PyPI Warns Users of Fresh Phishing Campaign
The Python Package Index (PyPI), the default platform for Python’s package management tools, is warning users of a fresh phishing...
Read more →News Archive
View All →
AI agents building security tests
The Detectify AI Agent Alfred fully automates the creation of security tests for new vulnerabilities, from research to a merge...
Read more →![[tl;dr sec] #298 - Good CISO / Bad CISO, AWS Infra Canarytokens, Protect Yourself from Compromised NPM Packages](https://cybernoz.com/wp-content/uploads/2025/09/tldr-sec-298-Good-CISO-Bad-CISO-AWS-360x270.png "[tl;dr sec] #298 - Good CISO / Bad CISO, AWS Infra Canarytokens, Protect Yourself from Compromised NPM Packages 6")
[tl;dr sec] #298 – Good CISO / Bad CISO, AWS Infra Canarytokens, Protect Yourself from Compromised NPM Packages
How to be an effective CISO, deploy decoy assets that fit in to your AWS environment, tips and tools to...
Read more →
How secure are passkeys, really? Here’s what you need to know
We’ve known for a long time that passwords have their flaws. Whether it’s phishing, brute force, or dictionary attacks, password-based...
Read more →
New BRICKSTORM Stealthy Backdoor Attacking Tech and Legal Sectors
BRICKSTORM has surfaced as a highly evasive backdoor targeting organizations within the technology and legal industries, exploiting trust relationships to...
Read more →
Volvo Group Reports Data Breach Following Ransomware Attack on HR Vendor
Volvo Group has disclosed that a recent ransomware attack on its human resources software provider, Miljödata, may have resulted in unauthorized access...
Read more →
Government might support Jaguar Land Rover supply chain to mitigate cyber attack impact
The government is looking at ways to lessen the impact of the August 2025 cyber attack on Jaguar Land Rover’s...
Read more →
Black Hat USA 2025 CISO Podcast Series Episode 10 LIVE
The CISO Podcast Series returns with its much-anticipated Episode 10, filmed live at Black Hat USA 2025, and it’s one...
Read more →
Perspective: Why Politics in the Workplace is a Cybersecurity Risk
When I first started working, politics was intentionally kept out of the workplace, regardless of how strongly different people may...
Read more →
Contain or be contained: The security imperative of controlling autonomous AI
Artificial intelligence is no longer a future concept; it is being integrated into critical infrastructure, enterprise operations and security missions...
Read more →
Microsoft will offer free Windows 10 security updates in Europe
Microsoft will offer free extended security updates for Windows 10 users in the European Economic Area (EEA), which includes Iceland,...
Read more →
SetupHijack Tool Exploits Race Conditions and Insecure File Handling in Windows Installer Processes
SetupHijack, an open-source research utility, has emerged as a powerful method for red teaming and security research by targeting race...
Read more →