Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams.

CERT-In says internet-facing or critical systems should be patched, mitigated, or cut off within half a day where feasible

Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container...

Wir haben Hinweise darauf, dass die Ransomware-Gruppe Qilin Initial Access von Akteur:innen der ZipLine-Phishing-Kampagne erwirbt und für eigene Verschlüsselungs- und Erpressungsoperationen...

The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Lots of interesting statistics. Press release. News articles.

Talos researchers find 4 heap-based buffer overflow vulnerabilities in MediaArea's MediaInfoLib.

Make your mark on the call-for-proposal platform

Artificial intelligence (AI) is changing the shape of the application attack surface. A traditional application assessment usually starts with familiar questions, such as:

Wiz CIRT and Wiz Research detail JINX-0164, a threat actor using LinkedIn social engineering, custom macOS malware, and CI/CD hijacking to target cryptocurrency organizations.

CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of...

Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a revised schedule for virtual town hall meetings on... The post CISA sets June town hall meetings on CIRCIA cyber...

The U.S. National Institute of Standards and Technology (NIST) released Special Publication 800-238, the FY 2025 Annual Report... The post NIST FY2025 report highlights cybersecurity and privacy...

Football fans are increasingly targeted by scams exploiting club loyalty, national teams, football collectibles, streaming demand, and the growing excitement around the FIFA World Cup 2026,...

Tenable Research has developed a graph-based model linking 600+ threat groups to real-world customer exposures. It reveals which vulnerabilities sit at the intersection of severity, active...

How Wiz helps organizations adopt an AI Operating Model for AI Threat Readiness

CERT Polska has received a report about 3 vulnerabilities (CVE-2026-35087, CVE-2026-35089 and CVE-2026-35090) found in Slican telephone exchanges software.

EvidenceForge generates high-quality, realistic, and consistent datasets across multiple log formats, enabling teams to effectively train personnel and validate detection models without the need...

Strong Active Directory passwords don't have to come at the expense of usability. Specops Software explains how passphrases, breached password protection, and self-service resets can improve...

The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana...

Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe.

New solution reduces exposure to actively exploited vulnerabilities in minutes by turning intelligence into immediate protection across primary attack paths Disrupts AI-powered exploit-

The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]

India’s national cyber response agency released a new blueprint warning that artificial intelligence is rapidly reshaping the cyber... The post CERT-In warns AI-assisted adversaries amplifying...

The Federal Bureau of Investigation (FBI) disclosed that about 25 ransomware groups used a criminal VPN service known... The post FBI links First VPN Service to ransomware gangs, botnets, criminal...

The Huntress SOC recently came across two incidents involving The Gentlemen ransomware, an operation that first emerged in mid-2025 and has been very active since then, with Ransomware.live...

NightSpire is a ransomware family first identified in early 2025 using double extortion, stealing files before encryption and threatening to leak them on a Tor-based site if victims refuse to pay....

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end...

In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group. After the ransom deadline passed, the group publicly...

The Dutch National Police arrested a 35-year-old man suspected of hacking the professional football club Ajax Amsterdam (AFC Ajax) earlier this year. [...]