Why better tech hasn’t solved code security, growing up in the industry, and when goofing around turns into a Senate invite

Explore the latest trends, techniques, and procedures (TTPs) our incident response (IR) experts are actively facing with the TTP Briefing Q4 2025, a report built on frontline threat intelligence...

The U.S. military last year digitally disrupted Iranian air missile defense systems as part of a coordinated operation to destroy the country’s nuclear program, according to several U.S....

A data breach involving Town of Vienna, VA was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving Land Betterment was reported on February 3. 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving Powerhouse was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving Nemrt was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving Nemrt was reported in February 2026. See incident details, impact on customers, and recommended security measures.

Rome's "La Sapienza" university has been targeted by a cyberattack that impacted its IT systems and caused widespread operational disruptions at the educational institute. [...]

Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users. Notepad++ said that officials with the unnamed provider hosting the update...

CERT Polska has received a report about 2 vulnerabilities (CVE-2026-23796 and CVE-2026-23797) found in Quick.Cart software.

Right on cue, petulant hacktivists attempt to disrupt yet another global sporting event Italy's foreign minister says the country has already started swatting away cyberattacks from Russia...

A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The...

Introduction France has released its National Cybersecurity Strategy for 2026-2030, and the document reveals an ambitious vision that extends far beyond traditional defense postures. Under the...

Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack...

Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants.

In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155. The post The Shadow Campaigns: Uncovering Global Espionage appeared first on Unit 42.

Businesses still chase the cheapest option, but politics and licensing shocks are changing priorities, says OpenNebula Interview Sovereignty remains a hot topic in the tech industry, but...

BYOVD component included in ransomware payload itself, rather than as a separate tool.

Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it...

Read about the top zero-day exploits in 2025 and the lessons learned, with analysis from Outpost24’s threat intelligence team. The post Lessons From 2025: Zero-Day Exploitation Shaping 2026...

Conpet, Romania's national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company's website on Tuesday. [...]

A newly disclosed critical vulnerability, tracked as CVE-2026-25049, in the workflow automation platform n8n, allows authenticated users to execute arbitrary system commands on the underlying...

We analyze the recent Stan Ghouls campaign targeting organizations in Russia and Uzbekistan: Java-based loaders, the NetSupport RAT, and a potential interest in IoT.

From school districts to state agencies, 2025 cyber incidents were a wake-up call about asset visibility. Discover five actionable lessons SLG leaders can use to close the cyber exposure gap and...

From school districts to state agencies, 2025 cyber incidents were a wake-up call about asset visibility. Discover five actionable lessons SLG leaders can use to close the cyber exposure gap and...

It's a threat straight out of sci-fi, and fiendishly hard to detect Sleeper agent-style backdoors in AI large language models pose a straight-out-of-sci-fi security threat.…

Picks chap who used to lead Redmond’s security, lures replacement from Google Microsoft CEO Satya Nadella has decided Microsoft needs an engineering quality czar, and shifted Charlie Bell, the...

Harvard University and the University of Pennsylvania (UPenn) have more in common than just being Ivy League universities. Both suffered data breaches involving donor information, and their stolen...

In January 2026, the automated investment platform Betterment confirmed it had suffered a data breach attributed to a social engineering attack. As part of the incident, Betterment customers...