2025-05-06
Rapid7
Key Takeaways from the Take Command Summit 2025: From Zero to Hero: Building the Perfect Defense
SpiderLabs
Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities
Malwarebytes
“Your privacy is a promise we don’t break”: Dating app Raw exposes sensitive user data
Talos Intelligence
Proactive threat hunting with Talos IR
Elastic Security Labs
Bit ByBit - emulation of the DPRK's largest cryptocurrency heist
Datadog HQ
Datadog acquires Eppo
Hunt and Hackett
Building Stronger Defences Through Expert Partnerships
Schneier on Security
Fake Student Fraud in Community Colleges
Google Safety & Security
The latest AI news we announced in April
Google Safety & Security
6 ways Google Play helps keep you safe
The Citizen Lab
Job Opportunity: Digital Communications Specialist
Project Black
Network Segmentation Testing Guide
Ars Technica Security
Man pleads guilty to using malicious AI software to hack Disney employee
Amazon Security
Introducing the AWS Zero Trust Accelerator for Government
ReversingLabs
MIT researchers tame AI code with new controls
Dark Reading
Addressing the Top Cyber-Risks in Higher Education
Palo Alto Networks
InterSECt — The Fast Lane to a Secure Future Starts Here
2025-05-05
Malwarebytes
A week in security (April 27 – May 3)
Troy Hunt
Passkeys for Normal People
Github Security Blog
Welcome to Maintainer Month: Events, exclusive discounts, and a new security challenge
Cloudflare
Scaling with safety: Cloudflare's approach to global service health metrics and software releases
Schneier on Security
Another Move in the Deepfake Creation/Detection Arms Race
CrankySec
We're all DEVO
Ars Technica Security
Signal clone used by Trump official stops operations after report it was hacked
Ars Technica Security
Hundreds of e-commerce sites hacked in supply-chain attack
Dark Reading
AI Domination: RSAC 2025 Social Media Roundup
Dark Reading
Phony Hacktivist Pleads Guilty to Disney Data Leak
Dark Reading
How to Prevent AI Agents From Becoming the Bad Guys
Palo Alto Networks
Enhancing UK Government Operations with Emerging Technology
Microsoft Security
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
2025-05-03
2025-05-02
Kevin Beaumont
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
Troy Hunt
Weekly Update 450
Troy Hunt
The Have I Been Pwned Alpine Grand Tour
Black Lantern Security
ASP.NET Cryptography for Pentesters
Schneier on Security
Friday Squid Blogging: Pyjama Squid
Schneier on Security
Privacy for Agentic AI
Schneier on Security
NCSC Guidance on “Advanced Cryptography”
Ars Technica Security
Microsoft’s new “passwordless by default” is great but comes at a cost
Dark Reading
UK Retailers Reeling From Likely Ransomware Attacks
Dark Reading
What NY's New Security Rules Mean for Finance Firms
Dark Reading
Cut CISA and Everyone Pays for It
Krebs on Security
xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs
Searchlight Cyber
Scattered Spider Linked to Marks & Spencer Cyberattack
2025-05-01
Rapid7
AI and Resilience Take the Spotlight in 2025: Key Trends from Gartner® Cybersecurity Research
Talos Intelligence
Understanding the challenges of securing an NGO
Talos Intelligence
State-of-the-art phishing: MFA bypass
Schneier on Security
US as a Surveillance State
Offensive Security
CVE-2025-29927: Next.js Middleware Authorization Bypass
Trail of Bits
Making PyPI's test suite 81% faster
Ars Technica Security
Why MFA is getting easier to bypass and what to do about it
Amazon Security
Use an Amazon Bedrock powered chatbot with Amazon Security Lake to help investigate incidents
watchTowr Labs
SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA (CVE-2023-44221, CVE-2024-38475)
Sansec Threat Research
Backdoor found in popular ecommerce components
Dark Reading
SANS Top 5: Cyber Has Busted Out of the SOC
Dark Reading
Enterprises Need to Beware of These 5 Threats
Dark Reading
Getting Outlook.com Ready for Bulk Email Compliance
TrustedSec
Why the WAF
Searchlight Cyber
The Most Prolific Ransomware Groups to be Aware of Now
2025-04-30
Schneier on Security
WhatsApp Case Against NSO Group Progressing
Offensive Security
When AI Becomes the Weak Link: Rethinking Supply Chain Security
Trail of Bits
Insecure credential storage plagues MCP
Ars Technica Security
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Ars Technica Security
Millions of Apple Airplay-enabled devices can be hacked via Wi-Fi
ReversingLabs
Secrets leaks increase — and expand beyond the codebase
Dark Reading
Cisco Boosts XDR Platform, Splunk With Agentic AI
Dark Reading
Prolific RansomHub Operation Goes Dark
Dark Reading
Debunking Security 'Myths' to Address Common Gaps
Dark Reading
DHS Boss Noem Vows to Get CISA Back 'On Mission'
Krebs on Security
Alleged ‘Scattered Spider’ Member Extradited to U.S.
Microsoft Security
14 secure coding tips: Learn from the experts at Microsoft Build