IT and security teams are increasingly spending more on security awareness training (SAT). But is this investment improving SAT effectiveness? Our latest research report, Mind…
Microsoft has disclosed a critical zero-day vulnerability in SQL Server that allows authenticated attackers to escalate their privileges to the highest administrative level on affected…
CVE-2025-55182 Intelligence Card c/o Recorded Future There are now multiple publicly available exploit scripts (I forked one on GitHub here) for the React and Next.js…
Executive summary Since the inception of ClickFix last year, this malicious copy-and-paste technique has become an initial access vector of choice for threat actors looking…
Happy Cybersecurity Awareness Month to all who observe. There have now been 21 years of this momentous occasion. Twenty-one years! Old enough to buy…
A “widespread” technology issue with the online platform used for NAPLAN standardised testing has forced schools to pause tests on the first day. Around 1.4…
Key Points Iran-linked actors are increasingly engaging with the cyber crime ecosystem. Their activity suggests a growing reliance on criminal tools, services, and operational models…
Cloudflare Turnstile challenges leading to MetaStealer. Deepfake meetings impersonating company executives, which trick employees into downloading malicious extensions. Exposed ASP.NET machine keys that open the…
Ivanti has issued a security update for its Desktop and Server Management (DSM) software, addressing a high-severity vulnerability that could allow a local authenticated attacker…
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day”…
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs Pierluigi Paganini March 10, 2026 Microsoft Patch Tuesday security updates for March 2026 addressed…
Satnam Narang, senior staff research engineer at Tenable, commented on the fix for Azure Model Context Protocol (MCP) tools. “This bug is a server-side request…
