Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells
A massive wave of exploitation attempts has followed the disclosure of CVE-2026-1281, a critical pre-authentication Ivanti EPMM vulnerability, the Shadowserver Foundation has …
Microsoft begins Secure Boot certificate update for Windows devices
Microsoft has begun updating Secure Boot certificates originally issued in 2011 to ensure that Windows devices continue to verify boot software as older certificates reach the …
Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026
Microsoft has plugged 50+ security holes on February 2026 Patch Tuesday, including six zero-day vulnerabilities exploited by attackers in the wild. The “security feature …
That “summarize with AI” button might be manipulating you
Microsoft security researchers discovered a growing trend of AI memory poisoning attacks used for promotional purposes, referred to as AI Recommendation Poisoning. The MITRE …
Google Search introduces new ways to remove sensitive personal information and explicit images
Google expanded its “Results about you” tool to give users more control over sensitive personal information and added a way to request removal of non-consensual explicit …
Yubico previews passkey-enabled digital signatures in upcoming YubiKey 5.8 firmware
Yubico’s upcoming YubiKey 5.8 firmware introduces standardized APIs that integrate hardware-backed signatures with passkey authentication. To enable privacy-capable digital …
Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy
Global retail and beauty brands manage a unique cybersecurity balancing act. They depend on consumer trust, massive volumes of personal data, and a sprawling network of …
Zen-AI-Pentest: Open-source AI-powered penetration testing framework
Zen-AI-Pentest provides an open-source framework for scanning and exercising systems using a combination of autonomous agents and standard security utilities. The project aims …
Product showcase: PCAPdroid analyzes Android app network activity
PCAPdroid is a free, open-source Android app that allows inspection of network traffic. Installation is straightforward and does not require creating an account. To begin …
Security teams are paying for sprawl in more ways than one
Most enterprises run security programs across sprawling environments that include mobile devices, SaaS applications, cloud infrastructure, and telecom networks. Spend control …
Singapore telcos breached in China-linked cyber espionage campaign
Singapore’s four major telecommunications companies were hit by a coordinated cyber espionage campaign last year, the country’s Cyber Security Agency (CSA) has revealed. …
Microsoft tightens Windows security with app transparency and user consent
Microsoft is strengthening default protections in Windows through two security initiatives, Windows Baseline Security Mode and User Transparency and Consent. User Transparency …
Featured news
Resources
Don't miss
- Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy
- Zen-AI-Pentest: Open-source AI-powered penetration testing framework
- Singapore telcos breached in China-linked cyber espionage campaign
- Microsoft tightens Windows security with app transparency and user consent
- Unpatched SolarWinds WHD instances under active attack