Validated External Risk Issues: SOC Alerts for Zero-Days
The ultimate goal of modern security is simple: removing exploitable risk before attackers can find and weaponize it. High-profile threats continually prove the importance of…
The ultimate goal of modern security is simple: removing exploitable risk before attackers can find and weaponize it. High-profile threats continually prove the importance of…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability. Tracked…
Security researchers at runZero have disclosed seven new CVEs affecting FatFs, the ubiquitous lightweight FAT/exFAT filesystem driver used across embedded and IoT ecosystems. The vulnerabilities…
Threat actors are currently exploiting sophisticated ClickFix social engineering campaigns that mimic Google and Cloudflare verification systems to distribute several high-impact malware families, including StealC,…
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as…
A dual US-Estonian citizen was extradited to the US to face charges for his alleged involvement in the activities of the infamous hacking group Scattered…
The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident Pierluigi Paganini July 03, 2026 Vercel breach happened after an employee…
Smaller leak but still dangerous Even though watchTowr was only able to leak bytes of data using this flaw, compared to kilobytes with previous CitrixBleed…
Since the discovery of Shai-Hulud 2.0 (aka sha1-hulud), Wiz Research has tracked a persistent “long tail” of infections. To date, this incident has impacted over…
A new phishing-as-a-service (PhaaS) platform dubbed “ARToken” appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed…
Scammers are hijacking trusted brand names to push people toward online casinos unrelated to those companies. Instead of building fake bank sites or phishing emails,…
Alibaba is reportedly preparing to ban the use of Anthropic’s Claude Code across its internal environments starting July 10. This decision comes in light of…