How Threat Hunting and “Good” Metrics Help The Business
A threat hunting program backed by the right metrics and proper documentation of hunts can reduce breach costs and, in the event of a breach,…
Latest Cybersecurity News — Page 141
View all →
The key of AI: How Agentic Tuning can make your detection strategy sing
Stop me if you’ve heard this one before: security alerts can be noisy. Mostly, these noisy alerts are communicating information that is, on average, important…
Refining your HTTP perspective, with bambdas
When you open a HTTP request or response, what do you instinctively look for? Suspicious parameter names? CORS headers? Some clue as to the request’s…
Critical ExifTool Vulnerability Allows Malicious Images to Execute Code on macOS
Many users believe macOS is inherently resistant to malware, but a newly discovered vulnerability proves otherwise. Kaspersky’s Global Research and Analysis Team (GReAT) recently uncovered…
Product Showcase: Fing Desktop puts network visibility on your screen
Phones, laptops, smart TVs, cameras, and smart home equipment all use the same network. Knowing what’s connected helps users manage performance and security. Fing Desktop…
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Ravie LakshmananMar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean…
Ring’s Jamie Siminoff has been trying to calm privacy fears since the Super Bowl, but his answers may not help
When Ring founder and CEO Jamie Siminoff decided to use the company’s first-ever Super Bowl commercial to introduce Search Party — an AI-powered feature that…
Born to bypass MFA: Taking down Tycoon 2FA
Key takeaways The Tycoon 2FA phishing-as-a-service (PhaaS) platform has been widely used in phishing attacks that bypass multifactor authentication (MFA) protections in credential-harvesting campaigns at…
ChatGPT in your inbox? Investigating Entra apps that request unexpected permissions
{ "TenantId": "52672484-b4e1-402d-934c-a8e2fd9b05d1", "SourceSystem": "Azure AD", "TimeGenerated": "2025-12-02T20:22:16.1185371Z", "ResourceId": "/tenants/747930ee-9a33-43c0-9d5d-470b3fb855e7/providers/Microsoft.aadiam", "OperationName": "Add service principal", "OperationVersion": "1.0", "Category": "ApplicationManagement", "ResultType": "", "ResultSignature": "None", "ResultDescription": "", "DurationMs":…
onwebkitplaybacktargetavailabilitychanged?! New exotic events in the XSS cheat sheet
The power of our XSS cheat sheet is we get fantastic contributions from the web security community and this update is no exception. We had…
CISA Alerts Users to Actively Exploited Vulnerabilities Impacting macOS and iOS
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three actively exploited vulnerabilities affecting multiple Apple platforms. On March 5, 2026,…
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
Ravie LakshmananMar 02, 2026Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor…