The case for fixing CWE weakness patterns instead of patching one bug at a time
In this Help Net Security interview, Alec Summers, MITRE CVE/CWE Project Lead, discusses how CWE is moving from a background reference into active use in…
Latest Cybersecurity News — Page 85
View all →
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across…
Don’t wait for 2027 – make your smart product security visible now
Australia’s smart device security label is coming and the pilot starts in October. For smart product manufacturers, suppliers or distributors, this is your chance to…
Escaping the COTS trap | CSO Online
Over the years, enterprise cybersecurity environments have accumulated staggering numbers of commercial tools. Industry research converges on a consistent picture of tool proliferation that drives…
Chaos to Clarity: How Our Community Helped Transform SIEM
The Origin Story This is a hero’s journey, just not the kind you think. No caped crusaders or radioactive spiders here. It’s about a real-life…
German authorities identify REvil and GangCrab ransomware bosses
The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. According to…
Hackers Drain $286 Million From Drift Protocol in Suspected North Korea-Linked Exploit
The largest decentralized perpetual futures exchange on the Solana blockchain — became the target of a massive and well-orchestrated theft on April 1, 2026, Drift…
Drift Protocol Hit in $286M Suspected North Korea-Linked Crypto Heist
Hackers have stolen approximately $286 million from Drift Protocol, a leading decentralized perpetual futures exchange on the Solana blockchain, in what security researchers believe may…
Why Security Researchers and Red Teams Are Turning to Workflow Automation
There’s a quiet change happening in security operations that doesn’t make headlines the way a fresh zero-day does – but its impact on how defenders…
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
Ravie LakshmananApr 06, 2026Malware / Threat Intelligence Threat actors likely associated with the Democratic People’s Republic of Korea (DPRK) have been observed using GitHub as command-and-control…
Australia plays hardball on social media ban
Since Australia banned children from using social media in December, lawmakers from Spain to Malaysia have expressed interest in following suit, while US courts have…
North Korean Hackers Target High-Profile Node.js Maintainers
The North Korean threat actor blamed for the Axios supply chain attack has been aiming its social engineering campaign at various Node.js maintainers, Socket reports.…