Identity is the backbone of modern cybersecurity. Every access decision carries risk, across employees, partners, devices, workloads, and an expanding set of AI-powered agents. But…
Another week, another authentication bypass Our humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and…
Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide. Former CEO…
Russian state-sponsored threat groups significantly stepped up their cyber operations in 2025, using a range of methods to break into targeted systems. From exploiting remote…
Google’s recent release of proof-of-concept (PoC) exploit code for a still-unpatched Chromium vulnerability has sparked significant concern across the cybersecurity community. The flaw, first reported…
In its latest alert, the Federal Bureau of Investigation (FBI) is warning about a new Phishing-as-a-Service (PaaS) platform called Kali365 that specifically targets Microsoft 365…
Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can…
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the…
An artificial intelligence (AI) research engineer is taking legal action against Google, claiming the company unlawfully dismissed them for internally raising concerns about its complicity…
Cisco has released security updates to fix a critical vulnerability, tracked as CVE-2026-20223, affecting its Cisco Secure Workload platform. The flaw, which received the maximum…
The French and Dutch law enforcement seized a large-scale virtual private network (VPN) service catering to cybercriminals, offering services to mask their illicit activities of…
Drupal is warning users that it’s already seeing attempts to exploit CVE-2026-9082, the highly critical vulnerability patched this week. The vulnerability affects an API designed…
