How to build custom scanners for web security research automation
In this post, I’ll share my approach to developing custom automation to aid research into under-appreciated attack classes and (hopefully) push the boundaries of web…
Month: March 2026
Security Risk Advisors Releases Purple Perspective 2026 Report
Philadelphia, PA, United States, March 9th, 2026, CyberNewswire Security Risk Advisors (SRA) is proud to announce the release of its inaugural report, The Purple Perspective 2026.…
Security Risk Advisors Releases “The Purple Perspective 2026” Report
Philadelphia, PA, United States, March 9th, 2026, CyberNewswire Security Risk Advisors (SRA) is proud to announce the release of its inaugural report, The Purple Perspective 2026.…
Russian hackers crack into officials’ Signal and WhatsApp accounts
Russian state hackers are trying to break into Signal and WhatsApp accounts used by diplomats, military staff, and government officials worldwide, Dutch intelligence agencies warned.…
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a…
LABScon25 Replay | Hacktivism and War: A Clarifying Discussion
This LABScon talk explores how hacktivist activity is strategically leveraged by nation-states and mercenary groups to obscure intent, destabilize targets, and weaponize public narratives. SentinelLABS’…
Rising Supply Chain Attacks on Cybersecurity Ecosystems
Cybersecurity has always relied on trust. Every software update, hardware purchase, and cloud integration depends on the implicit belief that vendors will protect their customers.…
Why Password Audits Miss the Accounts Attackers Actually Want
Password audits are a standard part of most security programs. They help organizations demonstrate compliance, reduce obvious risk, and confirm that basic controls are in…
The single-packet attack: making remote race-conditions ‘local’
The single-packet attack is a new technique for triggering web race conditions. It works by completing multiple HTTP/2 requests with a single TCP packet, which…
Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threats
Iran-linked threat actors are escalating cyber operations against U.S. and allied networks, with Seedworm recently deploying new backdoors against critical infrastructure and high-value organizations amid…
Iran’s MuddyWater Hackers Target US Firms with New Dindoor Backdoor
Cyber security researchers at Threat Hunter Team say a long-running Iranian cyber espionage group has breached several U.S. organizations in a campaign that began earlier…
Quiz sites trick users into enabling unwanted browser notifications
Our support team flagged a number of customers who suspected their device might be infected with malware, but Malwarebytes scans came up empty. When the…