We are happy to announce the General Availability of Cloudflare Log Explorer, a powerful product designed to bring observability and forensics capabilities directly into your Cloudflare dashboard.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has...

A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about the active exploitation of a critical Linux kernel vulnerability, officially listed as CVE-2023-0386. The...

Let's break down eight attack patterns security teams should be watching in 2025.

ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest

The Israel-Iran conflict that began with Israeli attacks on Iranian nuclear and military targets on June 13 has sparked a wider cyber conflict in the region, including the launch of new malware...

Cato CTRL uncovers new WormGPT variants powered by jailbroken Grok and Mixtral. Learn how cybercriminals jailbreak top LLMs for uncensored, illegal activities in this latest threat research.

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security...

Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols. [...]

A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens,...

Iran has throttled internet access in the country in a purported attempt to hamper Israel's ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on...

The new Cyber Growth Action Plan aims to support the UK’s cyber industry, including the development of innovative new technologies and startups

In this sixth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three recommendations that you can quickly roll out to help you expedite, prioritize and fine-tune...

The group positions itself “not just as a ransomware group, but as a full-service cybercrime platform”, according to Cybereason

Attackers are increasingly hiding in plain sight, using the same tools IT and security teams rely on for daily operations. This blog breaks down common techniques and provides recommendations to defenders.

Phishing has evolved—and trust is the new attack vector. ChainLink Phishing uses real platforms like Google Drive & Dropbox to sneak past filters and steal credentials in the browser. Watch Keep...

Learn how the North Korean-aligned Famous Chollima is using the a new Python-based RAT, "PylangGhost," to target cryptocurrency and blockchain jobseekers in a campaign affecting users primarily in India.

AI tools can help attackers to develop and launch more attacks, more frequently, and to make these attacks more evasive, convincing and targeted. But to what extent are they doing these things?

CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges. [...]

Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack. [...]

A new report from Virtual Routes highlights that many critical infrastructure entities across Europe remain ill-prepared to defend... The post Virtual Routes highlights Europe’s water systems...

MITRE announced on Monday that it has commercialized its intellectual property for Cyber SEAL to Highway Ventures to... The post MITRE transfers Cyber SEAL to startup to tackle critical threats,...

The U.S. Department of State is offering up to US$10 million for information on a hacker operating under... The post US offers $10 million for intel on Iran-linked hacker in ICS malware campaign...

Sensitive data and secrets are leaking. How cloud security leaders can shut them down.Despite the billions of dollars organizations are investing in cybersecurity, one of the most preventable...

Payment processor Paddle has agreed to settle with the FTC over allegations related to tech support scams

BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated attackers gain remote...

Rohan summarized a research paper about the effects of LLMs and Google on brain usage alongside effectiveness. The study took people in three situations when writing essays: brain only, Google +...

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. [...]

Work management platform Asana is warning users of its new Model Context Protocol (MCP) feature that a flaw in its implementation potentially led to data exposure from their instances to other...