Cybersecurity

• CISA, UK NCSC, FBI Unveil Principles to Combat Cyber Risks in OT WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA), United Kingdom’s National Cyber

• Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. • Eight of the vulnerabilities earned Microsof

• Executive Summary On Dec. • 19, 2025, MongoDB publicly disclosed MongoBleed, a security vulnerability (CVE-2025-14847) that allows unauthenticated attackers to leak sensitive hea

• Executive Summary We identified vulnerabilities in three open-source artificial intelligence/machine learning (AI/ML) Python libraries published by Apple, Salesforce and NVIDIA o

• Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android T

• CISA Retires Ten Emergency Directives, Marking an Era in Federal Cybersecurity WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced the succe

• Threat Research Center Insights General Securing Vibe Coding Tools: Scaling Productivity Without Scaling Risk By:Kate MiddaghMichael Spisak Kate Middagh Michael Spisak Published:

• The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. • The vulnerability at issue has been exploited for months alrea

• KrebsOnSecurity.com celebrates its 16th anniversary today! • A huge ’thank you’ to all of our readers - newcomers, long-timers and drive-by critics alike. • Your engagement this

• Overview of the attacks In mid-2025, we identified a malicious driver file on computer systems in Asia. • The driver file is signed with an old, stolen, or leaked digital certifi

• Table of Contents Statistics across all threats Selected industries Diversity of detected malicious objects Main threat sources Threat categories Malicious objects used for initi

• Introduction The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated,

• A SIEM is a complex system offering broad and flexible threat detection capabilities. • Due to its complexity, its effectiveness heavily depends on how it is configured and what

• The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nation’s ability and willingness to address a broad spectrum o

• CISA Releases Dynamic New Guide for Stadium and Arena Owners to Fortify Operations, Mitigate Vulnerabilities and Elevate Emergency Preparedness WASHINGTON - Today, the Cybersecur

• Opening Doors to the Future: CISA Announces Participation in the CyberCorps® Scholarship for Service (SFS) WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agenc

• Direct navigation - the act of visiting a website by manually typing a domain name in a web browser - has never been riskier: A new study finds the vast majority of ‘parked’ doma

• While on Project Zero, we aim for our research to be leading-edge, our blog design was ⦠not so much. • We welcome readers to our shiny new blog! • For the occasion, we asked me

• Preface Hello from the future! • This is a blogpost I originally drafted in early 2017. • I wrote what I intended to be the first half of this post (about escaping from the VM to

• This post was originally written in 2016 for the Project Zero blog. • However, in the end it was published separately in the journal PoC||GTFO issue #13 as well as in the second

• Introduction Between July 2024 and February 2025, 6 suspicious image files were uploaded to VirusTotal. • Thanks to a lead from Meta, these samples came to the attention of Googl

• Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. • This final Patch Tuesday of 2025 tackles one zero-day

• A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian u

• Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure Actions for Operational Technology Owners and Operators to Take Today to Mitiga

• China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday s

• CISA Shares Lessons Learned from an Incident Response Engagement Advisory at a Glance Executive Summary | CISA began incident response efforts at a U.S. • federal civilian execut

• Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System Executive summary People’s Republic of China (PRC) state-sponsored cybe

• CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization Summary The Cybersecurity and Infrast

• #StopRansomware: Interlock Actions for Organizations to Take Today to Mitigate Cyber Threats Related to Interlock Ransomware Activity Prevent initial access by implementing domai

• Ransomware actors target unpatched SimpleHelp RMM to breach utility billing software provider customers. • Vulnerability CVE-2024-57727, a path traversal flaw, exploited in Simpl

• FBI & CISA issue joint advisory on LummaC2 infostealer targeting critical infrastructure. • Malware infiltrates networks, exfiltrates sensitive data via spearphishing links and a

• Russian GRU’s 85th GTsSS unit 26165 targets Western logistics and tech firms. • Campaign focuses on coordination, transport, delivery of foreign aid to Ukraine. • Uses known TTPs

• Fast flux hides malicious server locations by rapidly changing DNS records. • Enables cybercriminals and nation-state actors to evade detection and maintain C2. • Resilient, high

• Patch OS, software, firmware promptly to close known vulnerabilities across all systems. • Segment networks to limit lateral movement from infected devices and protect critical a