Cyber Due Diligence
Can a Global, Decentralized System Save CVE Data?
As vulnerabilities in the Common Vulnerabilities and Exposures ecosystem pile up, one Black Hat Europe presenter hopes for a global, di...
Iran-Nexus Threat Actor UNC1549 Takes Aim at Aerospace
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain,...
How We Ditched the SaaS Status Quo for Time-Series Telemetry
Free the logs! Behind the scenes at InfluxData, which turned to its own in-house security monitoring platform, DiSCO, to protect its su...
Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed ...
Bug Bounty Programs Rise as Key Strategic Security Solutions
Bug bounty programs create formal channels for organizations to leverage external security expertise, offering researchers legal protec...
New Startup Mate Launches With AI-Driven Security Operations Platform
Security teams can combat alert fatigue, high rates of false positives, and reduce time spent on manual data collection with Mate's SOC...
Critical Fortinet FortiWeb WAF Bug Exploited in the Wild
The vulnerability could allow an unauthenticated attacker to remotely execute administrative commands.
US Citizens Plead Guilty to Aiding North Korean IT Worker Campaigns
Four individuals admitted to assisting foreign IT workers in gaining employment at US companies by providing false identities and remot...
Cursor Issue Paves Way for Credential-Stealing Attacks
Researchers discovered a security weakness in the AI-powered coding tool that allows malicious MCP server to hijack Cursor's internal b...
Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs
The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant s...