The password problem we keep pretending to fix

Experts across industries say they are still losing ground against identity-related breaches, even after years of investment in stronger access controls, according to RSA. Many said their organizations had... Read more »

ImmuniWeb Expands discovery with ASM and Dark web packages

On top of several new free tools launched during the summer, ImmuniWeb released over 500 updates, improvements, new features, and integrations across all our products in Q3, including ImmuniWeb... Read more »

Qilin Ransomware announced new victims

Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore the... Read more »

A sophisticated nation-state actor breached F5 systems, stealing BIG-IP source code and data on undisclosed flaw

F5 disclosed that a sophisticated nation-state actor breached its systems, stealing BIG-IP source code and data on undisclosed product vulnerabilities. Cybersecurity firm F5 disclosed that a highly sophisticated nation-state... Read more »

How Attackers Bypass Synced Passkeys

TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the... Read more »

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info

US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security... Read more »

200,000 Linux systems from Framework are shipped with signed UEFI components vulnerable to Secure Boot bypass

About 200K Linux systems from Framework shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. Firmware security company Eclypsium warns that about 200,000... Read more »

Human Risk Report Reveals Overconfidence in Phishing Defenses

Arctic Wolf’s annual Human Risk Behavior Snapshot surveyed more than 1,700 IT leaders and end users worldwide. The post Human Risk Report Reveals Overconfidence in Phishing Defenses appeared first... Read more »

Instagram Goes PG-13 as Meta Reshapes Teen Safety and AI Content Rules

Instagram now defaults teen accounts to PG-13 settings, limiting mature posts and AI content for a safer, regulated social experience. The post Instagram Goes PG-13 as Meta Reshapes Teen... Read more »

Harmonic Security targets AI data risks with Model Context Protocol Gateway

Harmonic Security announced Model Context Protocol (MCP) Gateway, a developer-friendly, locally installed gateway that gives security teams complete visibility and control over their organization’s agentic AI ecosystem. The solution... Read more »
Subscribe to our Newsletter