Exploited Google Chrome zero-days added to US must-patch list
Two new serious vulnerabilities in the world’s most popular web browser, Google Chrome, are under attack at the moment and should be patched as soon…
Month: March 2026
7,500+ Magento sites defaced in global hacking campaign
7,500+ Magento sites defaced in global hacking campaign Pierluigi Paganini March 20, 2026 Hackers defaced 7,500 Magento sites since Feb 27, uploading files across 15,000…
Claude Code Hacking Skills Video · Joseph Thacker
Hey y’all, Very short post today. This video below went live yesterday. It’s one of my favorite episodes we’ve ever done on the podcast I…
US, allies move to dismantle four high-volume IoT botnets
The armies of hacked computers and internet of things gadgets powered disruption and extortion campaigns that sometimes cost victims tens of thousands of dollars. Source…
FBI, CISA issue PSA on Russian intelligence campaign to target messaging apps
Russian intelligence-affiliated hackers have gained access to thousands of users’ messaging apps with a global phishing campaign, the FBI and the Cybersecurity and Infrastructure Security…
Letting information flow can flush out cybersecurity problems
There have already been some reported attacks. In October 2024, American Water was hit by a cyber-attack that meant that the company could no longer…
A French Navy officer accidentally leaked the location of an aircraft carrier by logging his run on Strava
A French Navy officer went for a run on the deck of the Charles de Gaulle aircraft carrier and uploaded his workout to Strava, inadvertently…
Widely used Trivy scanner compromised in ongoing supply-chain attack
Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences…
CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents
Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence (CTI) into validated detections. Instead of measuring “CTI…
Untold Tales from Tactical Response
Security professionals are constantly ingesting threat reports, write-ups, and blogs on various defensive and offensive techniques. These include detailed write-ups on actual intrusions. Here, we’d…
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security update to fix a critical…
Anthropic Launches Projects Feature for Claude Cowork Desktop
Anthropic is expanding Claude Cowork Desktop with a new Projects feature designed to keep files, instructions, and task context organized inside a single workspace. For…