A Day in the Life of a Threat Analyst
As a UK member of the Threat Operations team, I have the immense pleasure of working with colleagues in the USA and Australia. When we…
Author: Cybernoz
Pentest Agent Suite – Autonomous Bug Bounty Framework for Claude Code and 6 AI Coding Tools
A fully autonomous bug-bounty framework called Pentest Agent Suite has been open-sourced, delivering 50 specialized security agents, 26 slash commands, 19 CLI tools, and a…
Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches
A threat actor is advertising what they describe as a massive database containing information linked to hundreds of millions of OnlyFans users, including creators and…
Typosquatting Is No Longer a User Problem. It’s a Supply Chain Problem
AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here’s why your current stack can’t see them, and what…
CBA’s DevOps agent is helping on-call engineers on 2am wake-up duty
The Commonwealth Bank is having an AWS ‘frontier’ AI agent work simultaneously alongside its engineers who are on on-call support rotation with the express aim…
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog Pierluigi Paganini May 24, 2026 The U.S. Cybersecurity and Infrastructure Security…
How Huntress Can Complement—Not Complicate—Your Security Stack
There’s a common misconception in cybersecurity that more = better. Many businesses often flock to buy additional tools or add on more layers in hopes…
Agent AI is Coming. Are You Ready?
The Hacker NewsMay 20, 2026Identity Security / Enterprise Security New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results…
Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini May 24, 2026 A new round of the weekly Security Affairs newsletter…
One Year Later | Huntress
It’s hard to believe, but it’s been a year since the Colonial Pipeline ransomware attack. In case your memory’s fuzzy, this was the incident that…
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The…
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Ravie LakshmananMay 21, 2026Web Security / Vulnerability Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited…