The 20 Coolest Web, Email And Application Security Companies Of 2026: The Security 100
From AI-powered vendors protecting email inboxes and web browsers, to providers of modern code security, here’s a look at 20 key companies in web, email…
Latest Cybersecurity News — Page 146
View all →
I pretended to be an AI agent on Moltbook so you don’t have to
I went undercover on Moltbook, the AI-only social network, masquerading as a bot. Instead of deep bot-to-bot conversations, I found spam, scams, and serious security…
Stealing HttpOnly cookies with the cookie sandwich technique
In this post, I will introduce the “cookie sandwich” technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from…
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It’s advertised…
Poor WA gov M365 security led to $71k theft and children’s data breached
A data breach that leaked personal information on minors, and invoice fraud resulting in the theft of $71,000 from Western Australian government entities can be…
Silver Bullet for High Processor Usage Issues
I. Introduction Is your computer as hot as a frying pan full of boiling oil due to high CPU consumption issues? Have you searched the…
Europol: Großer Markt für gestohlene Daten geschlossen
«Plattformen dieser Art sind der Motor für Cyberkriminalität», teilte die Amsterdamer Polizei mit. Die Cybercrime-Experten warnten auch, dass gestohlene Daten immer wieder weiterverkauft und für…
There’s a rash of scam spam coming from a real Microsoft address
There are reports that a legitimate Microsoft email address—which Microsoft explicitly says customers should add to their allow list—is delivering scam spam. The emails originate…
CVE-2026-1731: Finding a critical RCE in an age of AI-driven vulnerability research
Introduction CVE-2026-1731 is an operating system (OS) command injection vulnerability impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) software. These products are critical…
Why strong auth could fail at SaaS session integrity
As security professionals, we have spent the better part of a decade building the ultimate digital fortress. We deployed FIDO2, phishing-resistant multifactor authentication (MFA), implemented…
Bypassing character blocklists with unicode overflows
Unicode codepoint truncation – also called a Unicode overflow attack – happens when a server tries to store a Unicode character in a single byte.…
AI Agents: The Next Wave Identity Dark Matter
The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real…