2026 Cloud security and AI security risk report
AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies…
Latest Cybersecurity News — Page 160
View all →
Shadow Repeater:AI-enhanced manual testing | PortSwigger Research
Have you ever wondered how many vulnerabilities you’ve missed by a hair’s breadth, due to a single flawed choice? We’ve just released Shadow Repeater, which…
The 3 Steps CISOs Must Follow
Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with…
Out of sight, out of mind with Windows Long File Names
I. INTRODUCTION One of the very important issues that red teamers and pentester always have to consider is how to keep their payloads low profile.…
LeakBase marketplace unplugged by cops in 14 countries
The LeakBase cyberforum, considered one of the world’s largest online marketplaces for cybercriminals to buy and sell stolen data and cybercrime tools, has been seized…
Web portal leaves kids’ chats with AI toy open to anyone with Gmail account
Earlier this month, Joseph Thacker’s neighbor mentioned to him that she’d preordered a couple of stuffed dinosaur toys for her children. She’d chosen the toys,…
AWS achieves 2025 C5 Type 2 attestation report with 183 services in scope
Amazon Web Services (AWS) is pleased to announce a successful completion of the 2025 Cloud Computing Compliance Criteria Catalogue (C5) attestation cycle with 183 services…
Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on Israel
October 7: Hamas attacks Israel In the midst of the Israel-Hamas War, which erupted with a surprising and devastating attack on October 7, 2023 that…
Hunting for malicious OpenClaw AI in the modern enterprise
When shadow IT is discussed, it’s usually in the context of unauthorized SaaS apps or stray cloud buckets. But there’s a new, faster-moving frontier emerging…
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
Threat actors are abusing the special-use “.arpa” domain and IPv6 reverse DNS in phishing campaigns that more easily evade domain reputation checks and email…
SAML roulette: the hacker always wins
Introduction In this post, we’ll show precisely how to chain round-trip attacks and namespace confusion to achieve unauthenticated admin access on GitLab Enterprise by exploiting…
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control…