EU tightens cybersecurity rules for tech supply chains
The European Commission has proposed a new cybersecurity package aimed at strengthening the EU’s cyber resilience, including a revised EU Cybersecurity Act designed to secure …
Rust package registry adds security tools and metrics to crates.io
The Rust project updated crates.io to include a Security tab on individual crate pages. The tab shows security advisories drawn from the RustSec database and lists which …
OpenAI adds age prediction to ChatGPT to strengthen teen safety
OpenAI is rolling out age prediction on ChatGPT consumer plans to help determine whether an account likely belongs to someone under 18. Age prediction builds on protections …
RansomHub claims alleged breach of Apple partner Luxshare
Chinese electronic manufacturer and Apple partner Luxshare Precision Industry has allegedly been breached by affiliates of the RansomHub ransomware-as-a-service outfit. …
Linux users targeted by crypto thieves via hijacked apps on Snap Store
Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical …
Pro-Russian hacktivist campaigns continue against UK organizations
The UK’s National Cyber Security Centre reports ongoing cyber operations by Russian-aligned hacktivist groups targeting organizations in the UK and abroad. NoName057(16) …
Cybercriminals speak the language young people trust
Criminal groups actively recruit, train, and retain people in structured ways. They move fast, pay in crypto, and place no weight on age. Young people are dealing with a new …
Bandit: Open-source tool designed to find security issues in Python code
Bandit is an open-source tool that scans Python source code for security issues that show up in everyday development. Many security teams and developers use it as a quick way …
The 2026 State of Pentesting: Why delivery and follow-through matter more than ever
Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is …
Security leaders push for continuous controls as audits stay manual
Security teams say they want real-time insight into controls, but still rely on periodic checks that trail daily operations. New RegScale research shows how wide that gap …
Initial access broker pleads guilty to selling access to 50 corporate networks
A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New …
Let’s Encrypt rolls out 6-day and IP-based certificates
Let’s Encrypt says its short-lived TLS certificates with a 6-day lifetime are now generally available. Each certificate is valid for 160 hours from the time it is issued. To …
Featured news
Resources
Don't miss
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications
- Incident response lessons learned the hard way
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work