Crowdsourced security is not just for tech companies anymore
There is a misconception that only software and technology companies leverage crowdsourced security. However, data contradicts this belief. Companies across various sectors …
EU adopts first cybersecurity certification scheme for safer tech
The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria (EUCC). The outcome aligns with the …
Malicious logins from suspicious infrastructure fuel identity-based incidents
69% of identity-based incidents involved malicious logins from suspicious infrastructure, which are hosting providers or proxies that aren’t expected for a user or …
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) …
Graylog API Security enables organizations to identify and classify APIs
Graylog released a free version of Graylog API Security. This API discovery and monitoring tool makes API security accessible to enterprises of all sizes at a time when …
Qualys enhances CyberSecurity Asset Management to discover risky unmanaged devices
Qualys is expanding Qualys CyberSecurity Asset Management (CSAM) to identify unmanaged and untrusted devices in real-time. Leveraging the Qualys Cloud Agent to continuously …
Secureworks Threat Score reduces alert noise and time to respond
Secureworks launched AI-powered Threat Score to silence alert noise and reduce security analyst workload by over 50%. With ransomware dwell times falling, security analysts …
FBI disrupts Chinese botnet used for targeting US critical infrastructure
The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical …
Dynatrace provides end-to-end observability of AI applications
Dynatrace announced it has extended its analytics and automation platform to provide holistic observability and security for LLMs and generative AI-powered applications. This …
BackBox introduces ZTNO to automate zero trust security for network operations
In a significant stride towards enhancing network security, BackBox introduces Zero Trust Network Operations (ZTNO). This offering is a best practice framework with six …
Threat actor used Vimeo, Ars Technica to serve second-stage malware
A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, …
Protect AI acquires Laiyer AI to extend company’s AI/ML security capabilities
Protect AI announced it has acquired Laiyer AI. With the acquisition, Protect AI will be offering a commercial version of Laiyer AI’s open source LLM Guard with expanded …
Featured news
Resources
Don't miss
- Klue breach lead to Salesforce data theft, Huntress affected
- Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
- Your browser tab could become encrypted storage for someone else’s files
- Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
- 74,000 Fortinet firewall credentials exposed in FortiBleed data leak