Turning expertise into opportunity for women in cybersecurity
Speaker diversity in cybersecurity has been a talking point for over a decade, with panels, pledges, and dedicated conference tracks failing to produce change. Stages…
Month: March 2026
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence…
PQC roadmap remains hazy as vendors race for early advantage
“We do hear of HNDL attacks, where conventionally encrypted content is no longer discarded but retained by criminals, who are seeing the (quantum) developments as…
How Threat Hunting and “Good” Metrics Help The Business
A threat hunting program backed by the right metrics and proper documentation of hunts can reduce breach costs and, in the event of a breach,…
The key of AI: How Agentic Tuning can make your detection strategy sing
Stop me if you’ve heard this one before: security alerts can be noisy. Mostly, these noisy alerts are communicating information that is, on average, important…
Refining your HTTP perspective, with bambdas
When you open a HTTP request or response, what do you instinctively look for? Suspicious parameter names? CORS headers? Some clue as to the request’s…
Critical ExifTool Vulnerability Allows Malicious Images to Execute Code on macOS
Many users believe macOS is inherently resistant to malware, but a newly discovered vulnerability proves otherwise. Kaspersky’s Global Research and Analysis Team (GReAT) recently uncovered…
Product Showcase: Fing Desktop puts network visibility on your screen
Phones, laptops, smart TVs, cameras, and smart home equipment all use the same network. Knowing what’s connected helps users manage performance and security. Fing Desktop…
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Ravie LakshmananMar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean…
Ring’s Jamie Siminoff has been trying to calm privacy fears since the Super Bowl, but his answers may not help
When Ring founder and CEO Jamie Siminoff decided to use the company’s first-ever Super Bowl commercial to introduce Search Party — an AI-powered feature that…
Born to bypass MFA: Taking down Tycoon 2FA
Key takeaways The Tycoon 2FA phishing-as-a-service (PhaaS) platform has been widely used in phishing attacks that bypass multifactor authentication (MFA) protections in credential-harvesting campaigns at…
ChatGPT in your inbox? Investigating Entra apps that request unexpected permissions
{ "TenantId": "52672484-b4e1-402d-934c-a8e2fd9b05d1", "SourceSystem": "Azure AD", "TimeGenerated": "2025-12-02T20:22:16.1185371Z", "ResourceId": "/tenants/747930ee-9a33-43c0-9d5d-470b3fb855e7/providers/Microsoft.aadiam", "OperationName": "Add service principal", "OperationVersion": "1.0", "Category": "ApplicationManagement", "ResultType": "", "ResultSignature": "None", "ResultDescription": "", "DurationMs":…