risky Business News
Srsly Risky Biz: America's Next Top (Cyber) Model
FOE
The Register (Security)
AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack
FOE
Recorded Future Blog
Cybercrime Outlook in Latin America and the Caribbean [ES]
FOE
Recorded Future Blog
Panorama del cibercrimen en América Latina y el Caribe
FOE
Recorded Future Blog
Panorama del cibercrimen en América Latina y el Caribe
FRIEND
Sophos News
Amazon GuardDuty enhances detection efficacy with Sophos threat intelligence
FOE
Recorded Future Blog
Latin America and the Caribbean Cybercrime Landscape
FOE
Bleeping Computer
New CrystalRAT malware adds RAT, stealer and prankware features
FOE
Dark Reading
Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense
FRIEND
Bleeping Computer
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
FOE
Bleeping Computer
Hackers exploit TrueConf zero-day to push malicious software updates
FRIEND
The Register (Security)
Amazon security boss: AI makes pentesting 40% more efficient
FOE
Bleeping Computer
New EvilTokens service fuels Microsoft device code phishing attacks
FRIEND
CSO Online
7 ways to improve your business resilience with backup and recovery
FRIEND
CSO Online
5 Steps to break free from alert fatigue and build resilient security operations
FRIEND
CSO Online
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)
FRIEND
CSO Online
6 critical mistakes that undermine cyber resilience (and how to fix them)
FRIEND
CSO Online
6 metrics IT leaders can’t afford to ignore for business resilience
FRIEND
CSO Online
5 critical steps to achieve business resilience in cybersecurity
FRIEND
Dark Reading
LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut
FOE
Bleeping Computer
'NoVoice' Android malware on Google Play infected 2.3 million devices
FOE
CSO Online
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
FOE
Schneier on Security
Is “Hackback” Official US Cybersecurity Strategy?
FOE
Dark Reading
Cyberattacks Intensify Pressure on Latin American Governments
FRIEND
SecurityWeek
Depthfirst Raises $80 Million in Series B Funding
FOE
The Hacker News
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
FOE
SecurityWeek
Toy Giant Hasbro Hit by Cyberattack
FOE
SecurityWeek
New DeepLoad Malware Dropped in ClickFix Attacks
FOE
Dark Reading
Venom Stealer MaaS Platform Commoditizes ClickFix Attacks
FOE
SecurityWeek
Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome
FOE
The Register (Security)
'People's Panel' to check if UK wants controversial Digital ID will cost £630K
FOE
Bleeping Computer
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
FOE
SecurityWeek
FBI Warns of Data Security Risks From China-Made Mobile Apps
FOE
SecurityWeek
US Charges Uranium Crypto Exchange Hacker
FOE
SecurityWeek
Webinar Today: Agentic AI vs. Identity’s Last Mile Problem
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
FRIEND
The Hacker News
Block the Prompt, Not the Work: The End of "Doctor No"
FOE
The Hacker News
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
The Hacker News
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
FOE
The Hacker News
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
FOE
Bleeping Computer
FBI warns against using Chinese mobile apps due to privacy risks
FOE
CSO Online
WhatsApp malware campaign uses malicious VBS files to gain persistent access
FOE
The Hacker News
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
FOE
CSO Online
Hacker zielen auf Exilportal Iranwire
FOE
SANS Internet Storm Center
Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)
FOE
Dark Reading
Are We Training AI Too Late?
FOE
Bleeping Computer
Google fixes fourth Chrome zero-day exploited in attacks in 2026
FOE
Schneier on Security
A Taxonomy of Cognitive Security
FOE
CSO Online
9 ways CISOs can combat AI hallucinations
FOE
CSO Online
Security awareness is not a control: Rethinking human risk in enterprise security
FOE
SecurityWeek
Axios NPM Package Breached in North Korean Supply Chain Attack
FOE
The Register (Security)
UK manufacturers under cyber fire with 80% reporting attacks
FOE
The Hacker News
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
FOE
SecurityWeek
Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents
FRIEND
CSO Online
Im Fokus: IT-Leadership
FRIEND
Bleeping Computer
Google Drive ransomware detection now on by default for paying users
FOE
The Hacker News
Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
FOE
Risky Business News
Risky Bulletin: Iranian password sprays came first, then came the missiles
FRIEND
Bleeping Computer
New Windows 11 emergency update fixes preview update install issues
FRIEND
CSO Online
Attack Surface Management – ein Kaufratgeber
FOE
CSO Online
Anthropic employee error exposes Claude Code source
FOE
Bleeping Computer
Claude Code source code accidentally leaked in NPM package
FRIEND
Recorded Future Blog
Industrialization of the Fraud Ecosystem Blog
FRIEND
Bleeping Computer
Proton launches new "Meet" privacy-focused conferencing platform
FOE
Bleeping Computer
GIGABYTE Control Center vulnerable to arbitrary file write flaw
FOE
Dark Reading
The Forgotten Endpoint: Security Risks of Dormant Devices
FOE
Bleeping Computer
Claude AI finds Vim, Emacs RCE bugs that trigger on file open
FOE
The Register (Security)
Don't open that WhatsApp message, Microsoft warns
FOE
Dark Reading
Axios NPM Package Compromised in Precision Attack
FOE
CSO Online
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
FOE
Dark Reading
Google's Vertex AI Has an Over-Privileged Problem
FOE
Dark Reading
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials
FOE
The Register (Security)
Iran targets M365 accounts with password-spraying attacks
FOE
CSO Online
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
FRIEND
The Hacker News
Android Developer Verification Rollout Begins Ahead of September Enforcement
FOE
Ars Technica (Security)
Quantum computers need vastly fewer resources than thought to break vital encryption
FOE
Bleeping Computer
Cisco source code stolen in Trivy-linked dev environment breach
FOE
The Hacker News
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
FRIEND
Dark Reading
Black Hat USA
FRIEND
SecurityWeek
Censys Raises $70 Million for Internet Intelligence Platform
FRIEND
Dark Reading
Rethinking Vulnerability Management Strategies for Mid-Market Security
FOE
SecurityWeek
The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust
FOE
Dark Reading
AI and Quantum Are Forcing a Rethink of Digital Trust
FOE
SecurityWeek
Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks
FOE
SecurityWeek
Venom Stealer Raises Stakes With Continuous Credential Harvesting
FOE
Privacy International
Challenging the militarisation of tech: a visual explainer
FOE
Bleeping Computer
How to Categorize AI Agents and Prioritize Risk
FOE
Bleeping Computer
Hackers compromise Axios npm package to drop cross-platform malware
FOE
SecurityWeek
TeamPCP Moves From OSS to AWS Environments
FOE
Ars Technica (Security)
Iran's hackers are on the offensive against the US and Israel
FOE
SecurityWeek
CrewAI Vulnerabilities Expose Devices to Hacking
FOE
Dark Reading
Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations
FOE
The Hacker News
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
FOE
CSO Online
OpenAI patches twin leaks as Codex slips and ChatGPT spills
FRIEND
Bleeping Computer
Microsoft fixes Outlook Classic crashes caused by Teams Meeting add-in
FOE
CISA Alerts
Anritsu Remote Spectrum Monitor
FOE
CISA Alerts
PX4 Autopilot
FOE
SecurityWeek
Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption
FOE
The Hacker News
The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority
FOE
The Hacker News
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
FOE
SecurityWeek
Exploitation of Critical Fortinet FortiClient EMS Flaw Begins
FRIEND
Schneier on Security
Inventors of Quantum Cryptography Win Turing Award
FOE
The Register (Security)
Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines
FOE
SecurityWeek
StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs
FOE
SecurityWeek
Lloyds Data Security Incident Impacts 450,000 Individuals
FOE
Bleeping Computer
Hacker charged with stealing $53 million from Uranium crypto exchange
FRIEND
CSO Online
8 ways to bolster your security posture on the cheap
FOE
CSO Online
The external pressures redefining cybersecurity risk
FOE
CSO Online
6 key takeaways from RSA Conference 2026
FOE
Bleeping Computer
Dutch Finance Ministry takes treasury banking portal offline after breach
FOE
SANS Internet Storm Center
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
FOE
CSO Online
Fahndung nach Cyberkriminellen – 130 Firmen attackiert
FOE
Bleeping Computer
CISA orders feds to patch actively exploited Citrix flaw by Thursday
FOE
SecurityWeek
Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
FOE
The Hacker News
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
FOE
Sophos News
Axios npm package compromised to deploy malware
FOE
Sophos News
The High Cost of Low Trust: Our Commitment to Radical Transparency
FOE
Sophos News
The Cybersecurity Trust Reality in 2026
FOE
CSO Online
Fortinet hit by another exploited cybersecurity flaw
FOE
Bleeping Computer
Healthcare tech firm CareCloud says hackers stole patient data
FOE
Dark Reading
AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection
FOE
Bleeping Computer
New RoadK1ll WebSocket implant used to pivot on breached networks
FOE
The Intercept (Privacy)
What Would We All Say If Iran Razed MIT Because of Military-Related Research?
FOE
The Register (Security)
OpenAI patches ChatGPT flaw that smuggled data over DNS
FRIEND
EFF Deeplinks
Welcome, Daily Show Viewers! Learn More About EFF and Privacy's Defender
FRIEND
EPIC
Biometric Update: FTC can do better on age assurance, say privacy rights’ groups
FOE
Dark Reading
AI-Driven Code Surge Is Forcing a Rethink of AppSec
FOE
Bleeping Computer
Critical Citrix NetScaler memory flaw actively exploited in attacks
FOE
Dark Reading
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation
FOE
Dark Reading
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation
FOE
The Hacker News
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
FOE
The Register (Security)
Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
FOE
Dark Reading
Manufacturing and Healthcare Share Struggles with Passwords
FOE
The Hacker News
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
FRIEND
EFF Deeplinks
EFF's Cindy Cohn on The Daily Show! Tonight Monday, March 30
FOE
Dark Reading
Storm Brews Over Critical, No-Click Telegram Flaw
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)
FRIEND
Bleeping Computer
Apple adds macOS Terminal warning to block ClickFix attacks
FOE
SecurityWeek
Healthcare IT Platform CareCloud Probing Potential Data Breach
FOE
SecurityWeek
Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control
FRIEND
Bleeping Computer
How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
FOE
The Hacker News
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
FOE
The Register (Security)
Citrix NetScaler bug exploited in days, may be multiple flaws in a trench coat
FRIEND
The Hacker News
3 SOC Process Fixes That Unlock Tier 1 Productivity
FRIEND
SecurityWeek
Huskeys Emerges From Stealth With $8 Million in Funding
FOE
CSO Online
LangChain path traversal bug adds to input validation woes in AI pipelines
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
SecurityWeek
Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
FOE
CSO Online
Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases
FOE
The Hacker News
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
FOE
SecurityWeek
European Commission Reports Cyber Intrusion and Data Theft
FOE
SecurityWeek
Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare
FRIEND
Schneier on Security
Apple’s Camera Indicator Lights
FOE
Bleeping Computer
Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
FOE
SecurityWeek
Telnyx Targeted in Growing TeamPCP Supply Chain Attack
FOE
The Register (Security)
European Commission admits attackers broke into public web systems, but says little else
FOE
CSO Online
APIs are the new perimeter: Here’s how CISOs are securing them
FOE
The Hacker News
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
FOE
Bleeping Computer
Microsoft pulls KB5079391 Windows update over install issues
FOE
SecurityWeek
Exploitation of Fresh Citrix NetScaler Vulnerability Begins
FOE
CSO Online
Why Kubernetes controllers are the perfect backdoor
FOE
SecurityWeek
FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers
FOE
Bleeping Computer
Critical Fortinet Forticlient EMS flaw now exploited in attacks
FOE
The Register (Security)
Security contractor blew the whistle on support crew's viral indifference
FOE
SecurityWeek
F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild
FOE
The Hacker News
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
FOE
Bleeping Computer
European Commission confirms data breach after Europa.eu hack
FOE
The Register (Security)
US foreign router ban criticized for being ‘industrial policy disguised as cybersecurity’
FRIEND
Risky Business News
Risky Bulletin: Apple adds ClickFix warning to macOS terminal
FRIEND
CSO Online
Data Security Posture Management: Die besten DSPM-Tools
FRIEND
SANS Internet Storm Center
DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
FRIEND
Sophos News
Where AI in the SOC is actually delivering — and where it isn’t
FOE
Sophos News
Incident responders, s'il vous plait: Invites lead to odd malware events
FOE
Bleeping Computer
FBI confirms hack of Director Patel's personal email inbox
FOE
Bleeping Computer
File read flaw in Smart Slider plugin impacts 500K WordPress sites
FOE
The Hacker News
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)
FOE
Bleeping Computer
New Infinity Stealer malware grabs macOS data via ClickFix lures
FOE
SecurityWeek
Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs
FOE
The Intercept (Privacy)
ICE at Airports Trains Us to Accept Being Terrorized in Our Daily Lives
FOE
The Hacker News
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
FOE
The Hacker News
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
FOE
The Hacker News
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
FOE
EFF Deeplinks
US Tech Companies Must be Accountable in US Courts for Facilitating Persecution and Torture Abroad, EFF Urges US Supreme Court
FOE
Sophos News
Incident responders, s'il vous plait: Invites lead to odd malware events
FOE
Bleeping Computer
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
FOE
CSO Online
European Commission data stolen in a cyberattack on the infrastructure hosting its web sites
FRIEND
EPIC
EPIC Joins Amicus Brief Urging SCOTUS to Hold Wireless Carriers Accountable for Selling Customers’ Location Data
FRIEND
EPIC
Reason Magazine: Trump Backs Section 702 Reauthorization After Once Calling To ‘KILL FISA’
FOE
CSO Online
Lloyds Bank reveals how IT bug exposed transaction data
FRIEND
The Hacker News
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
FOE
The Hacker News
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
FOE
Bleeping Computer
Fake VS Code alerts on GitHub spread malware to developers
FOE
Dark Reading
China Upgrades the Backdoor It Uses to Spy on Telcos Globally
FOE
SecurityWeek
Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account
FRIEND
EPIC
EPIC Urges Amendments to Maryland Chatbots Bill
FRIEND
Privacy International
Are IP addresses personal data?
FOE
Dark Reading
Wartime Usage of Compromised IP Cameras Highlight Their Danger
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)
FOE
SecurityWeek
In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
FRIEND
Bleeping Computer
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
FOE
The Hacker News
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
FRIEND
SecurityWeek
OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
FOE
The Register (Security)
AFC Ajax drops ball as flaws let hackers play admin with tickets and bans
FOE
Bleeping Computer
European Commission investigating breach after Amazon cloud account hack
FOE
Bleeping Computer
European Commission investigating breach after Amazon cloud hack
FOE
CSO Online
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm
FOE
The Hacker News
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
FRIEND
Dark Reading
Google Sets 2029 Deadline for Quantum-Safe Cryptography
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
SecurityWeek
TP-Link Patches High-Severity Router Vulnerabilities
FOE
The Register (Security)
Iran war drives urgent need to counter underwater attack drones
FOE
The Hacker News
We Are At War
FOE
CSO Online
Cyberangriff auf die Linke
FOE
SecurityWeek
RSAC 2026 Conference Announcements Summary (Days 3-4)
FRIEND
Bleeping Computer
Anti-piracy coalition takes down AnimePlay app with 5 million users
FOE
SecurityWeek
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
FOE
The Hacker News
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
FRIEND
CSO Online
8 steps CISOs can take to empower their teams
FOE
SecurityWeek
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
FRIEND
Bleeping Computer
Windows 11 KB5079391 update rolls out Smart App Control improvements
FOE
Bleeping Computer
Dutch Police discloses security breach after phishing attack
FOE
The Hacker News
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
FOE
The Register (Security)
Security boffins scoured the web and found hundreds of valid API keys
FOE
CSO Online
Was ist Social Engineering?
FOE
Risky Business News
Risky Bulletin: Russia to use custom crypto-algorithm for its 5G network
FOE
CSO Online
Google: The quantum apocalypse is coming sooner than we thought
FOE
Ars Technica (Security)
Internet Yiff Machine: We hacked 93GB of "anonymous" crime tips
FOE
Bleeping Computer
Ajax football club hack exposed fan data, enabled ticket hijack
FRIEND
Dark Reading
Infrastructure Attacks With Physical Consequences Down 25%
FOE
EFF Deeplinks
Traffic Violation! License Plate Reader Mission Creep Is Already Here
FOE
Dark Reading
Coruna, DarkSword & Democratizing Nation-State Exploit Kits
FOE
Dark Reading
Is the FCC's Router Ban the Wrong Fix?
FOE
Dark Reading
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
FOE
Bleeping Computer
CISA: New Langflow flaw actively exploited to hijack AI workflows
FOE
Dark Reading
Critical Flaw in Langflow AI Platform Under Attack
FOE
CSO Online
The CISO’s guide to responding to shadow AI
FOE
EPIC
Yahoo Tech: I Review Routers for a Living. Don’t Buy a Router Right Now
FOE
SANS Internet Storm Center
TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)
FOE
The Hacker News
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
FRIEND
Sophos News
The High Cost of Low Trust: Our Commitment to Radical Transparency
FRIEND
EFF Deeplinks
Supreme Court Agrees With EFF: ISPs Don't Have To Be Copyright Enforcers
FOE
Bleeping Computer
UK sanctions Xinbi marketplace linked to Asian scam centers
FRIEND
Dark Reading
How Organizations Can Use Blunders to Level Up Their Security Programs
FOE
Dark Reading
AI-Powered Dependency Decisions Introduce, Ignore Security Bugs
FOE
Bleeping Computer
TikTok for Business accounts targeted in new phishing campaign
FOE
SecurityWeek
Hightower Holding Data Breach Impacts 130,000
FRIEND
Bleeping Computer
WhatsApp rolls out more AI features, iOS multi-account support
FOE
Bleeping Computer
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
FOE
SecurityWeek
BIND Updates Patch High-Severity Vulnerabilities
FOE
The Hacker News
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
FOE
Bleeping Computer
Coruna iOS exploit framework linked to Triangulation attacks
FOE
SecurityWeek
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
FRIEND
Bleeping Computer
Russia arrests suspected owner of LeakBase cybercrime forum
FRIEND
CSO Online
Databricks pitches Lakewatch as a cheaper SIEM — but is it really?
FOE
SecurityWeek
Cisco Patches Multiple Vulnerabilities in IOS Software
FOE
Dark Reading
Intermediaries Driving Global Spyware Market Expansion
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
CISA Alerts
OpenCode Systems OC Messaging and USSD Gateway
FOE
CISA Alerts
PTC Windchill Product Lifecycle Management
FOE
CISA Alerts
WAGO GmbH & Co. KG Industrial Managed Switches
FOE
The Hacker News
Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
FRIEND
Bleeping Computer
Suspected RedLine infostealer malware admin extradited to US
FOE
The Register (Security)
Brit lawmaker targeted by AI deepfake fails to get answers from US Big Tech
FOE
The Hacker News
ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories
FOE
CSO Online
GitHub phishers use fake OpenClaw tokens to drain crypto wallets
FOE
The Hacker News
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
FOE
The Hacker News
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
FOE
Schneier on Security
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters
FOE
SecurityWeek
Alleged RedLine Malware Administrator Extradited to US
FRIEND
SecurityWeek
Dell and HP Roll Out Quantum-Resistant Device Security and AI-Era Cyber Resilience
FOE
The Hacker News
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
FRIEND
CSO Online
10 essenzielle Maßnahmen für physische Sicherheit
FOE
The Register (Security)
Indian government probes CCTV espionage operation linked to Pakistan
FOE
Risky Business News
Srsly Risky Biz: FBI Says Why Get a Warrant When You Have Kash
FOE
CSO Online
New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
FRIEND
Bleeping Computer
GitHub adds AI-powered bug detection to expand security coverage
FRIEND
Dark Reading
At RSAC, the EU Leads While US Officials Are Sidelined
FOE
Bleeping Computer
PolyShell attacks target 56% of all vulnerable Magento stores
FRIEND
SANS Internet Storm Center
Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
FOE
The Register (Security)
AI supply chain attacks don’t even require malware…just post poisoned documentation
FOE
The Register (Security)
Scammers have virtual smartphones on speed dial for fraud
FOE
Bleeping Computer
Bubble AI app builder abused to steal Microsoft account credentials
FRIEND
The Register (Security)
Jen Easterly, cybersecurity's 'relentless optimist,' hopes feds come back to RSAC next year
FOE
EPIC
Jury Finds Meta and Google Negligent in Landmark Social Media Addiction Case
FOE
The Register (Security)
Only Trump can decide when cyberwar turns into real war
FOE
Bleeping Computer
New Torg Grabber infostealer malware targets 728 crypto wallets
FOE
CSO Online
Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service
FOE
EPIC
The 33 Data Brokers Selling US Data to Foreign Actors, According to California
FOE
EPIC
NPR: Your data is everywhere. The government is buying it without a warrant
FRIEND
The Hacker News
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
FOE
EFF Deeplinks
EFF Sues for Answers About Medicare's AI Experiment
FOE
Privacy International
PI seeks to inform inquiry of UK Joint Committee on Human Rights on human rights and AI
FOE
Sophos News
The Cybersecurity Trust Reality in 2026
FOE
Dark Reading
Blame Game: Why Public Cyber Attribution Carries Risks
FRIEND
SecurityWeek
Onit Security Raises $11 Million for Exposure Management Platform
FOE
Bleeping Computer
Citrix urges admins to patch NetScaler flaws as soon as possible
FOE
Ars Technica (Security)
Google bumps up Q Day estimate to 2029, far sooner than previously thought
FOE
EFF Deeplinks
👓 Who's Really Watching What Smartglasses See? | EFFector 38.6
FOE
Dark Reading
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam
FOE
Dark Reading
SANS: Top 5 Most Dangerous New Attack Techniques to Watch
FRIEND
SecurityWeek
Russian Cybercriminal Gets 2-Year Prison Sentence in US
FOE
The Hacker News
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
FOE
SecurityWeek
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link
FRIEND
Dark Reading
Why a 'Near Miss' Database Is Key to Improving Information Sharing
FOE
Bleeping Computer
Paid AI Accounts Are Now a Hot Underground Commodity
FRIEND
SecurityWeek
iOS, macOS 26.4 Roll Out With Fresh Security Patches
FRIEND
SecurityWeek
FCC Bans New Routers Made Outside the US Over National Security Risks
FRIEND
Bleeping Computer
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
FOE
Dark Reading
AI-Native Security Is a Must to Counter AI-Based Attacks
FRIEND
The Intercept (Privacy)
How to Keep ICE Agents Out of Your Devices at Airports
FRIEND
SecurityWeek
RSAC 2026 Conference Announcements Summary (Day 2)
FOE
CSO Online
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
The Hacker News
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
FOE
Dark Reading
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks
FOE
SecurityWeek
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
FOE
The Hacker News
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
FOE
The Hacker News
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
FOE
Bleeping Computer
TP-Link warns users to patch critical router auth bypass flaw
FOE
CSO Online
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
FOE
EFF Deeplinks
Digital Hopes, Real Power: Reflecting on the Legacy of the Arab Spring
FOE
Schneier on Security
Sen. Wyden Warns of Another Section 702 Abuse
FOE
Privacy International
Transparency and explainability for algorithmic decisions at work
FRIEND
CSO Online
6 key trends reshaping the IAM market
FOE
SecurityWeek
US Prisons Russian Access Broker for Aiding Ransomware Attacks
FOE
CSO Online
AI is breaking traditional security models — Here’s where they fail first
FRIEND
Bleeping Computer
Manager of botnet used in ransomware attacks gets 2 years in prison
FOE
SecurityWeek
HackerOne Employee Data Exposed in Massive Navia Breach
FRIEND
The Register (Security)
Enterprise PCs are unreliable, unpatched, and unloved compared to Macs
FRIEND
The Hacker News
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
FRIEND
Dark Reading
Iran Hacktivists Make Noise but Have Little Impact on War
FRIEND
CSO Online
Empathie trifft IT-Sicherheit: Der Weg zu gelebter Compliance
FOE
Risky Business News
Risky Bulletin: The Intellexa CEO is pissed!!!
FOE
SANS Internet Storm Center
SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)
FOE
Recorded Future Blog
ClickFix Campaigns Targeting Windows and macOS
FOE
Bleeping Computer
PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
FRIEND
Dark Reading
CSA Launches CSAI Foundation for AI Security
FOE
Bleeping Computer
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
FOE
Dark Reading
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit
FOE
Dark Reading
How AI Coding Tools Crushed the Endpoint Security Fortress
FRIEND
The Register (Security)
EFF has a new boss to lead the fight against privacy-sucking forces of doom
FRIEND
EFF Deeplinks
Nicole Ozer Named as Electronic Frontier Foundation’s Executive Director
FRIEND
Bleeping Computer
FCC bans new routers made outside the USA over security risks
FOE
The Register (Security)
1K+ cloud environments infected following Trivy supply chain attack
FRIEND
SecurityWeek
DoE Publishes 5-Year Energy Security Plan
FOE
The Register (Security)
LiteLLM loses game of Trivy pursuit, gets compromised
FOE
SecurityWeek
Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw
FOE
The Hacker News
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
FOE
SecurityWeek
Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector
FRIEND
Bleeping Computer
Firefox now has a free built-in VPN with 50GB monthly data limit
FOE
The Hacker News
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
FOE
The Hacker News
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
FRIEND
The Intercept (Privacy)
Palantir Will No Longer Profit Off of New Yorkers’ Health Data
FRIEND
SecurityWeek
RSAC 2026 Conference Announcements Summary (Day 1)
FRIEND
Bleeping Computer
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
FOE
Dark Reading
GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead
FOE
EFF Deeplinks
Digital Hopes, Real Power: From Revolution to Regulation
FOE
Bleeping Computer
Zero Trust: Bridging the Gap Between Authentication and Trust
FOE
Bleeping Computer
HackerOne discloses employee data breach after Navia hack
FOE
SANS Internet Storm Center
Detecting IP KVMs, (Tue, Mar 24th)
FOE
SecurityWeek
Extortion Group Claims It Hacked AstraZeneca
FOE
Bleeping Computer
Infinite Campus warns of breach after ShinyHunters claims data theft
FOE
CSO Online
DDoS-Angriffe haben sich verdoppelt
FOE
EFF Deeplinks
UK Politicians Continue to Miss the Point in Latest Social Media Ban Proposal
FRIEND
SecurityWeek
Chrome 146 Update Patches High-Severity Vulnerabilities
FRIEND
CSO Online
HP launches TPM Guard to help defeat physical TPM attacks
FOE
The Register (Security)
HackerOne slams supplier for delayed breach notice after staff data exposed
FRIEND
Dark Reading
How a Large Bank Uses AI Digital Twins for Threat Hunting
FOE
Sophos News
The global CISO landscape: A leadership gap too large to ignore
FOE
Bleeping Computer
Yanluowang ransomware access broker gets 81 months in prison
FOE
Ars Technica (Security)
Self-propagating malware poisons open source software and wipes Iran-based machines
FRIEND
SecurityWeek
Webinar Today: Putting CIS Controls and Benchmarks into Practice
FRIEND
Dark Reading
Microsoft Proposes Better Identity, Guardrails for AI Agents
FOE
SecurityWeek
3.1 Million Impacted by QualDerm Data Breach
FRIEND
The Register (Security)
Country that put backdoors into Cisco routers to spy on world bans foreign routers
FOE
SecurityWeek
Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool
FOE
Bleeping Computer
Dutch Ministry of Finance discloses breach affecting employees
FOE
CISA Alerts
Pharos Controls Mosaic Show Controller
FOE
CISA Alerts
Grassroots DICOM (GDCM)
FOE
CISA Alerts
Schneider Electric EcoStruxure Foxboro DCS
FOE
CISA Alerts
Schneider Electric Plant iT/Brewmaxx
FOE
The Hacker News
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
FOE
CSO Online
New ‘StoatWaffle’ malware auto‑executes attacks on developers
FRIEND
The Hacker News
5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
FOE
The Register (Security)
Russian initial access broker who fed ransomware crews gets 81 months in US prison
FOE
SecurityWeek
Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
FRIEND
Schneier on Security
Team Mirai and Democracy
FOE
SecurityWeek
Mazda Says Employee, Partner Information Stolen in Cyberattack
FOE
The Hacker News
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
FOE
SecurityWeek
Stryker Says Malicious File Found During Probe Into Iran-Linked Attack
FOE
CSO Online
Autonomous AI adoption is on the rise, but it’s risky
FOE
The Hacker News
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
FRIEND
CSO Online
Streamline physical security to enable data center growth in the era of AI
FRIEND
CSO Online
Why CISOs should embrace AI honeypots
FOE
The Hacker News
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
FOE
The Hacker News
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
FRIEND
CSO Online
ISO und ISMS: Darum gehen Security-Zertifizierungen schief
FRIEND
CSO Online
Palo Alto updates security platform to discover AI agents
FRIEND
Sophos News
Sophos Firewall ranked the #1 overall firewall solution in G2’s Spring 2026 reports
FRIEND
Sophos News
Cybersecurity for Education – Sophos Protected Classroom
FOE
Bleeping Computer
OpenAI rolls out ChatGPT Library to store your personal files
FRIEND
EPIC
EPIC Testifies in Support of D.C.’s Proposed Personal Health Data Security Amendment Act
FOE
The Register (Security)
Claude attacks were 'Rorschach test' for infosec community, scaring former NSA boss
FOE
Bleeping Computer
Mazda discloses security breach exposing employee and partner data
FOE
Dark Reading
AI in the SOC: What Could Go Wrong?
FRIEND
The Register (Security)
Public-private partnerships vital in disrupting China's Typhoons, says RSA panel with no government speakers
FOE
Bleeping Computer
Tycoon2FA phishing platform returns after recent police disruption
FOE
Dark Reading
Trivy Supply Chain Attack Targets CI/CD Secrets
FOE
Dark Reading
Ransomware's New Era: Moving at AI Speed
FOE
Ars Technica (Security)
After hackers hit an Iowa company, cars around the country failed to start
FOE
The Register (Security)
Lightning-fast exploits make it essential to patch fast, ask questions later
FRIEND
SANS Internet Storm Center
Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)
FRIEND
Dark Reading
CISOs Debate Human Role in AI-Powered Security
FOE
Bleeping Computer
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
FOE
Bleeping Computer
Crunchyroll probes breach after hacker claims to steal 6.8M users' data
FOE
The Hacker News
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
FOE
EPIC
Portland Press Herald: Portland Sea Dogs, Maine Mariners worry about Democratic legislative priority
FOE
Bleeping Computer
Trivy supply-chain attack spreads to Docker, GitHub repos
FRIEND
SecurityWeek
RSAC 2026 Conference Announcements Summary (Pre-Event)
FOE
Krebs on Security
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
FOE
CSO Online
Faster attacks and ‘recovery denial’ ransomware reshape threat landscape
FOE
Dark Reading
Attackers Hide Infostealer in Copyright Infringement Notices
FRIEND
The Register (Security)
Google unleashes Gemini AI agents on the dark web
FOE
The Register (Security)
Smooth criminals talking their way into cloud environments, Google says
FOE
SecurityWeek
M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds
FOE
SecurityWeek
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware
FRIEND
Bleeping Computer
Varonis Atlas: Securing AI and the Data That Powers It
FOE
SecurityWeek
Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
FOE
The Hacker News
⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
FOE
The Register (Security)
US chip testing firm shrugged off ransomware hit as minor - then came the data leak
FOE
The Register (Security)
RSAC 2026: Uncle Sam backs out, and AI agents are everywhere
FOE
Bleeping Computer
Microsoft Exchange Online service change causes email access issues
FRIEND
NIST Cybersecurity Insights
Reflections from the Second NIST Cyber AI Profile Workshop
FOE
Sophos News
NICKEL ALLEY strategy: Fake it 'til you make it
FOE
The Hacker News
We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
FOE
CSO Online
Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies
FOE
The Register (Security)
Microsoft fixes broken Windows update days after vowing fewer broken updates
FOE
SecurityWeek
QNAP Patches Four Vulnerabilities Exploited at Pwn2Own
FOE
Schneier on Security
Microsoft Xbox One Hacked
FOE
The Hacker News
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
FOE
SecurityWeek
Tycoon 2FA Fully Operational Despite Law Enforcement Takedown
FOE
The Register (Security)
The drone swarm is coming, and NATO air defenses are too expensive to cope
FOE
Bleeping Computer
FBI warns of Handala hackers using Telegram in malware attacks
FOE
CSO Online
Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire
FOE
The Intercept (Privacy)
Democrats Might Save Mike Johnson’s Push to Give Trump Domestic Spying Power
FOE
CSO Online
Why US companies must be ready for quantum by 2030: A practical roadmap
FOE
Bleeping Computer
CISA orders feds to patch DarkSword iOS flaws exploited attacks
FOE
The Hacker News
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
FRIEND
Bleeping Computer
New KB5085516 emergency update fixes Microsoft account sign-in
FOE
CSO Online
The insider threat rises again
FOE
The Hacker News
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
FOE
SecurityWeek
Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability
FOE
Risky Business News
Risky Bulletin: GitHub is starting to have a real malware problem
FRIEND
Sophos News
High-Five: Sophos Ranked Number 1 Overall in Endpoint, EDR, XDR, MDR, and Firewall in the G2 Spring 2026 Reports
FOE
Sophos News
Oracle vulnerability (CVE-2026-21992) impacts core products
FOE
Sophos News
NICKEL ALLEY strategy: Fake it ‘til you make it
FOE
The Register (Security)
Russians are posing as Signal support to launch phishing attacks
FOE
Bleeping Computer
VoidStealer malware steals Chrome master key via debugger trick
FRIEND
Dark Reading
AI Dominates RSAC Innovation Sandbox
FOE
Bleeping Computer
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
FRIEND
Bleeping Computer
Google adds ‘Advanced Flow’ for safe APK sideloading on Android
FOE
Bleeping Computer
Microsoft Azure Monitor alerts abused in callback phishing campaigns
FOE
The Hacker News
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
FOE
SecurityWeek
Critical Quest KACE Vulnerability Potentially Exploited in Attacks
FOE
The Hacker News
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
FOE
The Hacker News
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
FOE
The Hacker News
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
FOE
CSO Online
Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
FOE
CSO Online
Are nations ready to be the cybersecurity insurers of last resort?
FOE
EFF Deeplinks
Congress Is Dropping the Ball with a Clean Extension of FISA
FOE
The Register (Security)
Cryptographers engage in war of words over RustSec bug reports and subsequent ban
FRIEND
Schneier on Security
Friday Squid Blogging: Jumbo Flying Squid in the South Pacific
FOE
Ars Technica (Security)
Widely used Trivy scanner compromised in ongoing supply-chain attack
FOE
Bleeping Computer
FBI links Signal phishing attacks to Russian intelligence services
FOE
Dark Reading
Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw
FOE
Bleeping Computer
Oracle pushes emergency fix for critical Identity Manager RCE flaw
FRIEND
CSO Online
Water utilities strengthen cybersecurity through cooperation
FOE
The Hacker News
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
FOE
EPIC
White House AI Framework Protects AI Companies, Not People
FRIEND
Bleeping Computer
Police take down 373,000 fake CSAM sites in Operation Alice
FOE
CSO Online
Stop using AI to submit bug reports, says Google
FOE
Dark Reading
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
FOE
SecurityWeek
In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
FOE
The Hacker News
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
FOE
Bleeping Computer
CISA orders feds to patch max-severity Cisco flaw by Sunday
FOE
SecurityWeek
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China
FOE
Bleeping Computer
How CISOs Can Survive the Era of Geopolitical Cyberattacks
FOE
The Register (Security)
UK police force presses pause on live facial recognition after study finds racial bias
FRIEND
SecurityWeek
Eclypsium Raises $25 Million for Device Supply Chain Security
FRIEND
The Register (Security)
Feds disrupt monster IoT botnets behind record-breaking DDoS attacks
FOE
Dark Reading
Interlock Ransomware Targets Cisco Enterprise Firewalls
FOE
The Register (Security)
Jaguar Land Rover's cyber bailout sets worrying precedent, watchdog warns
FOE
SecurityWeek
US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
FOE
CISA Alerts
Russian Intelligence Services Target Commercial Messaging Application Accounts
FRIEND
NIST Cybersecurity Insights
All aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.
FOE
CISA Alerts
CISA Adds Five Known Exploited Vulnerabilities to Catalog
FRIEND
CSO Online
DDoS-Attacken: Schlag gegen internationale Cyberkriminelle
FRIEND
SecurityWeek
Cape Raises $100 Million for Protection Against Cellular Security Threats
FOE
Schneier on Security
Proton Mail Shared User Information with the Police
FOE
SecurityWeek
Navia Data Breach Impacts 2.7 Million
FRIEND
The Hacker News
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
FOE
SecurityWeek
Thousands of Magento Sites Hit in Ongoing Defacement Campaign
FOE
The Register (Security)
Starmer's digital ID reboot raises same old questions as its Blair-era ancestor
FOE
The Hacker News
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
FOE
Bleeping Computer
Musician admits to $10M streaming royalty fraud using AI bots
FOE
The Hacker News
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
FRIEND
SecurityWeek
Allure Security Raises $17 Million for Online Brand Protection
FOE
The Intercept (Privacy)
Data Centers Are Military Targets Now
FOE
SANS Internet Storm Center
GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
FOE
SecurityWeek
Critical Langflow Vulnerability Exploited Hours After Public Disclosure
FRIEND
Bleeping Computer
International joint action disrupts world’s largest DDoS botnets
FOE
Bleeping Computer
Microsoft: March Windows updates break Teams, OneDrive sign-ins
FRIEND
SecurityWeek
Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
FRIEND
The Register (Security)
While you're here, could you go out of your way to do an impossible job?
FOE
CSO Online
The espionage reality: Your infrastructure is already in the collection path
FOE
Bleeping Computer
Ex-data analyst stole company data in $2.5M extortion scheme
FRIEND
The Hacker News
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
FOE
The Hacker News
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
FRIEND
CSO Online
Die besten IAM-Tools
FRIEND
Risky Business News
Risky Bulletin: AWS kills bucketsquatting
FRIEND
Krebs on Security
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
FOE
Sophos News
The global CISO landscape: A leadership gap too large to ignore
FOE
CSO Online
CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group
FOE
CSO Online
That cheap KVM device could expose your network to remote compromise
FOE
Dark Reading
AI Conundrum: Why MCP Security Can't Be Patched Away
FOE
Bleeping Computer
Navia discloses data breach impacting 2.7 million people
FRIEND
Dark Reading
With Government's Role Uncertain, Businesses Unite to Combat Fraud
FOE
Ars Technica (Security)
Millions of iPhones can be hacked with a new tool found in the wild
FRIEND
Dark Reading
Native Launches With Security Control Plane for Multicloud
FOE
Bleeping Computer
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
FOE
The Hacker News
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
FOE
The Register (Security)
Unknown attackers exploit yet another critical SharePoint bug
FOE
EPIC
EPIC Endorses Bipartisan Government Surveillance Reform Act to Rein in Runaway Warrantless Surveillance
FOE
The Hacker News
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
FRIEND
EPIC
EPIC Urges House Financial Services Committee to Protect Financial Privacy
FOE
The Register (Security)
Google gives Android users a way to install unverified apps if they prove they really, really want to
FOE
CSO Online
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
FRIEND
SecurityWeek
Oasis Security Raises $120 Million for Agentic Access Management
FRIEND
Dark Reading
Post-Quantum Web Could be Safer, Faster
FRIEND
SecurityWeek
1stProtect Emerges From Stealth With $20 Million in Funding
FOE
SecurityWeek
Critical ScreenConnect Vulnerability Exposes Machine Keys
FRIEND
SecurityWeek
Privacy Platform Cloaked Raises $375M to Expand Enterprise Reach
FOE
Ars Technica (Security)
Google details new 24-hour process to sideload unverified Android apps
FOE
Bleeping Computer
Bitrefill blames North Korean Lazarus group for cyberattack
FOE
CSO Online
Beijing wants its own quantum-resistant encryption standards rather than adopt NIST’s
FOE
Sophos News
Android devices ship with firmware-level malware
FOE
Bleeping Computer
FBI seizes Handala data leak site after Stryker cyberattack
FOE
The Register (Security)
Lock down Microsoft Intune, feds warn after Stryker attack
FOE
SecurityWeek
Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury
FOE
SecurityWeek
Marquis Data Breach Affects 672,000 Individuals
FOE
Bleeping Computer
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
FOE
CSO Online
Telnet vulnerability opens door to remote code execution as root
FOE
The Hacker News
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
FOE
SecurityWeek
Security Firm Aura Discloses Data Breach Impacting 900,000 Records
FOE
Bleeping Computer
7 Ways to Prevent Privilege Escalation via Password Resets
FRIEND
SecurityWeek
Hacker Conversations: Ben Harris, from Unintentional Young Hacker to Intentional Adult CEO
FOE
SecurityWeek
Russian APT Exploits Zimbra Vulnerability Against Ukraine
FOE
Bleeping Computer
Max severity Ubiquiti UniFi flaw may allow account takeover
FOE
CSO Online
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
FOE
The Hacker News
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
CISA Alerts
Schneider Electric EcoStruxure Automation Expert
FOE
CISA Alerts
Schneider Electric Modicon M241, M251, and M262
FOE
CISA Alerts
Mitsubishi Electric CNC Series
FOE
CISA Alerts
CTEK Chargeportal
FOE
CISA Alerts
Automated Logic WebCTRL Premium Server
FOE
CISA Alerts
IGL-Technologies eParking.fi
FOE
CISA Alerts
Schneider Electric EcoStruxure PME and EPO
FOE
CISA Alerts
Schneider Electric Modicon Controllers M241, M251, M258, and LMC058
FOE
Bleeping Computer
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
FOE
The Hacker News
How Ceros Gives Security Teams Visibility and Control in Claude Code
FRIEND
SecurityWeek
Raven Emerges From Stealth With $20 Million in Funding
FOE
Bleeping Computer
New ‘Perseus’ Android malware checks user notes for secrets
FOE
Bleeping Computer
Critical Microsoft SharePoint flaw now exploited in attacks
FOE
CSO Online
5 key priorities for your RSAC 2026 agenda
FOE
CSO Online
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
FOE
Schneier on Security
Hacking a Robot Vacuum
FOE
SecurityWeek
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
FOE
The Hacker News
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
FOE
CSO Online
Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference
FOE
SecurityWeek
Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
FOE
Dark Reading
EU Sanctions Companies in China, Iran for Cyberattacks
FOE
CSO Online
Anthropic ban heralds new era of supply chain risk — with no clear playbook
FOE
The Hacker News
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
FRIEND
CSO Online
Cloud Access Security Broker – ein Kaufratgeber
FOE
Risky Business News
Srsly Risky Biz: Successful War Leaves Iran With One Option, Cyber
FOE
SANS Internet Storm Center
Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
FOE
Sophos News
Android devices ship with firmware-level malware
FOE
Recorded Future Blog
2025 Year in Review: Malicious, Infrastructure
FRIEND
The Register (Security)
Okta made a nightmare micromanager for your AI agents
FOE
Bleeping Computer
Aura confirms data breach exposing 900,000 marketing contacts
FOE
The Register (Security)
State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns
FOE
Dark Reading
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
FOE
Dark Reading
C2 Implant 'SnappyClient' Targets Crypto Wallets
FOE
Bleeping Computer
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
FOE
SecurityWeek
The Collapse of Predictive Security in the Age of Machine-Speed Attacks
FOE
Bleeping Computer
ConnectWise patches new flaw allowing ScreenConnect hijacking
FRIEND
SecurityWeek
Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
FOE
The Register (Security)
Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure
FOE
The Hacker News
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
FOE
Bleeping Computer
Ransomware gang exploits Cisco flaw in zero-day attacks since January
FOE
The Hacker News
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
FRIEND
SecurityWeek
Cloud Security Startup Native Exits Stealth With $42 Million in Funding
FOE
Bleeping Computer
Marquis: Ransomware gang stole data of 672K people in cyberattack
FOE
SecurityWeek
‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
FOE
Dark Reading
'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft
FOE
SecurityWeek
Virtual Summit Today: Supply Chain & Third-Party Risk Summit
FOE
SecurityWeek
EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
FOE
EPIC
Senators Demand Answers on Meta’s Plans for Facial Recognition ‘Smart’ Glasses, Following NYT Report and EPIC Letters
FOE
Bleeping Computer
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
FOE
Bleeping Computer
New “Darksword” iOS exploit used in infostealer attack on iPhones
FOE
SecurityWeek
Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches
FRIEND
SecurityWeek
Manifold Raises $8 Million for AI Detection and Response
FOE
The Register (Security)
North Korea's 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un
FOE
Bleeping Computer
Nordstrom's email system abused to send crypto scams to customers
FOE
SANS Internet Storm Center
Scans for "adminer", (Wed, Mar 18th)
FOE
Dark Reading
Meta, TikTok Steal Personal & Financial Info When Users Click Ads
FOE
Dark Reading
SideWinder Espionage Campaign Expands Across Southeast Asia
FOE
SecurityWeek
Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
FRIEND
SecurityWeek
Apple Debuts Background Security Improvements With Fresh WebKit Patches
FRIEND
The Register (Security)
Britain's satellite-watching gap to be plugged with £17.5M eyeball in Cyprus
FOE
CISA Alerts
CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FRIEND
CSO Online
Reco targets AI agent blind spots with new security capability
FOE
The Hacker News
Claude Code Security and Magecart: Getting the Threat Model Right
FOE
The Hacker News
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
FOE
Schneier on Security
Meta’s AI Glasses and Privacy
FOE
SecurityWeek
Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch
FOE
CSO Online
BSI moniert Software-Sicherheit im Gesundheitswesen
FRIEND
The Hacker News
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
FRIEND
EPIC
PRESS RELEASE: FTC Should Develop Privacy-Protective Age Assurance Standards, Leading Orgs Say
FOE
CSO Online
Can you prove the person on the other side is real?
FOE
CSO Online
ClickFix treibt neue Infostealer-Kampagnen an
FOE
CSO Online
Cybersecurity and privacy priorities for 2026: The legal risk map
FOE
The Hacker News
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
FOE
The Register (Security)
Iran's cyberattack against med tech firm is 'just the beginning'
FOE
CSO Online
CISOs rethink their data protection strategies
FRIEND
The Hacker News
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
FOE
The Hacker News
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
FRIEND
The Register (Security)
Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
FRIEND
CSO Online
Die besten Hacker-Filme
FOE
The Register (Security)
Japan to allow ‘proactive cyber-defense’ from October 1st
FOE
Risky Business News
Risky Bulletin: EU finally imposes more cyber sanctions
FOE
Bleeping Computer
Apple pushes first Background Security Improvements update to fix WebKit flaw
FOE
Dark Reading
More Attackers Are Logging In, Not Breaking In
FOE
Bleeping Computer
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
FRIEND
Dark Reading
Clear Communication: The Missing Link in Cybersecurity Success
FOE
Dark Reading
Less Lucrative Ransomware Market Makes Attackers Alter Methods
FRIEND
Ars Technica (Security)
How World ID wants to put a unique human identity on every AI agent
FOE
The Register (Security)
World<s>Coin</s>'s newest pitch: Scan your eyeballs to prove AI agents really represent you
FOE
EPIC
EPIC Joins Coalition to Urge OpenAI to Withdraw California AI Safety Ballot Initiative
FOE
Dark Reading
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish
FRIEND
CSO Online
Nvidia NemoClaw promises to run OpenClaw agents securely
FOE
The Intercept (Privacy)
Trump Wants to Put You in a Massive, Secret Government Database
FOE
Bleeping Computer
Europe sanctions Chinese and Iranian firms for cyberattacks
FOE
Ars Technica (Security)
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
FOE
The Hacker News
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
FOE
The Register (Security)
EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach
FRIEND
SecurityWeek
Tech Giants Invest $12.5 Million in Open Source Security
FOE
SecurityWeek
UK Companies House Exposed Details of Millions of Firms
FOE
Dark Reading
Warlock Ransomware Group Augments Post-Exploitation Activities
FOE
The Hacker News
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
FRIEND
SecurityWeek
Surf AI Raises $57 Million for Agentic Security Operations Platform
FOE
Bleeping Computer
Top 5 Things CISOs Need to Do Today to Secure AI Agents
FOE
Bleeping Computer
New font-rendering trick hides malicious commands from AI tools
FRIEND
Bleeping Computer
Microsoft stops force-installing the Microsoft 365 Copilot app
FOE
SecurityWeek
Robotic Surgery Giant Intuitive Discloses Cyberattack
FOE
CSO Online
Cyber-Attacken fluten Eon-Netz: Angriffe verzehnfacht
FOE
SecurityWeek
174 Vulnerabilities Targeted by RondoDox Botnet
FRIEND
SecurityWeek
Google, Meta, Microsoft Among Signatories of Pact to Combat Scams
FOE
Bleeping Computer
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
FRIEND
Bleeping Computer
Microsoft shares fix for Windows C: drive access issues on Samsung PCs
FOE
CISA Alerts
Schneider Electric SCADAPack and RemoteConnect
FOE
CISA Alerts
Schneider Electric EcoStruxure Data Center Expert
FOE
CISA Alerts
Siemens SICAM SIAPP SDK
FOE
CISA Alerts
CODESYS in Festo Automation Suite
FRIEND
SecurityWeek
Tracebit Raises $20M for Cloud-Native Deception Technology
FOE
SANS Internet Storm Center
IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
FOE
The Hacker News
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
FOE
CSO Online
AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch
FRIEND
Bleeping Computer
New Windows 11 hotpatch fixes Bluetooth device visibility issue
FOE
SecurityWeek
CISA Flags Year-Old Wing FTP Vulnerability as Exploited
FOE
Bleeping Computer
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
FOE
SecurityWeek
AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks
FOE
Schneier on Security
South Korean Police Accidentally Post Cryptocurrency Wallet Password
FOE
The Hacker News
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
FOE
The Register (Security)
Too big to ignore, too small to be served: the midmarket security gap
FRIEND
The Register (Security)
Switzerland built a secure alternative to BGP. The rest of the world hasn't noticed yet
FRIEND
EFF Deeplinks
Bonus Podcast Episode: Privacy’s Defender - Cindy Cohn with Cory Doctorow
FOE
CSO Online
Runtime: The new frontier of AI agent security
FOE
The Hacker News
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
FOE
The Register (Security)
Gartner suggests Friday afternoon Copilot ban because users may be too lazy to check its mistakes
FRIEND
CSO Online
6 Risk-Assessment-Frameworks im Vergleich
FOE
CSO Online
Was ist ein Keylogger?
FRIEND
The Register (Security)
Bank built its own threat hunting agent because vendors can’t keep pace with new threats
FOE
Dark Reading
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
FOE
Dark Reading
GlassWorm Malware Evolves to Hide in Dependencies
FOE
EPIC
The Associated Press: Tax scams are on the rise. Here’s what to know
FRIEND
Dark Reading
Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026
FOE
The Register (Security)
Robotics surgical biz Intuitive discloses phishing attack
FOE
The Hacker News
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
FRIEND
EPIC
EPIC Testifies in Support of Colorado Bill on Surveillance Pricing and Wages
FOE
EFF Deeplinks
Blocking the Internet Archive Won’t Stop AI, But It Will Erase the Web’s Historical Record
FOE
Bleeping Computer
Stryker attack wiped tens of thousands of devices, no malware needed
FOE
The Register (Security)
Cybercrime has skyrocketed 245% since the start of the Iran war
FOE
Bleeping Computer
CISA flags Wing FTP Server flaw as actively exploited in attacks
FOE
Bleeping Computer
UK’s Companies House confirms security flaw exposed business data
FOE
The Register (Security)
AI finally delivers those elusive productivity gains... for cybercriminals
FOE
Bleeping Computer
Microsoft Exchange Online outage blocks access to mailboxes
FOE
SecurityWeek
Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact
FOE
SecurityWeek
Security Firm Executive Targeted in Sophisticated Phishing Attack
FOE
The Hacker News
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
FOE
Dark Reading
Attackers Abuse LiveChat to Phish Credit Card, Personal Data
FOE
Bleeping Computer
Shadow AI is everywhere. Here’s how to find and secure it.
FOE
SANS Internet Storm Center
/proxy/ URL scans with IP addresses, (Mon, Mar 16th)
FOE
SecurityWeek
China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
FOE
SecurityWeek
Threat Actor Targeting VPN Users in New Credential Theft Campaign
FOE
The Register (Security)
Flaw in UK's corporate registry let directors rummage through rival records
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FRIEND
The Hacker News
Why Security Validation Is Becoming Agentic
FOE
SecurityWeek
ForceMemo: Python Repositories Compromised in GlassWorm Aftermath
FOE
The Hacker News
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
FOE
CSO Online
Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse
FOE
CSO Online
Nine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at risk
FOE
Schneier on Security
Possible New Result in Quantum Factorization
FOE
The Hacker News
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
FOE
SecurityWeek
Hacking Attempt Reported at Poland’s Nuclear Research Center
FRIEND
CSO Online
What it takes to win that CSO role
FOE
CSO Online
ClickFix techniques evolve in new infostealer campaigns
FRIEND
The Hacker News
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
FRIEND
CSO Online
GenAI-Security als Checkliste
FOE
Risky Business News
Risky Bulletin: Meta disrupts Mexican cartels
FOE
Recorded Future Blog
2025 Identity Threat Landscape Report: Inside the Infostealer Economy: Credential Threats in 2025
FOE
The Register (Security)
Outsourcer Telus admits to attack – may have lost a petabyte of data to ShinyHunters
FRIEND
Bleeping Computer
OpenAI says ChatGPT ads are not rolling out globally for now
FOE
EPIC
The Guardian: Hacked data shines light on homeland security’s AI surveillance ambitions
FOE
EFF Deeplinks
The Foilies 2026
FRIEND
Bleeping Computer
Betterleaks, a new open-source secrets scanner to replace Gitleaks
FOE
SecurityWeek
Loblaw Data Breach Impacts Customer Information
FOE
The Intercept (Privacy)
Crypto Spends Big in Illinois House Races to Say Consumer Rights Supporters Are Corrupt
FRIEND
Bleeping Computer
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
FOE
The Hacker News
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
FRIEND
Schneier on Security
Upcoming Speaking Engagements
FOE
Bleeping Computer
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
FOE
The Hacker News
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
FOE
SecurityWeek
Critical HPE AOS-CX Vulnerability Allows Admin Password Resets
FOE
SANS Internet Storm Center
SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)
FOE
Bleeping Computer
Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
FRIEND
Schneier on Security
Friday Squid Blogging: Increased Squid Population in the Falklands
FOE
Bleeping Computer
FBI seeks victims of Steam games used to spread malware
FOE
Ars Technica (Security)
Supply-chain attack using invisible code hits GitHub and other repositories
FOE
EPIC
League of Women Voters, EPIC Urge Court to Protect Privacy and Voting Rights by Reversing Illegal Overhaul of SAVE System
FOE
CSO Online
Google warns of two actively exploited Chrome zero days
FOE
Dark Reading
Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos
FRIEND
EPIC
EPIC Testifies in Support of Maryland Chatbots Bill
FRIEND
EFF Deeplinks
EFF Launches New Fight to Free the Law
FOE
Dark Reading
The Data Gap: Why Nonprofit Cyber Incidents Go Underreported
FOE
The Hacker News
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
FOE
The Register (Security)
Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
FOE
Dark Reading
Cyberattackers Don't Care About Good Causes
FRIEND
Bleeping Computer
Poland's nuclear research centre targeted by cyberattack
FOE
The Hacker News
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
FOE
Bleeping Computer
Microsoft investigates classic Outlook sync and connection issues
FOE
EPIC
In McCarthy v. Amazon, Ninth Circuit Allows “Suicide Kit” Lawsuits Against Amazon to Proceed
FOE
Sophos News
Initial access techniques used by Iran-based threat actors
FOE
CSO Online
Cyber criminals too are working from home… your home
FOE
Dark Reading
Will AI Save Consumers From Smartphone-Based Phishing Attacks?
FOE
SecurityWeek
Starbucks Data Breach Impacts Employees
FRIEND
The Hacker News
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
FOE
The Intercept (Privacy)
I Wrote a Movie Review. Cops Took It From A Protester’s Home to Make the Case That He’s a Terrorist.
FOE
SecurityWeek
In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown
FRIEND
Bleeping Computer
From VMware to what’s next: Protecting data during hypervisor migration
FOE
EPIC
Bloomberg Law: Complying With California Kids Code Is Suddenly More Complicated
FOE
The Hacker News
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
FRIEND
Bleeping Computer
Police sinkholes 45,000 IP addresses in cybercrime crackdown
FOE
The Hacker News
Investigating a New Click-Fix Variant
FOE
Bleeping Computer
Fake enterprise VPN downloads used to steal company credentials
FOE
Dark Reading
Most Google Cloud Attacks Start With Bug Exploitation
FOE
Dark Reading
Real-Time Banking Trojan Strikes Brazil's Pix Users
FOE
The Register (Security)
Interpol cybercrime crackdown leads to 94 arrests, 45,000 IP takedowns
FOE
SecurityWeek
Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War
FOE
CSO Online
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FRIEND
The Register (Security)
NanoClaw latches onto Docker Sandboxes for safer AI agents
FRIEND
SecurityWeek
Bold Security Emerges From Stealth With $40 Million in Funding
FOE
The Register (Security)
Google rushes Chrome update fixing two zero-days already under attack
FRIEND
SecurityWeek
Google Paid Out $17 Million in Bug Bounty Rewards in 2025
FOE
Schneier on Security
Academia and the “AI Brain Drain”
FOE
SecurityWeek
Iran-Linked Hacker Attack on Stryker Disrupted Manufacturing and Shipping
FOE
SecurityWeek
Onyx Security Launches With $40 Million in Funding
FOE
The Hacker News
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
FRIEND
CSO Online
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
FOE
CSO Online
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
FRIEND
SecurityWeek
Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet
FOE
The Hacker News
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
FOE
Bleeping Computer
Starbucks discloses data breach affecting hundreds of employees
FOE
SecurityWeek
Chrome 146 Update Patches Two Exploited Zero-Days
FOE
SANS Internet Storm Center
A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
FOE
CSO Online
The cyber perimeter was never dead. We just abandoned it.
FOE
Bleeping Computer
Google fixes two new Chrome zero-days exploited in attacks
FRIEND
The Hacker News
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
FOE
The Hacker News
Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution
FRIEND
CSO Online
10 Kennzahlen, die CISOs weiterbringen
FOE
Risky Business News
Risky Bulletin: Another residential proxy provider falls as authorities continue crackdowns
FOE
CSO Online
Telus Digital hit with massive data breach
FRIEND
Sophos News
March Patch Tuesday visits 15 product families
FOE
Sophos News
Initial access techniques used by Iran-based threat actors
FOE
The Register (Security)
Rogue AI agents can work together to hack systems and steal secrets
FRIEND
EPIC
Ninth Circuit Deals Another Blow to Big Tech’s Campaign for Broad Immunity from Regulation, Allows Parts of California’s Design Code to Go into Effect
FOE
Ars Technica (Security)
The who, what, and why of the attack that has shut down Stryker's Windows network"
FRIEND
Dark Reading
Why Post-Quantum Cryptography Can't Wait
FOE
Bleeping Computer
Canadian retail giant Loblaw notifies customers of data breach
FOE
Dark Reading
Iran MOIS Colludes With Criminals to Boost Cyberattacks
FOE
Bleeping Computer
England Hockey investigating ransomware data breach
FOE
Dark Reading
Commercial Spyware Opponents Fear US Policy Shifting
FOE
Bleeping Computer
AI-generated Slopoly malware used in Interlock ransomware attack
FRIEND
Schneier on Security
iPhones and iPads Approved for NATO Classified Data
FOE
EFF Deeplinks
A.B. 1043’s Internet Age Gates Hurt Everyone
FOE
EFF Deeplinks
Rep. Finke Was Right: Age-Gating Isn’t About Kids, It’s About Control
FOE
CSO Online
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
FOE
The Hacker News
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
FRIEND
Dark Reading
Delinea's StrongDM Acquisition Highlights the Changing Role of PAM
FOE
The Hacker News
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
FOE
Bleeping Computer
Veeam warns of critical flaws exposing backup servers to RCE attacks
FOE
Dark Reading
Why Stryker's Outage Is a Disaster Recovery Wake-Up Call
FRIEND
The Register (Security)
Operating Lightning takes down SocksEscort proxy network blamed for tens of millions in fraud
FRIEND
Bleeping Computer
US disrupts SocksEscort proxy network powered by Linux malware
FRIEND
Bleeping Computer
Google paid $17.1 million for vulnerability reports in 2025
FOE
SecurityWeek
Apple Updates Legacy iOS Versions to Patch Coruna Exploits
FOE
Bleeping Computer
Telus Digital confirms breach after hacker claims 1 petabyte data theft
FOE
Dark Reading
What Orgs Can Learn From Olympics, World Cup IR Plans
FOE
Bleeping Computer
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
FRIEND
BrightTALK InfoSec
Building Resilient Cloud Security Architectures for Today’s Threat Landscape
FRIEND
Bleeping Computer
Apple patches older iPhones and iPads against Coruna exploits
FOE
The Register (Security)
CISA warns max-severity n8n bug is being exploited in the wild
FOE
The Hacker News
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
FRIEND
SecurityWeek
Meta Launches New Protection Tools as It Helps Disrupt Scam Centers
FOE
The Hacker News
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
FOE
EPIC
DOJ Wants Sensitive Voter Data but Can’t Be Bothered to Protect It
FOE
SecurityWeek
Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks
FOE
SecurityWeek
The Human IOC: Why Security Professionals Struggle with Social Vetting
FOE
SecurityWeek
Splunk, Zoom Patch Severe Vulnerabilities
FOE
CISA Alerts
Siemens Heliox EV Chargers
FOE
CISA Alerts
Inductive Automation Ignition Software
FOE
CISA Alerts
Trane Tracer SC, Tracer SC+, and Tracer Concierge
FOE
CISA Alerts
Siemens RUGGEDCOM APE1808 Devices
FOE
CISA Alerts
Siemens SIMATIC
FOE
CISA Alerts
Siemens SIDIS Prime
FOE
CSO Online
PhantomRaven returns to npm with 88 bad packages
FOE
Bleeping Computer
US charges another ransomware negotiator linked to BlackCat attacks
FOE
The Hacker News
Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
FOE
SecurityWeek
Cisco Patches High-Severity IOS XR Vulnerabilities
FOE
The Hacker News
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
FOE
SecurityWeek
Critical N8n Vulnerabilities Allowed Server Takeover
FOE
SecurityWeek
Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea
FOE
CSO Online
North Korean fake IT worker tradecraft exposed
FOE
The Hacker News
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
FOE
CSO Online
AI use is changing how much companies pay for cyber insurance
FOE
CSO Online
“Zombie ZIP”: Neue Angriffstechnik täuscht Virenscanner
FOE
The Hacker News
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
FRIEND
CSO Online
Wie CISOs schlechte Angebote enttarnen
FOE
Risky Business News
Srsly Risky Biz: Trump's Cyber Strategy… Great, Amazing, The Best Yet
FOE
The Register (Security)
China’s CERT warns OpenClaw can inflict nasty wounds
FOE
SANS Internet Storm Center
When your IoT Device Logs in as Admin, It?s too Late! [Guest Diary], (Wed, Mar 11th)
FRIEND
Recorded Future Blog
February 2026 CVE Landscape: 13 Critical Vulnerabilities Mark 43% Drop from January
FOE
CSO Online
Resumés with malicious ISO attachments are circulating, says Aryaka
FOE
CSO Online
CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws
FRIEND
EFF Deeplinks
Certbot and Let's Encrypt Now Support IP Address Certificates
FOE
The Register (Security)
Iran plots 'infrastructure warfare' against US tech giants
FOE
Dark Reading
A Guy Who Wrote the Code Died in 2005. I Still Have to Secure It
FOE
The Intercept (Privacy)
Trump’s AI-Powered World Wars
FOE
Dark Reading
INC Ransomware Group Holds Healthcare Hostage in Oceania
FOE
Ars Technica (Security)
14,000 routers are infected by malware that's highly resistant to takedowns
FOE
The Register (Security)
Iran-linked cyber crew says they hit US med-tech firm
FOE
Dark Reading
Xygeni GitHub Action Compromised Via Tag Poison
FRIEND
Bleeping Computer
WhatsApp introduces parent-managed accounts for pre-teens
FOE
Bleeping Computer
SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
FRIEND
SecurityWeek
Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command
FOE
Bleeping Computer
CISA orders feds to patch n8n RCE flaw exploited in attacks
FRIEND
The Register (Security)
Meta, international cops use handcuffs and AI to stop scammers
FOE
Bleeping Computer
Medtech giant Stryker offline after Iran-linked wiper malware attack
FOE
Bleeping Computer
New PhantomRaven NPM attack wave steals dev data via 88 packages
FOE
The Hacker News
Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes
FOE
Krebs on Security
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
FOE
SecurityWeek
MedTech Giant Stryker Crippled by Iran-Linked Hacker Attack
FOE
The Hacker News
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
FOE
EFF Deeplinks
Government Spying 🤝 Targeted Advertising | EFFector 38.5
FOE
Dark Reading
Chinese Nexus Actors Shift Focus to Qatar Amid Iranian Conflict
FRIEND
SecurityWeek
Wiz Joins Google Cloud as Landmark Acquisition Closes
FOE
The Register (Security)
ICO fines Police Scotland over data-sharing debacle in gross misconduct case
FRIEND
SecurityWeek
CISO Conversations: Aimee Cardwell
FOE
SecurityWeek
238,000 Impacted by Bell Ambulance Data Breach
FRIEND
Bleeping Computer
Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools
FRIEND
SecurityWeek
Scanner Raises $22 Million for AI-Powered Threat Hunting
FRIEND
The Hacker News
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
FRIEND
CSO Online
AWS expands Security Hub for multicloud security operations
FOE
The Register (Security)
Swiss e-voting pilot can't count 2,048 ballots after USB keys fail to decrypt them
FOE
The Hacker News
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
FRIEND
SecurityWeek
OpenAI to Acquire AI Security Startup Promptfoo
FOE
The Register (Security)
Dutch cops bust teen suspected of posing as bank staff to steal cards
FOE
SecurityWeek
Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FRIEND
SecurityWeek
How to 10x Your Vulnerability Management Program in the Agentic Era
FOE
CSO Online
Overly permissive ‘guest’ settings put Salesforce customers at risk
FOE
The Hacker News
What Boards Must Demand in the Age of AI-Automated Exploitation
FRIEND
The Register (Security)
EU legal eagle says banks should refund cybercrime victims first, argue later
FOE
SecurityWeek
Michelin Confirms Data Breach Linked to Oracle EBS Attack
FOE
Schneier on Security
Canada Needs Nationalized, Public AI
FOE
CSO Online
Why zero trust breaks down in IoT and OT environments
FOE
CSO Online
Did cybersecurity recently have its Gatling gun moment?
FRIEND
SecurityWeek
Quantro Security Emerges From Stealth With $2.5 Million in Funding
FOE
CSO Online
Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials
FRIEND
CSO Online
CSO Awards 2026 celebrates world-class security strategies
FRIEND
CSO Online
Announcing the 2026 CSO Hall of Fame honorees
FOE
CSO Online
A 5-step approach to taming shadow AI
FOE
SANS Internet Storm Center
Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)
FOE
SecurityWeek
‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload
FOE
The Hacker News
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
FRIEND
The Register (Security)
Building the UK’s next generation of cyber talent
FOE
Privacy International
Privacy International’s remarks at the side event of the 61st Session of the UN Human Rights Council on the Human Rights Impacts of Using Artificial Intelligence in Countering Terrorism
FRIEND
SecurityWeek
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric
FOE
The Hacker News
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
FOE
CSO Online
12 ways attackers abuse cloud services to hack your enterprise
FOE
The Hacker News
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
FOE
CSO Online
6 Mittel gegen Security-Tool-Wildwuchs
FOE
CSO Online
Jack & Jill went up the hill — and an AI tried to hack them
FOE
Dark Reading
Middle East Conflict Highlights Cloud Resilience Gaps
FRIEND
Dark Reading
Microsoft Patches 83 CVEs in March Update
FRIEND
Krebs on Security
Microsoft Patch Tuesday, March 2026 Edition
FOE
Sophos News
Evil evolution: ClickFix and macOS infostealers
FOE
CSO Online
March Patch Tuesday: Three high severity holes in Microsoft Office
FOE
EFF Deeplinks
Copyright Bullying vs. Religious Freedom
FOE
Bleeping Computer
New ‘BlackSanta’ EDR killer spotted targeting HR departments
FRIEND
Risky Business News
Risky Bulletin: Gen. Joshua Rudd confirmed as next CyberCom and NSA head
FOE
EPIC
EPIC Leads Group of Law & Technology Scholars in Rebutting Social Media Companies’ Arguments that Surveillance-Based Feeds Are Constitutionally-Protected Speech
FOE
Bleeping Computer
New BeatBanker Android malware poses as Starlink app to hijack devices
FOE
Dark Reading
'Overly Permissive' Salesforce Cloud Configs in the Crosshairs
FOE
EFF Deeplinks
Think Twice Before Buying or Using Meta’s Ray-Bans
FRIEND
EPIC
Maine Senate Passes Strong Privacy Bill
FOE
EFF Deeplinks
The Government Must Not Force Companies to Participate in AI-powered Surveillance
FOE
The Register (Security)
Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
FOE
Bleeping Computer
New 'Zombie ZIP' technique lets malware slip past security tools
FOE
CSO Online
Threat intelligence by ESET is a game changer
FRIEND
CSO Online
The CSO role is evolving fast with AI in Cyber Defense strategy
FRIEND
SecurityWeek
Microsoft Patches 83 Vulnerabilities
FOE
Dark Reading
Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit
FOE
The Register (Security)
Cybercrime isn't just a cover for Iran's government goons - it's a key part of their operations
FRIEND
Bleeping Computer
Microsoft releases Windows 10 KB5078885 extended security update
FOE
SecurityWeek
Adobe Patches 80 Vulnerabilities Across Eight Products
FOE
Bleeping Computer
Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
FRIEND
SecurityWeek
Jazz Emerges From Stealth With $61M in Funding for AI-Powered DLP
FRIEND
Bleeping Computer
Windows 11 KB5079473 & KB5078883 cumulative updates released
FOE
SANS Internet Storm Center
Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
FOE
Bleeping Computer
HPE warns of critical AOS-CX flaw allowing admin password resets
FOE
The Register (Security)
Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts
FOE
The Hacker News
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
FOE
The Hacker News
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
FRIEND
Bleeping Computer
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
FRIEND
SecurityWeek
Kai Emerges From Stealth With $125M in Funding for AI Platform Bridging IT and OT Security
FOE
SecurityWeek
Webinar Today: Securing Fragile OT in an Exposed World
FOE
Bleeping Computer
New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
FOE
Sophos News
Evil evolution: ClickFix and macOS infostealers
FOE
SecurityWeek
SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities
FOE
SecurityWeek
Thousands Affected by Ericsson Data Breach
FOE
EPIC
EPIC Leads Coalition Demanding the Government Reverse Illegal Data Grab… Again
FOE
Bleeping Computer
The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
FOE
The Register (Security)
Fake job applications pack malware that kills EDR before stealing data
FOE
Dark Reading
'BlackSanta' EDR Killer Targets HR Workflows
FRIEND
SecurityWeek
OpenAI Rolls Out Codex Security Vulnerability Scanner
FRIEND
SecurityWeek
Kevin Mandia’s Armadin Launches With $190 Million in Funding
FOE
The Hacker News
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
FOE
SecurityWeek
Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign
FOE
The Register (Security)
Ericsson blames vendor vishing slip-up for breach exposing thousands of records
FRIEND
The Register (Security)
Protecting democracy means democratizing cybersecurity. Bring on the hackers
FOE
CISA Alerts
Honeywell IQ4x BMS Controller
FOE
CISA Alerts
Ceragon Siklu MultiHaul and EtherHaul Series
FOE
CISA Alerts
Apeman Cameras
FOE
CISA Alerts
Lantronix EDS3000PS and EDS5000
FRIEND
SecurityWeek
Escape Raises $18 Million to Automate Pentesting
FOE
SecurityWeek
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
FOE
The Hacker News
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
FOE
The Register (Security)
Polish cops bust alleged teen DDoS kit sellers – youngest just 12
FOE
Bleeping Computer
CISA: Recently patched Ivanti EPM flaw now actively exploited
FOE
CSO Online
Devs looking for OpenClaw get served a GhostClaw RAT
FOE
SecurityWeek
SIM Swaps Expose a Critical Flaw in Identity Security
FRIEND
The Hacker News
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
FOE
The Hacker News
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
FRIEND
Bleeping Computer
Microsoft to enable Windows hotpatch security updates by default
FOE
Bleeping Computer
APT28 hackers deploy customized variant of Covenant open-source tool
FOE
CSO Online
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
FOE
Schneier on Security
Jailbreaking the F-35 Fighter Jet
FRIEND
CSO Online
OpenAI to acquire Promptfoo to strengthen AI agent security testing
FOE
CSO Online
Why access decisions are becoming the weakest link in identity security
FRIEND
CSO Online
I replaced manual pen tests with automation. Here’s what I learned.
FOE
The Hacker News
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
FRIEND
SecurityWeek
Cylake Raises $45 Million to Secure Organizations Barred From Cloud
FOE
CSO Online
When AI safety constrains defenders more than attackers
FOE
The Hacker News
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
FOE
CSO Online
Security-Tools für KI-Infrastrukturen – ein Kaufratgeber
FOE
CSO Online
Hacker abusing .arpa domain to evade phishing detection, says Infoblox
FOE
Bleeping Computer
Microsoft Teams phishing targets employees with A0Backdoor malware
FOE
The Register (Security)
AI vs AI: Agent hacked McKinsey's chatbot and gained full read-write access in just two hours
FOE
Bleeping Computer
Google: Cloud attacks exploit flaws more than weak credentials
FOE
Bleeping Computer
Dutch govt warns of Signal, WhatsApp account hijacking attacks
FOE
Dark Reading
White House Cyber Strategy Prioritizes Offense
FOE
Dark Reading
'InstallFix' Attacks Spread Fake Claude Code Sites
FOE
EFF Deeplinks
The SAFE Act is an Imperfect Vehicle for Real Section 702 Reform
FRIEND
EFF Deeplinks
Privacy's Defender: Launch Party in Berkeley
FOE
Bleeping Computer
Ericsson US discloses data breach after service provider hack
FOE
The Hacker News
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
FOE
The Register (Security)
ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
FRIEND
CSO Online
CVE program funding secured, easing fears of repeat crisis
FRIEND
EFF Deeplinks
EFFecting Change: Privacy's Defender
FRIEND
Bleeping Computer
Microsoft Teams will tag third-party bots trying to join meetings
FOE
Bleeping Computer
ShinyHunters claims ongoing Salesforce Aura data theft attacks
FOE
The Register (Security)
EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen
FRIEND
SecurityWeek
Cybersecurity M&A Roundup: 42 Deals Announced in February 2026
FOE
Bleeping Computer
FBI warns of phishing attacks impersonating US city, county officials
FRIEND
SANS Internet Storm Center
Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th)
FOE
The Hacker News
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
FOE
Bleeping Computer
Why Password Audits Miss the Accounts Attackers Actually Want
FOE
Bleeping Computer
Microsoft still working to fix Windows Explorer white flashes
FOE
The Hacker News
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
FOE
The Register (Security)
Dutch cops warn 100 alleged scammers: Turn yourselves in or we tell Grandma
FOE
SecurityWeek
ClickFix Attack Uses Windows Terminal to Evade Detection
FOE
The Register (Security)
Russian cybercrims phish their way into officials' Signal and WhatsApp accounts
FOE
SecurityWeek
Internet Infrastructure TLD .arpa Abused in Phishing Attacks
FOE
Dark Reading
Chinese Cyber Threat Lurks In Critical Asian Sectors for Years
FOE
CISA Alerts
CISA Adds Three Known Exploited Vulnerabilities to Catalog
FOE
The Register (Security)
Microsoft Azure CTO set Claude on his 1986 Apple II code, says it found vulns
FRIEND
CSO Online
OpenAI says Codex Security found 11,000 high-impact bugs in a month
FRIEND
The Hacker News
Can the Security Platform Finally Deliver for the Mid-Market?
FOE
SecurityWeek
Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign
FOE
Schneier on Security
New Attack Against Wi-Fi
FRIEND
CSO Online
NIS-2: Tausende reißen BSI-Frist und riskieren Strafen
FOE
The Hacker News
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
FOE
The Register (Security)
Royal Navy races to arm ships against drone threat
FOE
CSO Online
Rogues gallery: 15 worst ransomware groups active today
FOE
The Hacker News
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
FRIEND
CSO Online
4 ways to prepare your SOC for agentic AI
FOE
CSO Online
PQC roadmap remains hazy as vendors race for early advantage
FOE
CSO Online
Tarnung als Taktik: Warum Ransomware-Angriffe raffinierter werden
FOE
The Register (Security)
Iran is the first out-loud cyberwar the US has fought
FRIEND
Risky Business News
Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime
FOE
Krebs on Security
How AI Assistants are Moving the Security Goalposts
FOE
The Register (Security)
FBI is investigating breach that may have hit its wiretapping tools
FRIEND
Bleeping Computer
EU court adviser says banks must immediately refund phishing victims
FOE
Bleeping Computer
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
FOE
SecurityWeek
Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited
FOE
The Intercept (Privacy)
OpenAI on Surveillance and Autonomous Killings: You’re Going to Have to Trust Us
FOE
The Register (Security)
AI agents now help attackers, including North Korea, manage their drudge work
FOE
The Intercept (Privacy)
Columbia Flouted Its Own Policies and Let ICE Into University Buildings
FRIEND
The Hacker News
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
FOE
Bleeping Computer
Termite ransomware breaches linked to ClickFix CastleRAT attacks
FRIEND
SecurityWeek
US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies
FOE
Bleeping Computer
Microsoft: Hackers abusing AI at every stage of cyberattacks
FOE
SecurityWeek
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
FOE
SecurityWeek
Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare
FOE
Ars Technica (Security)
From Iran to Ukraine, everyone's trying to hack security cameras
FRIEND
The Hacker News
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
FRIEND
SANS Internet Storm Center
YARA-X 1.14.0 Release, (Sat, Mar 7th)
FOE
SecurityWeek
FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information
FRIEND
EFF Deeplinks
Admiring Our Heroes for International Women’s Day: Celebrating Women Who Have Received EFF Awards
FOE
CSO Online
Trump’s cyber strategy emphasizes offensive operations, deregulation, AI
FRIEND
EFF Deeplinks
Admiring Our Heroes for International Women’s Day: Five Women In Tech That EFF Admires
FOE
CSO Online
ClickFix attackers using new tactic to evade detection, says Microsoft
FRIEND
The Register (Security)
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
FOE
Bleeping Computer
Cognizant TriZetto breach exposes health data of 3.4 million patients
FOE
Ars Technica (Security)
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
FRIEND
Dark Reading
Cylake Offers AI-Native Security Without Relying on Cloud Services
FOE
The Register (Security)
Spyware disguised as emergency-alert app sent to Israeli smartphones
FOE
The Intercept (Privacy)
Dems Need to Wise Up: ICE Is a Threat to Our Elections
FOE
CSO Online
Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short
FOE
Dark Reading
North Korean APTs Use AI to Enhance IT Worker Scams
FOE
Schneier on Security
Anthropic and the Pentagon
FOE
CSO Online
FBI wiretap system tapped by hackers
FOE
CSO Online
OAuth vulnerability in n8n automation platform could lead to system compromise
FRIEND
SecurityWeek
ArmorCode Raises $16 Million for Exposure Management Platform
FOE
EFF Deeplinks
Weasel Words: OpenAI’s Pentagon Deal Won’t Stop AI‑Powered Surveillance
FOE
EFF Deeplinks
Weasel Words: OpenAI’s Pentagon Deal Won’t Stop AI‑Powered Surveillance
FOE
Bleeping Computer
CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
FOE
SecurityWeek
In Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Cameras Used in Khamenei Strike
FOE
The Hacker News
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
FRIEND
Dark Reading
EU Auto Rules Shift Gears on Cybersecurity Standards
FOE
The Register (Security)
Cisco warns of two more SD-WAN bugs under active attack
FRIEND
Bleeping Computer
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
FOE
Bleeping Computer
Fake Claude Code install guides push infostealers in InstallFix attacks
FOE
The Hacker News
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
FRIEND
Bleeping Computer
Microsoft 365 Backup to add file-level restore for faster recovery
FOE
Privacy International
What does it mean when Big Tech goes to war?
FOE
Dark Reading
Iran's Cyber-Kinetic War Doctrine Takes Shape
FOE
Dark Reading
Cyberattack on Mexico's Gov't Agencies Highlight AI Threat
FOE
The Register (Security)
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal
FOE
CSO Online
Targeted advertising is also targeting malware
FOE
SecurityWeek
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List
FRIEND
Privacy International
Privacy International & Women on Web - Securing Reproductive Justice: A Guide to Digital Privacy for Sexual and Reproductive Justice Activists
FOE
SecurityWeek
Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks
FOE
The Register (Security)
Son of government contractor arrested after alleged $46M crypto heist from US Marshals
FOE
Schneier on Security
Claude Used to Hack Mexican Government
FRIEND
SecurityWeek
James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO
FRIEND
The Register (Security)
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
FOE
SecurityWeek
Iranian APT Hacked US Airport, Bank, Software Company
FRIEND
The Hacker News
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
FOE
The Hacker News
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
FOE
The Register (Security)
Transport for London says 2024 breach affected 7M customers, not 5,000
FOE
Bleeping Computer
Ghanain man pleads guilty to role in $100 million fraud ring
FRIEND
SecurityWeek
Data Security Firm Evervault Raises $25 Million in Series B Funding
FOE
CSO Online
Teenage hacker myth primed for a middle-age criminal makeover
FOE
Bleeping Computer
FBI investigates breach of surveillance and wiretap systems
FOE
The Hacker News
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
FOE
CSO Online
Challenges and projects for the CISO in 2026
FOE
CSO Online
Zero-day exploits hit enterprises faster and harder
FOE
The Hacker News
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
FOE
The Hacker News
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
FOE
CSO Online
Europa im Visier von Cyber-Identitätsdieben
FRIEND
CSO Online
7 Anzeichen für akuten MSSP-Bedarf
FOE
Risky Business News
Risky Bulletin: Iranian hackers are scanning for security cameras to aid missile strikes
FRIEND
CSO Online
LeakBase marketplace unplugged by cops in 14 countries
FOE
The Register (Security)
Google says spyware makers and China-linked groups dominated zero-day attacks last year
FOE
Bleeping Computer
Chinese state hackers target telcos with new malware toolkit
FOE
Bleeping Computer
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
FOE
Dark Reading
Nation-State Actor Embraces AI Malware Assembly Line
FOE
Dark Reading
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
FOE
Bleeping Computer
Wikipedia hit by self-propagating JavaScript worm that vandalized pages
FRIEND
EPIC
EPIC Testifies in Support of Three Tech Policy Bills in Maryland
FOE
Dark Reading
Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical
FOE
The Register (Security)
Iran intelligence backdoored US bank, airport, software outfit networks
FOE
Bleeping Computer
WordPress membership plugin bug exploited to create admin accounts
FOE
Bleeping Computer
FBI arrests suspect linked to $46M crypto theft from US Marshals
FRIEND
EPIC
EPIC Testifies in Support of Michigan Kids Code
FOE
Schneier on Security
Israel Hacked Traffic Cameras in Iran
FOE
The Intercept (Privacy)
Congress Is Considering Abolishing Your Right to Be Anonymous Online
FOE
CSO Online
Cisco issues emergency patches for critical firewall vulnerabilities
FOE
Privacy International
Privacy International's response to the UK Home Office consultation on facial recognition technology
FRIEND
Dark Reading
Fig Security Emerges From Stealth to Fix Broken Security Operations
FOE
The Intercept (Privacy)
Nida Allam Concedes to Valerie Foushee With Razor-Thin Loss for Progressives in Key Midterm Primary
FRIEND
Dark Reading
Software Development Practices Help Enterprises Tackle Real-Life Risks
FOE
Privacy International
Privacy International's submission on the impact of digital and AI-assisted surveillance on assembly and association rights
FOE
The Hacker News
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
FOE
Bleeping Computer
Google says 90 zero-days were exploited in attacks last year
FOE
Bleeping Computer
2026 Browser Data Reveals Major Enterprise Security Blind Spots
FOE
SecurityWeek
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises
FOE
CSO Online
Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year
FOE
EFF Deeplinks
The Government Uses Targeted Advertising to Track Your Location. Here's What We Need to Do.
FOE
EFF Deeplinks
The Government Uses Targeted Advertising to Track Your Location. Here's What We Need to Do.
FOE
Dark Reading
LatAm Now Faces 2x More Cyberattacks Than US
FOE
The Hacker News
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
FRIEND
CSO Online
Europol: Großer Markt für gestohlene Daten geschlossen
FOE
The Hacker News
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
FRIEND
SecurityWeek
Russian Ransomware Operator Pleads Guilty in US
FOE
Bleeping Computer
Police dismantles online gambling ring exploiting Ukrainian women
FOE
The Register (Security)
UK watchdog eyes Meta's smart glasses after workers say they 'see everything'
FOE
SecurityWeek
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild
FOE
The Hacker News
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
FOE
CISA Alerts
CISA Adds Five Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
Delta Electronics CNCSoft-G2
FRIEND
CSO Online
Europol schließt riesigen Markt für gestohlene Daten
FOE
Schneier on Security
Hacked App Part of US/Israeli Propaganda Campaign Against Iran
FRIEND
SecurityWeek
Reclaim Security Raises $20 Million to Accelerate Remediation
FOE
The Hacker News
Where Multi-Factor Authentication Stops and Credential Abuse Starts
FOE
The Intercept (Privacy)
Federal Agents Are Intimidating Legal Observers at Their Homes: “They Know Where You Live.”
FRIEND
SecurityWeek
LeakBase Cybercrime Forum Shut Down, Suspects Arrested
FOE
Bleeping Computer
Cisco flags more SD-WAN flaws as actively exploited in attacks
FOE
The Hacker News
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
FOE
SecurityWeek
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products
FOE
Bleeping Computer
Phobos ransomware admin pleads guilty to wire fraud conspiracy
FRIEND
Google Project Zero
On the Effectiveness of Mutational Grammar Fuzzing
FOE
CSO Online
State-affiliated hackers set up for critical OT attacks that operators may not detect
FOE
The Hacker News
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
FRIEND
The Hacker News
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
FOE
CSO Online
14 old software bugs that took way too long to squash
FOE
CSO Online
Die besten Cyber-Recovery-Lösungen
FOE
SecurityWeek
Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks
FOE
Risky Business News
Srsly Risky Biz: The Four Hour Cyber War on Iran
FRIEND
CSO Online
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
FRIEND
SANS Internet Storm Center
Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th)
FRIEND
Sophos News
Optimize Your Sophos Firewall Security
FOE
The Register (Security)
'Hundreds' of Iranian hacking attempts have hit surveillance cameras since the missile strikes
FRIEND
Bleeping Computer
Bitwarden adds support for passkey login on Windows 11
FRIEND
EPIC
SCOTUS to Hear Case Over Proper Scope of the Video Privacy Protection Act (VPPA)
FOE
Bleeping Computer
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
FOE
Dark Reading
VMware Aria Operations Bug Exploited, Cloud Resources at Risk
FRIEND
Bleeping Computer
Windows 10 KB5075039 update fixes broken Recovery Environment
FOE
The Register (Security)
Malware-laced OpenClaw installers get Bing AI search boost
FOE
Bleeping Computer
Fake LastPass support email threads try to steal vault passwords
FRIEND
EPIC
EPIC Urges Virginia Governor to Sign Bill Banning Sale of Location Data
FRIEND
EFF Deeplinks
Speaking Freely: Shin Yang
FRIEND
EFF Deeplinks
Speaking Freely: Shin Yang
FRIEND
CSO Online
Why AI, Zero Trust, and modern security require deep visibility
FRIEND
CSO Online
The 10-hour problem: How visibility gaps are burning out the SOC
FOE
Bleeping Computer
Cisco warns of max severity Secure FMC flaws giving root access
FOE
Bleeping Computer
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks
FOE
Bleeping Computer
Hacker mass-mails HungerRush extortion emails to restaurant patrons
FRIEND
SecurityWeek
Tycoon 2FA Phishing Platform Dismantled in Global Takedown
FRIEND
Bleeping Computer
FBI seizes LeakBase cybercrime forum, data of 142,000 members
FOE
SecurityWeek
New LexisNexis Data Breach Confirmed After Hackers Leak Files
FOE
The Hacker News
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
FRIEND
Dark Reading
Stranger Things Meets Cybersecurity: Lessons from the Hive Mind
FRIEND
Bleeping Computer
Europol-coordinated action disrupts Tycoon2FA phishing platform
FRIEND
Dark Reading
Are We Ready for Auto Remediation With Agentic AI?
FOE
The Register (Security)
LexisNexis confirms data breach at Legal & Professional arm, some customer records affected
FRIEND
SecurityWeek
Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance
FOE
Bleeping Computer
Mississippi medical center reopens clinics hit by ransomware attack
FOE
Bleeping Computer
How a Brute Force Attack Unmasked a Ransomware Infrastructure Network
FOE
SecurityWeek
Hacker Conversations: Inti De Ceukelaire, Raging Against the Machine Creatively
FRIEND
EPIC
EPIC Tells Supreme Court that Geofence Searches Need a Warrant with Particularized Probable Cause
FOE
The Register (Security)
Kaspersky dismisses claims Coruna iPhone exploit kit is connected to NSA-linked operation
FOE
The Hacker News
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
FOE
CSO Online
Iranian cyberattacks fail to materialize but threat remains acute
FOE
SecurityWeek
How Pirated Software Turns Helpful Employees Into Malware Delivery Agents
FRIEND
SecurityWeek
AI Security Firm JetStream Launches With $34 Million in Seed Funding
FOE
Schneier on Security
Manipulating AI Summarization Features
FOE
SecurityWeek
LastPass Warns of New Phishing Campaign
FRIEND
SecurityWeek
Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity
FOE
SecurityWeek
Google Plans Two-Week Release Schedule for Chrome
FRIEND
The Hacker News
New RFP Template for AI Usage Control and AI Governance
FOE
Dark Reading
China's Silver Dragon Razes Governments in EU, SE Asia
FRIEND
SecurityWeek
Global Coalition Publishes 6G Security and Resilience Principles
FOE
SANS Internet Storm Center
Want More XWorm?, (Wed, Mar 4th)
FOE
The Hacker News
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
FOE
CSO Online
Anthropic AI ultimatums and IP theft: The unspoken risk
FOE
SecurityWeek
Critical FreeScout Vulnerability Leads to Full Server Compromise
FOE
The Hacker News
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
FOE
SecurityWeek
VMware Aria Operations Vulnerability Exploited in the Wild
FRIEND
CSO Online
How to know you’re a real-deal CSO — and whether that job opening truly seeks one
FOE
The Hacker News
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
FOE
CSO Online
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
FRIEND
The Register (Security)
Google feels the need for security speed, so will ship Chrome updates every two weeks
FRIEND
Dark Reading
Dark Reading Confidential: This Threat Hunter Helped Cops Bust Up An African Cybercrime Syndicate
FOE
Recorded Future Blog
Ongoing Iran Conflict: What You Need to Know
FRIEND
EFF Deeplinks
EFF to Third Circuit: Electronic Device Searches at the Border Require a Warrant
FRIEND
EFF Deeplinks
EFF to Third Circuit: Electronic Device Searches at the Border Require a Warrant
FOE
Bleeping Computer
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
FOE
The Register (Security)
Dev stunned by $82K Gemini bill after unknown API key thief goes to town
FOE
Risky Business News
Risky Bulletin: Cyber Command conducted cyberattacks ahead of Iran strikes
FOE
Bleeping Computer
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
FOE
Bleeping Computer
Facebook accounts unavailable in worldwide outage
FOE
Dark Reading
Indian APT 'Sloppy Lemming' Targets Defense, Critical Infrastructure
FRIEND
EFF Deeplinks
The Anthropic-DOD Conflict: Privacy Protections Shouldn’t Depend On the Decisions of a Few Powerful People
FRIEND
EFF Deeplinks
The Anthropic-DOD Conflict: Privacy Protections Shouldn’t Depend On the Decisions of a Few Powerful People
FOE
Bleeping Computer
Microsoft: Hackers abuse OAuth error flows to spread malware
FOE
The Register (Security)
Chat at your own risk! Data brokers are selling deeply personal bot transcripts
FOE
Dark Reading
Vehicle Tire Pressure Sensors Enable Silent Tracking
FOE
Dark Reading
Qualcomm Zero-Day Exploited in Targeted Android Attacks
FOE
SecurityWeek
Iranian Strikes on Amazon Data Centers Highlight Industry’s Vulnerability to Physical Disasters
FOE
Sophos News
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
FOE
The Register (Security)
Cyberwarriors elevated to big leagues in US war with Iran
FOE
Dark Reading
Speakeasies to Shadow AI: Banning AI Browsers Will Fail
FOE
The Hacker News
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
FRIEND
Bleeping Computer
Google Chrome shifts to two-week release cycle for increased stability
FRIEND
SecurityWeek
Fig Security Launches With $38 Million to Bolster SecOps Resilience
FRIEND
EFF Deeplinks
EFF to Supreme Court: Shut Down Unconstitutional Geofence Searches
FRIEND
EFF Deeplinks
EFF to Supreme Court: Shut Down Unconstitutional Geofence Searches
FOE
Bleeping Computer
LexisNexis confirms data breach as hackers leak stolen files
FOE
SecurityWeek
Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability
FOE
The Register (Security)
Turns out most cybercriminals are old enough to know better
FOE
SANS Internet Storm Center
Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
FOE
Bleeping Computer
Compromised Site Management Panels are a Hot Item in Cybercrime Markets
FRIEND
The Hacker News
Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
FOE
The Hacker News
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
FOE
The Register (Security)
Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite
FOE
SecurityWeek
Quantum Decryption of RSA is Much Closer than Expected
FOE
SecurityWeek
New ‘AirSnitch’ Attack Shows Wi-Fi Client Isolation Could be a False Sense of Security
FOE
SecurityWeek
1.2 Million Affected by University of Hawaii Cancer Center Data Breach
FOE
CSO Online
OAuth phishers make ‘check where the link points’ advice ineffective
FOE
Dark Reading
AI Agent Overload: How to Solve the Workload Identity Crisis
FOE
CSO Online
Jetzt Staats-CISO werden – für unter 160.000 Euro
FOE
SecurityWeek
Android Update Patches Exploited Qualcomm Zero-Day
FOE
Ars Technica (Security)
LLMs can unmask pseudonymous users at scale with surprising accuracy
FRIEND
SecurityWeek
Iran Cyber Front: Hacktivist Activity Rises, but State-Sponsored Attacks Stay Low
FRIEND
Schneier on Security
On Moltbook
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
Hitachi Energy Relion REB500 Product
FOE
CISA Alerts
Portwell Engineering Toolkits
FOE
CISA Alerts
Labkotec LID-3300IP
FOE
CISA Alerts
Everon OCPP Backends
FOE
CISA Alerts
ePower epower.ie
FOE
CISA Alerts
Mobiliti e-mobi.hu
FOE
CISA Alerts
Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module
FOE
CISA Alerts
Hitachi Energy RTU500 Product
FOE
Bleeping Computer
Amazon: Drone strikes damaged AWS data centers in Middle East
FOE
The Register (Security)
Chrome Gemini panel became privilege escalator for rogue extensions
FOE
Dark Reading
As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks
FOE
The Hacker News
AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
FOE
The Hacker News
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
FOE
The Register (Security)
Cybercriminals swipe 15.8M medical records from French doctors ministry
FOE
Bleeping Computer
Star Citizen game dev discloses breach affecting user data
FOE
SecurityWeek
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise
FOE
CSO Online
Studie: Hacker legen Betrieb bei vielen Unternehmen lahm
FOE
CSO Online
Epic Fury introduces new layer of enterprise risk
FOE
Bleeping Computer
UH Cancer Center data breach affects nearly 1.2 million people
FOE
SecurityWeek
Researchers Uncover Method to Track Cars via Tire Sensors
FOE
The Hacker News
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
FOE
Bleeping Computer
Android gets patches for Qualcomm zero-day exploited in attacks
FOE
The Hacker News
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
FOE
CSO Online
7 factors impacting the cyber skills gap
FOE
The Hacker News
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
FOE
The Register (Security)
Gamers furious as Brit studio Cloud Imperium quietly admits to data breach
FRIEND
CSO Online
Das gehört in Ihr Security-Toolset
FOE
The Register (Security)
Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery
FOE
Bleeping Computer
CyberStrikeAI tool adopted by hackers for AI-powered attacks
FOE
Sophos News
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
FRIEND
EFF Deeplinks
EFF to Court: Don’t Make Embedding Illegal
FRIEND
EFF Deeplinks
EFF to Court: Don’t Make Embedding Illegal
FOE
Dark Reading
Critical OpenClaw Vulnerability Exposes AI Agent Risks
FOE
Dark Reading
The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era
FOE
The Register (Security)
Iran's cyberwar has begun
FOE
Dark Reading
30 Alleged Members of 'The Com' Arrested in Project Compass
FOE
Bleeping Computer
Fake Google Security site uses PWA app to steal credentials, MFA codes
FRIEND
EPIC
EPIC Urges HHS to Prioritize Patient Privacy in Clinical Care AI Uses
FRIEND
CSO Online
Vulnerability monitoring service secures public-sector websites faster
FOE
Bleeping Computer
Alabama man pleads guilty to hacking, extorting hundreds of women
FOE
The Register (Security)
UK Businesses told to brace cyber defenses amid Iran conflict risk
FOE
Bleeping Computer
Florida woman imprisoned for massive Microsoft license fraud scheme
FOE
The Hacker News
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
FRIEND
The Hacker News
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
FRIEND
EFF Deeplinks
National Book Tour for Cindy Cohn’s Memoir, ‘Privacy’s Defender’
FRIEND
EFF Deeplinks
National Book Tour for Cindy Cohn’s Memoir, ‘Privacy’s Defender’
FOE
Bleeping Computer
UK warns of Iranian cyberattack risks amid Middle-East conflict
FOE
SecurityWeek
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant
FOE
Bleeping Computer
How Deepfakes and Injection Attacks Are Breaking Identity Verification
FOE
SecurityWeek
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
FOE
The Register (Security)
Memory scalpers hunt scarce DRAM with bot blitz
FOE
SecurityWeek
Madison Square Garden Data Breach Confirmed Months After Hacker Attack
FOE
The Register (Security)
Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
FOE
The Hacker News
⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
FRIEND
Dark Reading
Quantum-Resistant Data Diode Secures Sensitive Data on Edge Devices, Critical Systems
FRIEND
SecurityWeek
Nick Andersen Appointed Acting Director of CISA
FRIEND
SecurityWeek
AWS Expands Security Hub Into a Cross-Domain Security Platform
FOE
Bleeping Computer
Anthropic confirms Claude is down in a worldwide outage
FOE
Schneier on Security
LLM-Assisted Deanonymization
FOE
The Hacker News
How to Protect Your SaaS from Bot Attacks with SafeLine WAF
FOE
SecurityWeek
North Korean APT Targets Air-Gapped Systems in Recent Campaign
FRIEND
SecurityWeek
Google Working Towards Quantum-Safe Chrome HTTPS Certificates
FRIEND
SANS Internet Storm Center
Quick Howto: ZIP Files Inside RTF, (Mon, Mar 2nd)
FRIEND
SANS Internet Storm Center
Wireshark 4.6.4 Released, (Mon, Mar 2nd)
FOE
SecurityWeek
US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates
FRIEND
CSO Online
Innovation without exposure: A CISO’s secure-by-design framework for business outcomes
FOE
The Hacker News
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
FOE
Dark Reading
Bug in Google's Gemini AI Panel Opens Door to Hijacking
FRIEND
CSO Online
A scorecard for cyber and risk culture
FOE
The Hacker News
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
FRIEND
CSO Online
Hacker erpressen weniger Lösegeld
FRIEND
CSO Online
How CISOs can build a resilient workforce
FRIEND
CSO Online
Im Fokus: RZ-Modernisierung
FRIEND
CSO Online
Im Fokus: RZ-Modernisierung
FOE
CSO Online
Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern
FRIEND
The Register (Security)
UK government's Vulnerability Monitoring System is working - fixes flow far faster
FOE
Risky Business News
Risky Bulletin: LLMs can deanonymize internet users based on their past comments
FOE
The Register (Security)
South Korea’s tax office apologizes for leaking seed phrase to seized crypto
FOE
Recorded Future Blog
Latin America's Cybersecurity Turning Point: From Reactive Defense to Threat Intelligence
FOE
Recorded Future Blog
Ongoing Iran Conflict: What You Need to Know
FOE
Bleeping Computer
ClawJacked attack let malicious websites hijack OpenClaw to steal data
FRIEND
Bleeping Computer
Samsung TVs to stop collecting Texans’ data without express consent
FOE
SecurityWeek
Hackers Weaponize Claude Code in Mexican Government Cyberattack
FOE
Sophos News
Cyber Advisory: Increased Cyber Risk Amid U.S.–Israel–Iran Escalation
FOE
Bleeping Computer
QuickLens Chrome extension steals crypto, shows ClickFix attack
FOE
The Hacker News
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
FOE
Bleeping Computer
$4.8M in crypto stolen after Korean tax agency exposes wallet seed
FOE
Krebs on Security
Who is the Kimwolf Botmaster “Dort”?
FOE
SecurityWeek
Canadian Tire Data Breach Impacts 38 Million Accounts
FRIEND
The Register (Security)
Denizens of DEF CON are 'fed up with government'
FOE
The Hacker News
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
FOE
The Hacker News
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
FRIEND
Ars Technica (Security)
Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space
FOE
The Register (Security)
Double whammy: Steaelite RAT bundles data theft, ransomware in one evil tool
FRIEND
EPIC
Connecticut AG Issues Report on How Existing State Law Applies to AI
FRIEND
Schneier on Security
Friday Squid Blogging: Squid Fishing in Peru
FOE
CSO Online
Security hole could let hackers take over Juniper Networks PTX core routers
FOE
SecurityWeek
Trump Orders All Federal Agencies to Phase Out Use of Anthropic Technology
FOE
Dark Reading
Life Mirrors Art: Ransomware Hits Hospitals on TV & IRL
FOE
CSO Online
‘Silent’ Google API key change exposed Gemini AI data
FRIEND
Dark Reading
Cities Hosting Major Events Need More Focus on Wireless, Drone Defense
FOE
Dark Reading
Flaw-Finding AI Assistants Face Criticism for Speed, Accuracy
FRIEND
Bleeping Computer
Microsoft testing Windows 11 batch file security improvements
FOE
The Register (Security)
Suspected Nork digital intruders caught breaking into US healthcare, education orgs
FOE
Bleeping Computer
APT37 hackers use new malware to breach air-gapped networks
FRIEND
Bleeping Computer
Europol-led crackdown on The Com hackers leads to 30 arrests
FRIEND
The Hacker News
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
FOE
The Hacker News
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
FOE
Dark Reading
The Case for Why Better Breach Transparency Matters
FOE
The Register (Security)
Ransomware payments cratered in 2025, but attacks surged to record highs
FOE
Bleeping Computer
CISA warns that RESURGE malware can be dormant on Ivanti devices
FOE
The Hacker News
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
FOE
SecurityWeek
In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators
FOE
The Register (Security)
French DIY etailer ManoMano admits customer data stolen
FRIEND
Bleeping Computer
Third-Party Patching and the Business Footprint We All Share
FOE
Privacy International
The Anthropic and US Government conflict is larger than you think
FOE
Dark Reading
Claude Code Security Shows Promise, Not Perfection
FOE
The Register (Security)
Cops back Dutch telco Odido after second wave of ShinyHunters leaks
FOE
SecurityWeek
38 Million Allegedly Impacted by ManoMano Data Breach
FOE
CSO Online
One of the ‘most influential cybersecurity’ roles will pay under $175,000
FOE
SecurityWeek
900 Sangoma FreePBX Instances Infected With Web Shells
FOE
The Hacker News
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
FRIEND
SecurityWeek
Chilean Carding Shop Operator Extradited to US
FRIEND
SecurityWeek
Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline
FOE
Bleeping Computer
Ukrainian man pleads guilty to running AI-powered fake ID site
FOE
SANS Internet Storm Center
Fake Fedex Email Delivers Donuts!, (Fri, Feb 27th)
FOE
Schneier on Security
Why Tehran’s Two-Tiered Internet Is So Dangerous
FOE
Schneier on Security
Phishing Attacks Against People Seeking Programming Jobs
FOE
SecurityWeek
Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience
FOE
CSO Online
Your personal OpenClaw agent may also be taking orders from malicious websites
FRIEND
CSO Online
US authorities punish sellers of malware and spyware
FRIEND
CSO Online
Why application security must start at the load balancer
FOE
SecurityWeek
Juniper Networks PTX Routers Affected by Critical Vulnerability
FOE
The Hacker News
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
FRIEND
CSO Online
How to make LLMs a defensive advantage without creating a new attack surface
FRIEND
The Hacker News
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
FOE
SecurityWeek
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking
FRIEND
CSO Online
The CSO guide to top security conferences
FOE
CSO Online
Ransomware groups switch to stealthy attacks and long-term access
FRIEND
EFF Deeplinks
Victory! Tenth Circuit Finds Fourth Amendment Doesn’t Support Broad Search of Protesters’ Devices and Digital Data
FRIEND
EFF Deeplinks
Victory! Tenth Circuit Finds Fourth Amendment Doesn’t Support Broad Search of Protesters’ Devices and Digital Data
FOE
Risky Business News
Risky Bulletin: Russian man investigated for extorting Conti ransomware group
FOE
EPIC
The Verge: FTC declines to enforce a kids privacy law for data collected to verify users’ ages
FOE
Dark Reading
Marquis v. SonicWall Lawsuit Ups the Breach Blame Game
FOE
Dark Reading
Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
FOE
Bleeping Computer
Previously harmless Google API keys now expose Gemini AI data
FRIEND
EPIC
EPIC, OTI Urge FTC Not to Ignore Full Scope of Data-Driven Harms
FRIEND
SecurityWeek
Apple iPhone and iPad Cleared for Classified NATO Use
FOE
The Hacker News
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
FOE
Bleeping Computer
Trend Micro warns of critical Apex One code execution flaws
FOE
Bleeping Computer
European DYI chain ManoMano data breach impacts 38 million customers
FRIEND
SecurityWeek
Four Risks Boards Cannot Treat as Background Noise
FOE
Bleeping Computer
Critical Juniper Networks PTX flaw allows full router takeover
FOE
The Intercept (Privacy)
Zohran Mamdani Kept Columbia Student in New York — Then Phoned With Trump to Secure Her Release
FOE
Bleeping Computer
Olympique Marseille confirms 'attempted' cyberattack after data leak
FOE
Ars Technica (Security)
New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises
FOE
The Register (Security)
Rapid AI-driven development makes security unattainable, warns Veracode
FOE
The Hacker News
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
FOE
The Hacker News
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
FRIEND
Bleeping Computer
Ransomware payment rate drops to record low as attacks surge
FOE
SecurityWeek
Claude Code Flaws Exposed Developer Devices to Silent Hacking
FRIEND
Bleeping Computer
Microsoft expands Windows restore to more enterprise devices
FRIEND
SecurityWeek
Gambit Security Emerges From Stealth With $61 Million in Funding
FOE
The Register (Security)
Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering
FOE
CSO Online
Hackers Compromise Networks Faster and Faster [DE]
FOE
SecurityWeek
Zyxel Patches Critical Vulnerability in Many Device Models
FOE
Schneier on Security
LLMs Generate Predictable Passwords
FOE
The Hacker News
Expert Recommends: Prepare for PQC Right Now
FOE
CISA Alerts
Pelco, Inc. Sarix Pro 3 Series IP Cameras
FOE
CISA Alerts
EV2GO ev2go.io
FOE
CISA Alerts
EV Energy ev.energy
FOE
CISA Alerts
Chargemap chargemap.com
FOE
CISA Alerts
Mobility46 mobility46.se
FOE
CISA Alerts
SWITCH EV swtchenergy.com
FOE
CISA Alerts
CloudCharge cloudcharge.se
FOE
CISA Alerts
Yokogawa CENTUM VP R6, R7
FOE
CISA Alerts
Johnson Controls, Inc. Frick Controls Quantum HD
FOE
CISA Alerts
Copeland XWEB and XWEB Pro
FOE
Bleeping Computer
New York sues Valve for promoting illegal gambling via game loot boxes
FOE
The Register (Security)
Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover
FOE
CSO Online
China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries
FOE
The Intercept (Privacy)
Florida Might Make Its Own Spy Squad. Muslims Think They Have a Pretty Good Idea Who’ll Be Targeted.
FOE
The Hacker News
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
FOE
SecurityWeek
US Sanctions Russian Exploit Broker Operation Zero
FOE
The Hacker News
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
FOE
CSO Online
The farmers and the mercenaries: Rethinking the ‘human layer’ in security
FRIEND
SecurityWeek
Trend Micro Patches Critical Apex One Vulnerabilities
FOE
SecurityWeek
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers
FOE
Google Project Zero
A Deep Dive into the GetProcessHandleFromHwnd API
FOE
CSO Online
5 trends that should top CISO’s RSA 2026 agendas
FOE
The Hacker News
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
FRIEND
CSO Online
9 Essential Open Source Security Tools [DE]
FRIEND
CSO Online
How to Justify Your Security Investments [DE]
FRIEND
SANS Internet Storm Center
Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary], (Tue, Feb 24th)
FOE
Risky Business News
Srsly Risky Biz: Is Claude Too Woke For War?
FOE
The Register (Security)
Claude collaboration tools left the door wide open to remote code execution
FOE
CSO Online
Steaelite RAT combines data theft and ransomware management capability in one tool
FOE
Sophos News
Cisco SD-WAN vulnerabilities (CVE-2026-20127, CVE-2022-20775) in active exploitation
FRIEND
Sophos News
Sophos Workspace Protection is Now Available
FRIEND
Recorded Future Blog
Recorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from CYBERA
FOE
Dark Reading
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
FOE
Bleeping Computer
Medical device maker UFP Technologies warns of data stolen in cyberattack
FOE
CSO Online
Five Eyes issue emergency directive on exploited Cisco SD-WAN zero-day
FOE
Dark Reading
Flaws in Claude Code Put Developers' Machines at Risk
FOE
Bleeping Computer
Fake Next.js job interview tests backdoor developer's devices
FRIEND
Dark Reading
RAMP Forum Seizure Fractures Ransomware Ecosystem
FRIEND
SANS Internet Storm Center
The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary], (Wed, Feb 25th)
FOE
The Register (Security)
Google catches Beijing spies using Sheets to spread espionage across 4 continents
FOE
Dark Reading
PCI Council Says Threats to Payments Systems Are Speeding Up
FOE
EFF Deeplinks
☺️ Trust Us With Your Face | EFFector 38.4
FOE
EFF Deeplinks
☺️ Trust Us With Your Face | EFFector 38.4
FOE
Bleeping Computer
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
FRIEND
The Hacker News
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
FRIEND
EFF Deeplinks
How to Pick Your Password Manager
FRIEND
EFF Deeplinks
How to Pick Your Password Manager
FRIEND
EFF Deeplinks
How to Pick Your Password Manager
FOE
Bleeping Computer
Chinese cyberspies breached dozens of telecom firms, govt agencies
FOE
The Hacker News
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
FOE
The Register (Security)
Fake 'interview' repos lure Next.js devs into running secret-stealing malware
FOE
Dark Reading
Malicious Next.js Repos Target Developers Via Fake Job Interviews
FOE
SecurityWeek
The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI
FOE
Privacy International
Analysis of the Disclosures following the ICO Enforcement Notice on GPS Tagging of Migrants
FRIEND
SecurityWeek
Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments
FOE
Bleeping Computer
Marquis sues SonicWall over backup breach that led to ransomware attack
FOE
SecurityWeek
SolarWinds Patches Four Critical Serv-U Vulnerabilities
FRIEND
Privacy International
Discord pushes back age verification after security risks revealed
FOE
The Hacker News
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
FRIEND
Bleeping Computer
The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web
FOE
The Hacker News
Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
FOE
Privacy International
Nowhere to Hide? Privacy Risks and Policy Implications of AI Geolocation
FOE
Dark Reading
Why 'Call This Number' TOAD Emails Beat Gateways
FOE
The Register (Security)
Ex-L3Harris exec jailed 7 years for selling exploits to Russia
FOE
SecurityWeek
Medical Device Maker UFP Technologies Hit by Cyberattack
FOE
SecurityWeek
Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia
FOE
Bleeping Computer
Zyxel warns of critical RCE flaw affecting over a dozen routers
FOE
The Hacker News
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
FOE
The Register (Security)
Wynn Resorts takes attacker's word for it that stolen staff data was deleted
FOE
SecurityWeek
Over 12 Million Users Impacted by CarGurus Data Breach
FOE
Schneier on Security
Poisoning AI Training Data
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems
FRIEND
Dark Reading
'Richter Scale' Model Measures Magnitude of OT Cyber Incidents
FRIEND
SecurityWeek
SecurityWeek Report: 426 Cybersecurity M&A Deals Announced in 2025
FOE
SecurityWeek
Wynn Resorts Confirms Data Breach After Hackers Remove It From Leak Site
FOE
CSO Online
Microsoft warns of job‑themed repo lures targeting developers with multi‑stage backdoors
FOE
The Hacker News
Manual Processes Are Putting National Security at Risk
FRIEND
SecurityWeek
Astelia Raises $35 Million for Exposure Management
FOE
Bleeping Computer
US sanctions Russian broker for buying stolen zero-day exploits
FOE
SecurityWeek
Reddit Hit With $20 Million UK Data Privacy Fine Over Child Safety Failings
FOE
The Register (Security)
OpenAI says Chinese cops used ChatGPT to plan and track smear ops against opponents
FOE
SecurityWeek
Claude’s New AI Vulnerability Scanner Sends Cybersecurity Shares Plunging
FOE
CSO Online
Ukrainian convicted for helping fake North Korean IT workers
FOE
The Hacker News
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
FOE
SecurityWeek
Ad Tech Company Optimizely Targeted in Cyberattack
FOE
Bleeping Computer
Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker
FRIEND
Dark Reading
Operation Red Card 2.0 Leads to 651 Arrests in Africa
FRIEND
Bleeping Computer
Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool
FOE
The Hacker News
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
FRIEND
CSO Online
Boards don’t need cyber metrics — they need risk signals
FOE
The Register (Security)
Threat intelligence supply chain is full of weak links, researchers find
FOE
The Hacker News
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
FOE
CSO Online
Hacker cracks 600 firewalls in one month - with AI [DE]
FOE
CSO Online
How AI is Changing Your GRC Strategy [DE]
FOE
CSO Online
New Serv-U bugs extend SolarWinds’ run of high-severity disclosures
FOE
CSO Online
Fake Zoom meeting silently installs surveillance software, says Malwarebytes
FOE
Risky Business News
Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov
FOE
CSO Online
VMware fixes command injection flaw in Aria Operations
FOE
Bleeping Computer
Phishing campaign targets freight and logistics orgs in the US, Europe
FOE
EFF Deeplinks
Tech Companies Shouldn’t Be Bullied Into Doing Surveillance
FOE
EFF Deeplinks
Tech Companies Shouldn’t Be Bullied Into Doing Surveillance
FOE
The Register (Security)
AI has gotten good at finding bugs, not so good at swatting them
FOE
CSO Online
What does business email compromise look like?
FOE
CSO Online
What are the types of ransomware attacks?
FOE
Bleeping Computer
Wynn Resorts confirms employee data breach after extortion threat
FOE
CSO Online
Take control: Locking down common endpoint vulnerabilities
FOE
Bleeping Computer
1Campaign platform helps malicious Google ads evade detection
FOE
Dark Reading
Attackers Now Need Just 29 Minutes to Own a Network
FOE
CSO Online
How to prevent business email compromise
FOE
CSO Online
Know the red flags: Business email compromise signs to look out for
FOE
Dark Reading
Lazarus Group Picks a New Poison: Medusa Ransomware
FRIEND
Sophos News
Sophos Workspace Protection is Now Available
FRIEND
EPIC
EPIC Joins Groups Urging FTC to Crack Down on Hidden Surveillance Pricing
FOE
The Register (Security)
Patch these 4 critical, make-me-root SolarWinds bugs ASAP
FRIEND
CSO Online
Cyber defense: From reactive to proactive
FOE
The Hacker News
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
FOE
The Register (Security)
North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware
FOE
Bleeping Computer
CarGurus data breach exposes information of 12.4 million accounts
FOE
SANS Internet Storm Center
Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)
FRIEND
Bleeping Computer
Microsoft adds Copilot data controls to all storage locations
FOE
The Register (Security)
Go library maintainer brands GitHub's Dependabot a 'noise machine'
FOE
Sophos News
Nowhere, man: The 2026 Active Adversary Report
FOE
SecurityWeek
‘Arkanix Stealer’ Malware Disappears Shortly After Debut
FRIEND
Bleeping Computer
Identity-First AI Security: Why CISOs Must Add Intent to the Equation
FOE
Bleeping Computer
UK fines Reddit $19 million for using children’s data unlawfully
FOE
SecurityWeek
VMware Aria Operations Vulnerability Could Allow Remote Code Execution
FOE
The Hacker News
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
FRIEND
SecurityWeek
CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO
FOE
SecurityWeek
New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM
FOE
The Register (Security)
UK data watchdog fines Reddit £14.47M for letting kids slip past the gate
FRIEND
Dark Reading
As Cybersecurity Firms Chase AI, VC Market Skyrockets
FOE
Bleeping Computer
Critical SolarWinds Serv-U flaws offer root access to servers
FOE
SecurityWeek
GitHub Issues Abused in Copilot Attack Leading to Repository Takeover
FOE
Schneier on Security
Is AI Good for Democracy?
FOE
SecurityWeek
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
CISA Alerts
InSAT MasterSCADA BUK-TS
FOE
CISA Alerts
Gardyn Home Kit
FOE
CISA Alerts
Schneider Electric EcoStruxure Building Operation Workstation
FRIEND
NIST Cybersecurity Insights
Celebrating Two Years of CSF 2.0!
FRIEND
The Hacker News
Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem
FOE
The Register (Security)
Korean cops charge teens over bike hire breach that exposed data on 4.62M riders
FOE
The Hacker News
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
FOE
CSO Online
Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools
FOE
Bleeping Computer
ShinyHunters extortion gang claims Odido breach affecting millions
FOE
Bleeping Computer
North Korean Lazarus group linked to Medusa ransomware attacks
FOE
The Register (Security)
UK tech hit by double trouble: Fewer foreign techies amid skills squeeze
FRIEND
SecurityWeek
Anonymous Fénix Members Arrested in Spain
FOE
The Hacker News
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
FRIEND
CSO Online
Billions in Bitcoin from Pirated Content Portal Targeted by Justice System [DE]
FRIEND
The Register (Security)
Euro allies aiming to rapidly build low-cost air defense weapons
FOE
Privacy International
Dual-use tech: the Elbit example
FOE
Privacy International
Dual-use tech: the Skydio example
FOE
Privacy International
Dual-use tech: the Leonardo example
FOE
Privacy International
Dual-use tech: the Thales example
FRIEND
CSO Online
It’s time to rethink CISO reporting lines
FOE
CSO Online
The rise of the evasive adversary
FRIEND
CSO Online
Anthropic’s Claude Code Security rollout is an industry wakeup call
FOE
The Hacker News
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
FRIEND
CSO Online
OT-Security: Why it's worth taking a look at Open Source [DE]
FOE
CSO Online
Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon
FOE
Sophos News
The Active Adversary Report: Safety in numbers
FOE
Recorded Future Blog
January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day
FOE
Sophos News
The Active Adversary Report: Safety in numbers
FRIEND
Sophos News
Stopping real-world attacks: Lessons for business leaders from the 2026 cyber frontline
FOE
Recorded Future Blog
Preparing for Russia’s New Generation Warfare in Europe
FOE
Bleeping Computer
Android mental health apps with 14.7M installs filled with security flaws
FOE
Dark Reading
Spitting Cash: ATM Jackpotting Attacks Surged in 2025
FRIEND
Dark Reading
More Than Dashboards: AI Decisions Must Be Provable
FOE
Bleeping Computer
Spain arrests suspected hacktivists for DDoSing govt sites
FRIEND
EPIC
EPIC Model Platform Design Legislation Introduced in Kentucky
FOE
Dark Reading
Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
FRIEND
Dark Reading
Enigma Cipher Device Still Holds Secrets for Cyber Pros
FOE
The Register (Security)
Infosec community panics as Anthropic rolls out Claude code security checker
FOE
The Hacker News
APT28 Targeted European Entities Using Webhook-Based Macro Malware
FRIEND
Bleeping Computer
Microsoft says bug in classic Outlook hides the mouse pointer
FOE
Dark Reading
600+ FortiGate Devices Hacked by AI-Armed Amateur
FRIEND
EPIC
EPIC Testifies in Support of Ban on Sale of Precise Location Data in Virginia
FOE
Bleeping Computer
Ad tech firm Optimizely confirms data breach after vishing attack
FOE
The Hacker News
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
FRIEND
Sophos News
Stopping real-world attacks: Lessons for business leaders from the 2026 cyber frontline
FOE
The Intercept (Privacy)
Nonprofit Coalition Asks Courts to Prevent Coercive Federal Investigation Tactics
FOE
The Register (Security)
Global regulators say AI image tools don't get a free pass on privacy rules
FOE
SecurityWeek
US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach
FRIEND
The Register (Security)
Break free of Ring's servers, earn a five-figure bounty
FOE
Bleeping Computer
When identity isn’t the weak link, access still is
FOE
SecurityWeek
Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
FOE
SANS Internet Storm Center
Another day, another malicious JPEG, (Mon, Feb 23rd)
FOE
The Hacker News
⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More
FOE
SecurityWeek
Autonomous AI Agents Provide New Class of Supply Chain Attack
FOE
The Register (Security)
Suspected Anonymous members detained in Spain over post-flood DDoS blitz
FOE
Schneier on Security
On the Security of Password Managers
FOE
CSO Online
Hacker steals data from thousands of RTL employees [DE]
FOE
The Hacker News
How Exposed Endpoints Increase Risk Across LLM Infrastructure
FOE
CSO Online
New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads
FOE
SecurityWeek
Romanian Hacker Pleads Guilty to Selling Access to US State Network
FOE
Bleeping Computer
CISA: Recently patched RoundCube flaws now exploited in attacks
FOE
The Register (Security)
AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
FOE
SecurityWeek
Hundreds of FortiGate Firewalls Hacked in AI-Powered Attacks: AWS
FOE
SecurityWeek
Recent RoundCube Webmail Vulnerability Exploited in Attacks
FOE
CSO Online
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
FOE
SecurityWeek
Mississippi Hospital System Closes All Clinics After Ransomware Attack
FOE
The Hacker News
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
FOE
The Register (Security)
Every day in every way, passwords are getting worse and worse
FOE
SecurityWeek
PayPal Data Breach Led to Fraudulent Transactions
FOE
The Hacker News
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
FOE
CSO Online
13 ways attackers use generative AI to exploit your systems
FOE
EPIC
The Verge: America desperately needs new privacy laws
FOE
Risky Business News
Risky Bulletin: AI-driven hacking campaign breaches 600+ Fortinet devices
FRIEND
Sophos News
Nowhere, man: The 2026 Active Adversary Report
FRIEND
Sophos News
Sophos Workspace Protection Enables Secure Access for Contractors and Guests
FOE
The Register (Security)
Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records
FOE
Bleeping Computer
Arkanix Stealer pops up as short-lived AI info-stealer experiment
FOE
The Register (Security)
UK council faces data breach claim after mishandling trans complaints
FOE
Bleeping Computer
Predator spyware hooks iOS SpringBoard to hide mic, camera activity
FOE
The Hacker News
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
FOE
Bleeping Computer
Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks
FOE
SecurityWeek
Critical Grandstream Phone Vulnerability Exposes Calls to Interception
FRIEND
The Hacker News
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
FOE
The Hacker News
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
FOE
SANS Internet Storm Center
Japanese-Language Phishing Emails, (Sat, Feb 21st)
FRIEND
The Hacker News
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
FOE
CSO Online
Compromised npm package silently installs OpenClaw on developer machines
FRIEND
EPIC
Law360: State Privacy Watch: 4 Legislative Developments To Know
FOE
EPIC
Biometric Update: FTC asked to investigate Meta facial recognition smart glasses plan
FOE
EPIC
The Verge: Smart glasses in court are a privacy nightmare
FOE
The Register (Security)
PayPal app code error leaked personal info and a 'few' unauthorized transactions
FRIEND
Schneier on Security
Friday Squid Blogging: Squid Cartoon
FOE
Dark Reading
Attackers Use New Tool to Scan for React2Shell Exposure
FOE
The Register (Security)
AI coding assistant Cline compromised to create more OpenClaw chaos
FOE
Krebs on Security
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
FRIEND
EPIC
EPIC Testifies in Support of New Jersey Age-Appropriate Design Code
FOE
Dark Reading
'God-Like' Attack Machines: AI Agents Ignore Security Policies
FOE
Bleeping Computer
Japanese tech giant Advantest hit by ransomware attack
FOE
The Register (Security)
ShinyHunters demands $1.5M not to leak Vegas casino and resort chain data
FRIEND
Dark Reading
Lessons From AI Hacking: Every Model, Every Layer Is Risky
FOE
Bleeping Computer
CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
FOE
CSO Online
Don’t trust TrustConnect: This fake remote support tool only helps hackers
FOE
Bleeping Computer
Data breach at French bank registry impacts 1.2 million accounts
FRIEND
SecurityWeek
NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
FOE
The Hacker News
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
FOE
SecurityWeek
In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI
FOE
Bleeping Computer
Why the shift left dream has become a nightmare for security and developers
FOE
The Register (Security)
Ukrainian gets five years for helping North Koreans secure US tech jobs
FOE
The Hacker News
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
FOE
The Register (Security)
Founder ditches AWS for Euro stack, finds sovereignty isn't plug-and-play
FOE
Dark Reading
Latin America's Cyber Maturity Lags Threat Landscape
FOE
Bleeping Computer
PayPal discloses data breach that exposed user info for 6 months
FOE
CSO Online
AI and complexity as accelerators for cybercriminals [DE]
FOE
SecurityWeek
BeyondTrust Vulnerability Exploited in Ransomware Attacks
FOE
The Register (Security)
CISA gives federal agencies three days to patch actively exploited Dell bug
FRIEND
Schneier on Security
Ring Cancels Its Partnership with Flock
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE
The Hacker News
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT
FOE
Bleeping Computer
Mississippi medical center closes all clinics after ransomware attack
FOE
SecurityWeek
FBI: $20 Million Losses Caused by 700 ATM Jackpotting Attacks in 2025
FOE
The Register (Security)
Ex-Google engineers accused of helping themselves to chip security secrets
FRIEND
The Hacker News
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
FOE
The Register (Security)
Attackers have 16-digit card numbers, expiry dates, but not names. Should org get £500k fine?
FOE
Bleeping Computer
FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
FOE
The Hacker News
Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case
FOE
SecurityWeek
Chip Testing Giant Advantest Hit by Ransomware
FOE
Bleeping Computer
Ukrainian gets 5 years for helping North Koreans infiltrate US firms
FOE
CSO Online
Special Commission Investigates Cyberattack on Dresden Art Collections [DE]
FOE
The Hacker News
FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025
FOE
SecurityWeek
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
FRIEND
CSO Online
PayPal launches latest struggle to get rid of SMS for MFA
FOE
The Hacker News
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran
FOE
The Register (Security)
Snyk CEO bails, wants someone with more AI experience to replace him
FRIEND
CSO Online
10 Passwordless Options for Businesses [DE]
FOE
Risky Business News
Risky Bulletin: RPKI infrastructure sits on shaky ground
FOE
The Register (Security)
AI agents abound, unbound by rules or safety disclosures
FRIEND
EFF Deeplinks
EFF’s Policy on LLM-Assisted Contributions to Our Open-Source Projects
FRIEND
EFF Deeplinks
EFF’s Policy on LLM-Assisted Contributions to Our Open-Source Projects
FOE
CSO Online
New phishing campaign tricks employees into bypassing Microsoft 365 MFA
FOE
The Register (Security)
Crims create fake remote management vendor that actually sells a RAT
FOE
Dark Reading
Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
FOE
Bleeping Computer
PromptSpy is the first known Android malware to use generative AI at runtime
FOE
Dark Reading
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
FOE
Dark Reading
Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA
FOE
CSO Online
US dominance of agentic AI at the heart of new NIST initiative
FOE
EPIC
Washington Supreme Court Allows “Suicide Kit” Lawsuit Against Amazon to Proceed
FRIEND
EPIC
Representative Trahan Drops EPIC-Backed Blueprint for Updating the Privacy Act
FOE
Dark Reading
Abu Dhabi Finance Week Exposed VIP Passport Details
FOE
SANS Internet Storm Center
Under the Hood of DynoWiper, (Thu, Feb 19th)
FRIEND
EPIC
EPIC Testifies in Support of Maryland Bill That Would Ban Surveillance Pricing in Grocery Stores
FOE
The Register (Security)
Crims hit a $20M jackpot via malware-stuffed ATMs
FOE
The Hacker News
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
FRIEND
The Hacker News
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
FOE
The Hacker News
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
FOE
Bleeping Computer
Flaw in Grandstream VoIP phones allows stealthy eavesdropping
FRIEND
Bleeping Computer
Google blocked over 1.75 million Play Store app submissions in 2025
FOE
The Register (Security)
Android malware taps Gemini to navigate infected devices
FOE
Bleeping Computer
CISA orders feds to patch actively exploited Dell flaw within 3 days
FOE
Dark Reading
Connected and Compromised: When IoT Devices Turn Into Threats
FOE
Bleeping Computer
How infostealers turn stolen credentials into real identities
FOE
SecurityWeek
French Government Says 1.2 Million Bank Accounts Exposed in Breach
FOE
The Hacker News
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
FOE
Bleeping Computer
Nigerian man gets eight years in prison for hacking tax firms
FRIEND
The Register (Security)
DEF CON bans three Epstein-linked men from future events
FOE
SecurityWeek
Nearly 1 Million User Records Compromised in Figure Data Breach
FOE
Bleeping Computer
Texas sues TP-Link over Chinese hacking risks, user deception
FOE
Bleeping Computer
Hackers target Microsoft Entra accounts in device code vishing attacks
FRIEND
SecurityWeek
Venice Security Emerges From Stealth With $33M Funding for Privileged Access Management
FOE
CSO Online
Six flaws found hiding in OpenClaw’s plumbing
FOE
Schneier on Security
Malicious AI
FOE
CISA Alerts
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller
FOE
CISA Alerts
Valmet DNA Engineering Web Tools
FOE
CISA Alerts
EnOcean SmartServer IoT
FOE
CISA Alerts
Jinan USR IOT Technology Limited (PUSR) USR-W610
FOE
Privacy International
What does Prosus's buyout mean for JustEat drivers?
FOE
SecurityWeek
Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025
FOE
The Hacker News
From Exposure to Exploitation: How AI Collapses Your Response Window
FRIEND
The Register (Security)
UK to demand social platforms take down abusive intimate images within 48 hours
FRIEND
Bleeping Computer
Police arrests 651 suspects in African cybercrime crackdown
FOE
The Register (Security)
Healthcare security: Write login details on whiteboard, hope for the best
FOE
SecurityWeek
OpenClaw Security Issues Continue as SecureClaw Open Source Tool Debuts
FOE
The Hacker News
Fake IPTV Apps Spread Massive Android Malware Targeting Mobile Banking Users [DE]
FOE
CSO Online
Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn
FOE
Bleeping Computer
New 'Massiv' Android banking malware poses as an IPTV app
FOE
CSO Online
Cybersecurity needs maturity and not checklists [DE]
FOE
SecurityWeek
German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack
FOE
The Hacker News
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
FOE
Dark Reading
More Than 40% of South Africans Were Scammed in 2025
FRIEND
CSO Online
From in-house CISO to consultant. What you need to know before making the leap
FOE
The Register (Security)
Poland bans camera-packing cars made in China cars from military bases
FOE
Risky Business News
Srsly Risky Biz: Europe's Cyber Bullets Can't Replace Political Will
FRIEND
SANS Internet Storm Center
ISC Stormcast For Thursday, February 19th, 2026 https://isc.sans.edu/podcastdetail/9816, (Thu, Feb 19th)
FOE
Recorded Future Blog
2025 Cloud Threat Hunting and Defense Landscape
FOE
The Register (Security)
Adidas investigates third-party data breach after criminals claim they pwned the sportswear giant
FRIEND
CSO Online
Notepad++ author says fixes make update mechanism ‘effectively unexploitable’
FOE
Dark Reading
Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
FOE
CSO Online
Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years
FOE
Dark Reading
Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot
FOE
Bleeping Computer
Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
FRIEND
Dark Reading
Threat Intelligence Has a Human-Shaped Blind Spot
FOE
Dark Reading
Dell's Hard-Coded Flaw: A Nation-State Goldmine
FOE
The Register (Security)
ShinyHunters allegedly drove off with 1.7M CarGurus records
FRIEND
EPIC
EPIC Urges Second Circuit to Recognize Constitutionality of Surveillance Pricing Transparency Law
FOE
Bleeping Computer
AI platforms can be abused for stealthy malware communication
FOE
Dark Reading
A CISO's Playbook for Defending Data Assets Against AI Scraping
FOE
The Register (Security)
Fraudster hacked hotel system, paid 1 cent for luxury rooms, Spanish cops say
FRIEND
BrightTALK InfoSec
How to Enhance Threat Hunting Through Enterprise-Wide Collaboration
FOE
The Hacker News
Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody
FOE
The Register (Security)
Texas sues TP-Link over China links and security vulnerabilities
FOE
The Register (Security)
German train line back on track after DDoS yanks the brakes
FOE
The Hacker News
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
FOE
Bleeping Computer
Telegram channels expose rapid weaponization of SmarterMail flaws
FRIEND
Bleeping Computer
Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages
FRIEND
BrightTALK InfoSec
Threat Intelligence: Will AI Make Human Analysts Obsolete?
FOE
SecurityWeek
New Keenadu Android Malware Found on Thousands of Devices
FOE
CSO Online
Millions of Chrome extensions reveal browsing history [DE]
FRIEND
BrightTALK InfoSec
Securing DevOps Pipelines with Real-Time Threat Intelligence
FRIEND
BrightTALK InfoSec
Anticipate Attacks Before They Strike: Harness Predictive Threat Intelligence
FRIEND
BrightTALK InfoSec
Mastering Threat Hunting: Aligning with Adversary Tactics in 2026
FOE
BrightTALK InfoSec
Browser Extensions Under Siege: Advanced Detection Tactics for Enterprises
FRIEND
BrightTALK InfoSec
Scaling Security Governance with Platform Engineering: A Proactive Approach for Workloads
FRIEND
BrightTALK InfoSec
Driving Security Culture Evolution for Business Growth
FRIEND
SecurityWeek
Cogent Security Raises $42 Million for AI-Driven Vulnerability Management
FOE
The Register (Security)
Your AI-generated password isn't random, it just looks that way
FOE
Bleeping Computer
Data breach at fintech firm Figure affects nearly 1 million accounts
FRIEND
The Intercept (Privacy)
Philadelphia Could Elect Its First Muslim Congressman. He’s Not Sure Where He Stands on Israel.
FRIEND
EFF Deeplinks
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
FOE
Schneier on Security
AI Found Twelve New Vulnerabilities in OpenSSL
FOE
CSO Online
Keenadu: Android malware that comes preinstalled and can’t be removed by users
FOE
CSO Online
Flaws in four popular VS Code extensions left 128 million installs open to attack
FOE
SecurityWeek
Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration
FOE
The Register (Security)
You can jailbreak an F-35 just like an iPhone, says Dutch defense chief
FRIEND
The Register (Security)
Notepad++ declares hardened update process 'effectively unexploitable'
FOE
The Hacker News
Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability
FOE
The Hacker News
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
FOE
Bleeping Computer
Microsoft says bug causes Copilot to summarize confidential emails
FRIEND
CSO Online
A new approach for GenAI risk protection
FRIEND
CSO Online
Discipline is the new power move in cybersecurity leadership
FRIEND
CSO Online
Cyberattack on railway disrupts information systems [DE]
FOE
SecurityWeek
CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5
FRIEND
The Register (Security)
HackerOne 'updating' Ts&Cs after bug hunters question if they're training AI
FRIEND
The Hacker News
3 Ways to Start Your Intelligent Workflow Program
FOE
The Hacker News
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
FOE
Bleeping Computer
Glendale man gets 5 years in prison for role in darknet drug ring
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FRIEND
CSO Online
CredShields Leads OWASP Smart Contract Top 10 2026 as Governance and Access Failures Drive Onchain Risk
FOE
SANS Internet Storm Center
Tracking Malware Campaigns With Reused Material, (Wed, Feb 18th)
FRIEND
SecurityWeek
Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction
FRIEND
The Hacker News
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
FOE
CSO Online
The new paradigm for raising up secure software engineers
FOE
SecurityWeek
Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group
FOE
The Hacker News
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
FRIEND
CSO Online
13 Questions to Address Third-Party Risks [DE]
FRIEND
The Register (Security)
Palo Alto CEO says AI isn’t great for business, yet
FOE
SANS Internet Storm Center
ISC Stormcast For Wednesday, February 18th, 2026 https://isc.sans.edu/podcastdetail/9814, (Wed, Feb 18th)
FOE
Risky Business News
Risky Bulletin: Supply chain attack plants backdoor on Android tablets
FRIEND
Dark Reading
[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses
FOE
The Register (Security)
China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection
FRIEND
Dark Reading
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
FOE
Sophos News
The OpenClaw experiment is a warning shot for enterprise AI security
FRIEND
EFF Deeplinks
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
FOE
Recorded Future Blog
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
FRIEND
Bleeping Computer
Spain orders NordVPN, ProtonVPN to block LaLiga piracy sites
FOE
Dark Reading
Supply Chain Attack Embeds Malware in Android Devices
FOE
The Register (Security)
China remains embedded in US energy networks 'for the purpose of taking it down'
FOE
Dark Reading
Poland Energy Survives Attack on Wind, Solar Infrastructure
FOE
Bleeping Computer
Flaws in popular VSCode extensions expose developers to attacks
FRIEND
CSO Online
Cyber attacks enabled by basic failings, Palo Alto analysis finds
FOE
Dark Reading
RMM Abuse Explodes as Hackers Ditch Malware
FOE
Dark Reading
ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT
FOE
Ars Technica (Security)
Password managers' promise that they can't see your vaults isn't always true
FOE
Bleeping Computer
Chinese hackers exploiting Dell zero-day flaw since mid-2024
FRIEND
The Intercept (Privacy)
Can Trump’s Plan for Warehouse Immigrant Detention Camps Be Stopped?
FOE
The Hacker News
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster
NEUTRAL
The Intercept (Privacy)
It’s Correct and Moral to Use the Olympics to Speak Out About Politics
FOE
EFF Deeplinks
San Jose Can Protect Immigrants by Ending Flock Surveillance System
FOE
EFF Deeplinks
San Jose Can Protect Immigrants by Ending Flock Surveillance System
FRIEND
Bleeping Computer
Notepad++ boosts update security with ‘double-lock’ mechanism
FOE
The Hacker News
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
FOE
EFF Deeplinks
New Report Helps Journalists Dig Deeper Into Police Surveillance Technology
FRIEND
EFF Deeplinks
New Report Helps Journalists Dig Deeper Into Police Surveillance Technology
FOE
The Hacker News
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates
FRIEND
SecurityWeek
VulnCheck Raises $25 Million in Series B Funding to Scale Vulnerability Intelligence
FOE
Bleeping Computer
Microsoft Teams outage affects users in United States, Europe
FOE
SecurityWeek
Hackers Offer to Sell Millions of Eurail User Records
FRIEND
CSO Online
MCSC 2026: "Politics and Business Must Work Together" [DE]
FOE
Bleeping Computer
What 5 Million Apps Revealed About Secrets in JavaScript
FOE
Bleeping Computer
New Keenadu backdoor found in Android firmware, Google Play apps
FOE
SecurityWeek
API Threats Grow in Scale as AI Expands the Blast Radius
FOE
SecurityWeek
Cyber Insights 2026: The Ongoing Fight to Secure Industrial Control Systems
FOE
The Register (Security)
US lawyers fire up privacy class action accusing Lenovo of bulk data transfers to China
FRIEND
The Register (Security)
Polish cops nab 47-year-old man in Phobos ransomware raid
FRIEND
SecurityWeek
Man Linked to Phobos Ransomware Arrested in Poland
FOE
The Hacker News
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
FOE
CSO Online
ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit
FOE
Schneier on Security
Side-Channel Attacks Against LLMs
FOE
CISA Alerts
CISA Adds Four Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
Honeywell CCTV Products
FOE
CISA Alerts
Delta Electronics ASDA-Soft
FOE
CISA Alerts
GE Vernova Enervista UR Setup
FOE
CISA Alerts
Siemens Simcenter Femap and Nastran
FRIEND
Bleeping Computer
Poland arrests suspect linked to Phobos ransomware operation
FOE
The Register (Security)
UK.gov launches cyber 'lockdown' campaign as 80% of orgs still leave door open
FRIEND
The Hacker News
My Day Getting My Hands Dirty with an NDR System
FOE
The Register (Security)
Ireland joins regulator smackdown after X's Grok AI accused of undressing people
FOE
SecurityWeek
3 Threat Groups Started Targeting ICS/OT in 2025: Dragos
FRIEND
The Intercept (Privacy)
U.S. Sent a Rescue Plane for Boat Strike Survivors. It Took 45 Hours to Arrive.
FOE
Bleeping Computer
Ireland now also investigating X over Grok-made sexual images
FOE
CSO Online
With CISOs stretched thin, re-envisioning enterprise risk may be the only fix
FRIEND
The Intercept (Privacy)
Air Force Maintenance Staff Can’t Stop Buying Fancy Knives With Tax Dollars
FOE
CSO Online
Why 2025’s agentic AI boom is a CISO’s worst nightmare
FOE
The Hacker News
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations
FOE
SecurityWeek
Password Managers Vulnerable to Vault Compromise Under Malicious Server
FRIEND
The Register (Security)
MoD ticks shopping list as PM considers weapons budget boost
FOE
SANS Internet Storm Center
Fake Incident Report Used in Phishing Campaign, (Tue, Feb 17th)
FRIEND
The Hacker News
Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta
FRIEND
SANS Internet Storm Center
ISC Stormcast For Tuesday, February 17th, 2026 https://isc.sans.edu/podcastdetail/9812, (Tue, Feb 17th)
FOE
CSO Online
Exploit available for new Chrome zero-day vulnerability, says Google
FRIEND
Sophos News
Sophos Workspace Protection Enables Secure SaaS App Control
FOE
Bleeping Computer
Washington Hotel in Japan discloses ransomware infection incident
FOE
CSO Online
What CISOs Should Know About OpenClaw [DE]
FOE
CSO Online
Open source maintainers being targeted by AI agent as part of ‘reputation farming’
FOE
Bleeping Computer
Eurail says stolen traveler data now up for sale on dark web
FOE
Bleeping Computer
Man arrested for demanding reward after accidental police data leak
FOE
The Hacker News
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
FOE
The Hacker News
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers
FOE
Dark Reading
Operation DoppelBrand: Weaponizing Fortune 500 Brands
FOE
The Register (Security)
Canada Goose ruffles feathers over 600K record dump, says leak is old news
FOE
Bleeping Computer
Infostealer malware found stealing OpenClaw secrets for first time
FOE
The Register (Security)
Dutch cops arrest man after sending him confidential files by mistake
FOE
The Register (Security)
You probably can't trust your password manager if it's compromised
FOE
SecurityWeek
Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches
FRIEND
Bleeping Computer
Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era
FOE
The Register (Security)
Open source registries don't have enough money to implement basic security
FOE
Dark Reading
260K+ Chrome Users Duped by Fake AI Browser Extensions
FRIEND
SecurityWeek
Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security
FOE
SecurityWeek
CISA Navigates DHS Shutdown With Reduced Staff
FOE
The Hacker News
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
FOE
The Register (Security)
Google patches Chrome zero-day as in-the-wild exploits surface
FOE
Bleeping Computer
CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
FOE
Schneier on Security
The Promptware Kill Chain
FOE
The Hacker News
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud
FOE
CSO Online
Leaky Chrome extensions with 37M installs caught divulging your browsing history
FOE
The Intercept (Privacy)
Prison-Style Free Speech Censorship Is Coming for the Rest of Us
FOE
The Hacker News
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
FRIEND
CSO Online
Finding a common language around risk
FRIEND
CSO Online
New cooperation to bring sovereign cloud solutions [DE]
FRIEND
CSO Online
CISO Julie Chatman offers insights for you to take control of your security leadership role
FOE
SANS Internet Storm Center
2026 64-Bits Malware Trend, (Mon, Feb 16th)
FOE
CSO Online
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
FOE
The Hacker News
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
FOE
The Register (Security)
US appears open to reversing some China tech bans
FRIEND
CSO Online
SIEM Buying Guide [DE]
FRIEND
Risky Business News
Risky Bulletin: Cambodia promises to dismantle scam networks by April
NEUTRAL
SANS Internet Storm Center
ISC Stormcast For Monday, February 16th, 2026 https://isc.sans.edu/podcastdetail/9810, (Mon, Feb 16th)
FRIEND
Recorded Future Blog
Network Intelligence: Your Questions, Global Answers
FOE
The Register (Security)
Infosec exec sold eight zero-day exploit kits to Russia, says DoJ
FOE
The Intercept (Privacy)
Palantir Gets Millions of Dollars From New York City’s Public Hospitals
FOE
The Hacker News
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
FOE
EPIC
The Guardian: The problem with doorbell cams: Nancy Guthrie case and Ring Super Bowl ad reawaken surveillance fears
FRIEND
Schneier on Security
Upcoming Speaking Engagements
FOE
EPIC
EPIC Urges FTC, States to Block Meta’s Facial Recognition Smart Glasses Plan
FOE
CSO Online
Critical BeyondTrust RS vulnerability exploited in active attacks
FRIEND
Schneier on Security
Friday Squid Blogging: Do Squid Dream?
FRIEND
Dark Reading
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
FOE
EFF Deeplinks
Seven Billion Reasons for Facebook to Abandon its Face Recognition Plans
FOE
EFF Deeplinks
Seven Billion Reasons for Facebook to Abandon its Face Recognition Plans
FRIEND
The Intercept (Privacy)
Leakers Helped Destroy Deportation Case Against Tufts Student
FOE
The Register (Security)
Attackers finally get around to exploiting critical Microsoft bug from 2024
FOE
CSO Online
South Korea fines Louis Vuitton, Christian Dior, Tiffany $25M for SaaS security failures
FOE
CSO Online
Researchers unearth 30-year-old vulnerability in libpng library
FRIEND
CSO Online
Battling bots face off in cybersecurity arena
FOE
The Hacker News
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
FOE
Dark Reading
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
FOE
Dark Reading
Nation-State Hackers Put Defense Industrial Base Under Siege
FOE
Dark Reading
AI Agents 'Swarm,' Security Complexity Follows Suit
FOE
The Hacker News
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
FOE
CSO Online
Four new reasons why Windows LNK files cannot be trusted
FOE
The Hacker News
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors
FRIEND
The Intercept (Privacy)
The Woman Alex Pretti Was Killed Trying to Defend Is an EMT. Federal Agents Stopped Her From Giving First Aid.
NEUTRAL
The Intercept (Privacy)
Jasmine Crockett Swears Off Corporate Cash — But Transferred Thousands From Her House Campaign
FRIEND
CSO Online
BSI heralds the end of classical encryption [DE]
FRIEND
The Intercept (Privacy)
The Only Solution Capitalism Has Is to Sell Us More Useless Junk
FOE
CISA Alerts
CISA Adds One Known Exploited Vulnerability to Catalog
FOE
The Register (Security)
Top Dutch telco Odido admits 6.2M customers caught in contact system caper
FOE
The Hacker News
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
FRIEND
The Intercept (Privacy)
Attorney for Epstein Survivors Warns That Justice Is Impossible With Bondi as AG
FOE
The Hacker News
npm’s Update to Harden Their Supply Chain, and Points to Consider
FOE
The Hacker News
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
FRIEND
The Register (Security)
Enforcing piracy policy earned helpdesk worker death threats
FRIEND
SANS Internet Storm Center
&#xa;AI-Powered Knowledge Graph Generator & APTs, (Thu, Feb 12th)
FOE
Risky Business News
Risky Bulletin: IcedID malware developer fakes his own death to escape the FBI
NEUTRAL
SANS Internet Storm Center
ISC Stormcast For Friday, February 13th, 2026 https://isc.sans.edu/podcastdetail/9808, (Fri, Feb 13th)
FRIEND
The Intercept (Privacy)
Trump Attacked Immigrant Food Aid in Minnesota. Locals Fought Back.
FOE
Sophos News
February’s Patch Tuesday assumes battle stations
FOE
Sophos News
The OpenClaw experiment is a warning shot for enterprise AI security
FOE
The Register (Security)
30+ Chrome extensions disguised as AI chatbots steal users' API keys, emails, other sensitive data
FOE
Dark Reading
Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again
FRIEND
Dark Reading
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense
FOE
EFF Deeplinks
Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
FOE
EFF Deeplinks
Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
FRIEND
Dark Reading
SpecterOps Launches BloodHound Scentry to Accelerate the Practice of Identity Attack Path Management
FOE
Dark Reading
Gone With the Shame: One in Two Americans Are Reluctant to Talk About Romance Scam Incidents
FOE
Dark Reading
Those 'Summarize With AI' Buttons May Be Lying to You
FOE
The Intercept (Privacy)
Pam Bondi Admits DOJ Has a Secret Domestic Terrorist List
FOE
The Register (Security)
Who's the bossware? Ransomware slingers like employee monitoring tools, too
FRIEND
EPIC
EPIC Model Platform Design Legislation Introduced in Georgia and Kansas
FOE
The Intercept (Privacy)
FBI Counterterrorism Agents Spent Weeks Seeking a Climate Activist — Then Showed Up at His Door
FOE
EPIC
Coming to America: The Government Wants to See Your Emails
FRIEND
BrightTALK InfoSec
Elevating Enterprise IGA Programs for the Future
FOE
The Hacker News
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
FOE
The Hacker News
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
FRIEND
BrightTALK InfoSec
Mastering Identity Governance: Strategies for Enterprise Success in 2026
FOE
The Intercept (Privacy)
Marine Detained in Minneapolis Says Feds Copied His Phone Without a Warrant
FOE
The Register (Security)
Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware
NEUTRAL
The Intercept (Privacy)
AIPAC Is Flooding Illinois With Cash. Pro-Palestine Groups Are Backing Kat Abughazaleh.
FOE
Schneier on Security
3D Printer Surveillance
FOE
CISA Alerts
CISA Adds Four Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
Siemens SINEC NMS
FOE
CISA Alerts
Siemens COMOS
FOE
CISA Alerts
Airleader Master
FOE
CISA Alerts
Siemens Solid Edge
FOE
CISA Alerts
Siemens Polarion
FOE
CISA Alerts
Siemens Siveillance Video Management Servers
FOE
CISA Alerts
Siemens Desigo CC Product Family and SENTRON Powermanager
FOE
CISA Alerts
Hitachi Energy SuprOS
FOE
CISA Alerts
Siemens NX
FOE
CISA Alerts
Siemens SINEC OS
FOE
The Register (Security)
Supply chain attacks now fuel a 'self-reinforcing' cybercrime economy
FOE
The Hacker News
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
FRIEND
BrightTALK InfoSec
Overcoming Digital ID Barriers to Drive Seamless Adoption in 2026
FRIEND
The Hacker News
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
FRIEND
The Register (Security)
Feeling brave? Ministry of Defence seeks £300K digital boss to manage £4.6B spend
FOE
Dark Reading
Senegalese Data Breaches Expose Lack of Security Maturity
FRIEND
Google Project Zero
Bypassing Administrator Protection by Abusing UI Access
FOE
The Hacker News
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
FOE
The Register (Security)
Google: China's APT31 used Gemini to plan cyberattacks against US orgs
FOE
The Hacker News
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices
FOE
SANS Internet Storm Center
ISC Stormcast For Thursday, February 12th, 2026 https://isc.sans.edu/podcastdetail/9806, (Thu, Feb 12th)
FOE
SANS Internet Storm Center
Four Seconds to Botnet - Analyzing a Self Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary], (Wed, Feb 11th)
FOE
The Register (Security)
Microsoft warns that poisoned AI buttons and links may betray your trust
NEUTRAL
Risky Business News
Srsly Risky Biz: Microsoft's Forgoes Its Secure Future
FOE
Recorded Future Blog
State of Security Report | Recorded Future
FOE
Recorded Future Blog
Fragmentation Defined 2025's Threat Landscape. Here's What It Means for 2026
FRIEND
Sophos News
Sophos Firewall Configuration Viewer
FOE
BrightTALK InfoSec
Defending Against AI-Driven Identity Threats in 2026
FOE
Ars Technica (Security)
Once-hobbled Lumma Stealer is back with lures that are hard to resist
FOE
Dark Reading
North Korea's UNC1069 Hammers Crypto Firms With AI
FOE
The Register (Security)
Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
FRIEND
Dark Reading
How to Stay on Top of Future Threats With a Cutting-Edge SOC
FRIEND
SANS Internet Storm Center
Apple Patches Everything: February 2026, (Wed, Feb 11th)
FRIEND
Dark Reading
Automaker Secures the Supply Chain With Developer-Friendly Platform
FRIEND
The Intercept (Privacy)
Officials Dispute Trump Explanation of El Paso Airspace Closure: “There Was Not a Threat”
FOE
The Register (Security)
Posting AI-generated caricatures on social media is risky, infosec killjoys warn
FOE
EPIC
CyberScoop: Your AI doctor doesn’t have to follow the same privacy rules as your real one
FOE
EFF Deeplinks
🗣 Homeland Security Wants Names | EFFector 38.3
FOE
EFF Deeplinks
🗣 Homeland Security Wants Names | EFFector 38.3
FRIEND
EPIC
EPIC Endorses New Bill to Ban ICE and CBP from Using Facial Recognition Technology
FOE
EFF Deeplinks
“Free” Surveillance Tech Still Comes at a High and Dangerous Cost
FOE
EFF Deeplinks
“Free” Surveillance Tech Still Comes at a High and Dangerous Cost
FOE
The Hacker News
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
FOE
Krebs on Security
Kimwolf Botnet Swamps Anonymity Network I2P
FOE
The Register (Security)
Were telcos tipped off to *that* ancient Telnet bug? Cyber pros say the signs stack up
FOE
The Hacker News
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
FRIEND
Schneier on Security
Rewiring Democracy Ebook is on Sale
FOE
Dark Reading
AI Rising: Do We Know Enough About the Data Populating It?
FRIEND
Dark Reading
Top Cyber Industry Defenses Spike CO2 Emissions
FOE
The Intercept (Privacy)
Texas “Antifa Cell” Terror Trial Takes On Tough Questions About Guns at Protests Against ICE
FOE
The Hacker News
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms
FOE
The Register (Security)
Payroll pirates are conning help desks to steal workers' identities and redirect paychecks
FRIEND
BrightTALK InfoSec
Scaling Digital Credentials: The Fast Evolving Landscape of mDL
FOE
Schneier on Security
Prompt Injection Via Road Signs
FOE
The Register (Security)
Notepad's new Markdown powers served with a side of remote code execution
FOE
The Hacker News
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
FOE
The Hacker News
Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days
FOE
The Hacker News
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
FOE
The Register (Security)
Legacy systems blamed as ministers promise no repeat of Afghan breach
FRIEND
BrightTALK InfoSec
Modern IAM: Decentralized Solutions for Evolving Threats
FOE
The Hacker News
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
FOE
Risky Business News
Risky Bulletin: Chinese cyber-spies breached all of Singapore's telcos
FOE
Dark Reading
Asia Fumbles With Throttling Back Telnet Traffic in Region
FRIEND
Recorded Future Blog
From 27 Steps to 5: How Recorded Future Reimagined Threat Hunting with Autonomous Threat Operations
FOE
EFF Deeplinks
Open Letter to Tech Companies: Protect Your Users From Lawless DHS Subpoenas
FRIEND
EFF Deeplinks
Open Letter to Tech Companies: Protect Your Users From Lawless DHS Subpoenas
FOE
The Register (Security)
Microsoft's Valentine's gift to admins: 6 exploited zero-day fixes
FOE
The Intercept (Privacy)
Americans Want Accountability With the Epstein Files. Elites Couldn’t Care Less.
FOE
Dark Reading
SolarWinds WHD Attacks Highlight Risks of Exposed Apps
FOE
Krebs on Security
Patch Tuesday, February 2026 Edition
FOE
Dark Reading
In Bypassing MFA, ZeroDayRAT Is 'Textbook Stalkerware'
FRIEND
EPIC
EPIC Joins EFF, Others Urging California to Block Federal Agencies’ Covert ALPRs in New Letter
FOE
EFF Deeplinks
No One, Including Our Furry Friends, Will Be Safer in Ring's Surveillance Nightmare
FOE
EFF Deeplinks
No One, Including Our Furry Friends, Will Be Safer in Ring's Surveillance Nightmare
FOE
Dark Reading
Microsoft Patches 6 Actively Exploited Zero-Days
FRIEND
EPIC
Maine House Passes Strong Privacy Bill
FOE
Ars Technica (Security)
Windows' original Secure Boot certificates expire in June—here's what you need to do
FOE
The Register (Security)
AI agents spill secrets just by previewing malicious links
FOE
The Hacker News
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies
FOE
EFF Deeplinks
Coalition Urges California to Revoke Permits for Federal License Plate Reader Surveillance
FRIEND
EFF Deeplinks
Coalition Urges California to Revoke Permits for Federal License Plate Reader Surveillance
FRIEND
EFF Deeplinks
Speaking Freely: Yazan Badran
FOE
Dark Reading
OT Attacks Get Scary With 'Living-off-the-Plant' Techniques
FOE
The Hacker News
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
FOE
The Hacker News
From Ransomware to Residency: Inside the Rise of the Digital Parasite
FRIEND
The Register (Security)
Singapore spent 11 months booting China-linked snoops out of telco networks
FOE
The Hacker News
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
FOE
Schneier on Security
AI-Generated Text and the Detection Arms Race
FOE
CISA Alerts
Barriers to Secure OT Communication: Why Johnny Can’t Authenticate
FOE
CISA Alerts
CISA Adds Six Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps
FOE
CISA Alerts
ZOLL ePCR IOS Mobile Application
FOE
CISA Alerts
AVEVA PI Data Archive
FOE
CISA Alerts
AVEVA PI to CONNECT Agent
FOE
CISA Alerts
ZLAN Information Technology Co. ZLAN5143D
FOE
CISA Alerts
Yokogawa FAST/TOOLS
FRIEND
The Hacker News
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
FOE
The Register (Security)
Nearly 17,000 Volvo staff dinged in supplier breach
FOE
The Hacker News
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
FOE
The Register (Security)
British Army splashes $86M on AI gear to speed up the battlefield kill chain
FOE
Sophos News
Malicious use of virtual machine infrastructure
FOE
The Hacker News
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
FRIEND
Sophos News
From Security Operations to Security Leadership: Sophos CISO Advantage
FRIEND
Sophos News
Sophos Workspace Protection Enables Safe GenAI Adoption
FRIEND
Sophos News
Sophos AI Agents: Accelerating MDR and Powering the Agentic SOC
FOE
Sophos News
Threat Intelligence Executive Report – Volume 2025, Number 6
FRIEND
Dark Reading
TransUnion's Real Networks Deal Focuses on Robocall Blocking
FOE
EFF Deeplinks
EFFecting Change: Get the Flock Out of Our City
FRIEND
EFF Deeplinks
EFFecting Change: Get the Flock Out of Our City
FRIEND
EFF Deeplinks
The Internet Still Works: Yelp Protects Consumer Reviews
FRIEND
EFF Deeplinks
The Internet Still Works: Yelp Protects Consumer Reviews
FOE
Dark Reading
Warlock Gang Breaches SmarterTools Via SmarterMail Bugs
FOE
The Register (Security)
Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how
FRIEND
EFF Deeplinks
The Internet Still Works: Wikipedia Defends Its Editors
FOE
Dark Reading
TeamPCP Turns Cloud Infrastructure Into Crime Bots
FOE
Dark Reading
'Reynolds' Bundles BYOVD With Ransomware Payload
FRIEND
EFF Deeplinks
On Its 30th Birthday, Section 230 Remains The Lynchpin For Users’ Speech
FRIEND
EFF Deeplinks
RIP Dave Farber, EFF Board Member and Friend
FRIEND
EFF Deeplinks
RIP Dave Farber, EFF Board Member and Friend
FOE
The Register (Security)
More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster
FOE
Dark Reading
What Organizations Need to Change When Managing Printers
FOE
The Hacker News
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
FRIEND
EFF Deeplinks
Op-ed: Weakening Section 230 Would Chill Online Speech
FOE
The Register (Security)
Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks
FOE
The Hacker News
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
FRIEND
The Register (Security)
Taiwan tells Uncle Sam its chip ecosystem ain't going anywhere
FOE
The Hacker News
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
FOE
The Register (Security)
How the GNU C Compiler became the Clippy of cryptography
FOE
Schneier on Security
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days
FRIEND
The Register (Security)
Follow the money: Switzerland remains Europe's top destination for tech pay
FRIEND
The Hacker News
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
FOE
The Hacker News
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
FOE
The Register (Security)
European Commission probes intrusion into staff mobile management backend
FOE
The Hacker News
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
FOE
The Hacker News
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
FRIEND
The Register (Security)
Indian police commissioner wants ID cards for AI agents
FOE
Risky Business News
Risky Bulletin: SmarterTools hacked via its own product
FOE
The Register (Security)
Telcos aren't saying how they fought back against China's Salt Typhoon attacks
FRIEND
The Hacker News
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
FRIEND
The Register (Security)
Study confirms experience beats youthful enthusiasm
FOE
The Hacker News
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
FOE
Ars Technica (Security)
Malicious packages for dYdX cryptocurrency exchange empties user wallets
FRIEND
Schneier on Security
Friday Squid Blogging: Squid Fishing Tips
FRIEND
EPIC
South Carolina Becomes Fifth State to Enact an Age-Appropriate Design Code
FOE
The Register (Security)
Flickr emails users about data breach, pins it on third party
FOE
The Register (Security)
DDoS deluge: Brit biz battered as botnet blitzes break records
FRIEND
Dark Reading
'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption
FOE
Dark Reading
Shai-hulud: The Hidden Costs of Supply Chain Attacks
FOE
Dark Reading
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult
FOE
The Hacker News
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
FRIEND
The Register (Security)
Ad blocking is alive and well, despite Chrome's attempts to make it harder
FOE
Risky Business News
Risky Bulletin: Denmark recruits hackers for offensive cyber operations
FOE
The Register (Security)
OpenClaw reveals meaty personal information after simple cracks
FRIEND
EFF Deeplinks
Yes to the “ICE Out of Our Faces Act”
FRIEND
EFF Deeplinks
Yes to the “ICE Out of Our Faces Act”
FOE
Dark Reading
EnCase Driver Weaponized as EDR Killers Persist
FOE
Dark Reading
Agentic AI Site 'Moltbook' Is Riddled With Security Risks
FRIEND
Dark Reading
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
FOE
The Register (Security)
Substack says intruder lifted emails, phone numbers in months-old breach
FRIEND
EPIC
PRESS RELEASE: EPIC Publishes Model Bill to Protect Minors from Online Harms and Promote Safer Platform Design
FRIEND
Dark Reading
Cyber Success Trifecta: Education, Certifications & Experience
FOE
CISA Alerts
CISA Adds Two Known Exploited Vulnerabilities to Catalog
FOE
CISA Alerts
Hitachi Energy FOX61x
FOE
CISA Alerts
o6 Automation GmbH Open62541
FOE
CISA Alerts
Hitachi Energy XMC20
FOE
CISA Alerts
Ilevia EVE X1 Server
FOE
Dark Reading
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis
FRIEND
Risky Business News
Srsly Risky Biz: Google's Cyber Disruption Unit Kicks Its First Goal
FRIEND
EFF Deeplinks
Protecting Our Right to Sue Federal Agents Who Violate the Constitution
FOE
Ars Technica (Security)
Microsoft releases urgent Office patch. Russian-state hackers pounce.
FRIEND
EFF Deeplinks
Smart AI Policy Means Examining Its Real Harms and Benefits
NEUTRAL
EFF Deeplinks
Smart AI Policy Means Examining Its Real Harms and Benefits
FOE
Dark Reading
Ransomware Gang Goes Full 'Godfather' With Cartel
FOE
Dark Reading
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
FOE
Dark Reading
Attackers Use Windows Screensavers to Drop Malware, RMM Tools
FRIEND
Privacy International
Card game about technology, data, and elections [ES]
FRIEND
Dark Reading
Extra Extra! Announcing DR Global Latin America
FOE
Dark Reading
Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations
FOE
Dark Reading
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil
FOE
Risky Business News
Risky Bulletin: Plone CMS stops supply-chain attack
FOE
Recorded Future Blog
Rublevka Team: Anatomy of a Russian Crypto Drainer Operation
FOE
Sophos News
Malicious use of virtual machine infrastructure
FOE
Dark Reading
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
FOE
Dark Reading
GlassWorm Malware Returns to Shatter Developer Ecosystems
FOE
Dark Reading
AI May Supplant Pen Testers, But Oversight & Trust Are Not There Yet
FRIEND
EPIC
Virginia Senate Passes Bill Banning Sale of Precise Location Data
FOE
Ars Technica (Security)
The rise of Moltbook suggests viral AI prompts may be the next big security threat
FOE
EPIC
The Minnesota Star Tribune: Why the Trump administration keeps asking for Minnesota’s welfare data
FRIEND
EPIC
Inside AI Policy: Washington state lawmakers to consider controversial automated decision-making bill
FOE
Ars Technica (Security)
Notepad++ users take note: It's time to check if you're hacked
FOE
Krebs on Security
Please Don’t Feed the Scattered Lapsus ShinyHunters
FOE
Risky Business News
Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal"
FRIEND
Recorded Future Blog
Autonomous Threat Operations in action: Real results from Recorded Future’s own SOC team | Recorded Future
