167 Security Blogs

Last Updated: 18 Dec 25 09:49 UTC

Blog List | Github | OPML

2025-12-18

NVISO Labs
Integrating Abuse Case Scenarios to Improve Authorization Testing

Cyata
Speed Kills: Why Your AI Agents Are Exposing IAM Vulnerabilities

ISC SANS
Positive trends related to public IP ranges from the year 2025, (Thu, Dec 18th)

Google Safety & Security
Caring for the Future: a Council of Europe expert reads “The Future Report”

ISC SANS
ISC Stormcast For Thursday, December 18th, 2025 https://isc.sans.edu/podcastdetail/9744, (Thu, Dec 18th)


2025-12-17

Dark Reading
Critical Fortinet Flaws Under Active Attack

Dark Reading
In Cybersecurity, Claude Leaves Other LLMs in the Dust

Dark Reading
'Cellik' Android RAT Leverages Google Play Store

Amazon Security
Security Hub CSPM automation rule migration to Security Hub

Talos Intelligence
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities

Rapid7
Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild

Rapid7
Test for React2Shell with Application Security using New Functionality

ISC SANS
Maybe a Little Bit More Interesting React2Shell Exploit, (Wed, Dec 17th)

Microsoft Security
Access Fabric: A modern approach to identity and network access

Talos Intelligence
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager

Dark Reading
Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Malwarebytes
Two Chrome flaws could be triggered by simply browsing the web: Update now

Ars Technica Security
Browser extensions with 8 million users collect extended AI conversations

Rapid7
Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

Meta Security
How We Built Meta Ray-Ban Display: From Zero to Polish

Bishop Fox Security
MITRE AADAPT Framework as a Red Team Roadmap

Malwarebytes
Inside a purchase order PDF phishing campaign

Palo Alto Networks
Partnering with Precision in 2026

Schneier on Security
Deliberate Internet Shutdowns

Talos Intelligence
Lexi DiScola’s guide to global teamwork and overflowing TBRs

Dark Reading
Afripol Focuses on Regional Cyber Challenges, Deepening Cooperation

ISC SANS
ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th)

Greynoise
Coordinated Credential-Based Campaign Targets Cisco and Palo Alto Networks VPN Gateways

Fastly
IDC Study Reveals 3X Gains from Modern AppSec Programs

Auth0
Continuous Authorization Testing: FGA, GitHub Actions, and CI/CD

Greynoise
There's Payloads, And Then There's pAIloads: A Look At Selected Opportunistic (And Possibly AI-"Enhanced") React2Shell Probes and Attacks


2025-12-16

Dark Reading
Why a 17-Year-Old Built an AI Model to Expose Deepfake Maps

Troy Hunt
Weekly Update 482

Dark Reading
Why You Should Train Your SOC Like a Triathlete

Amazon Security
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS

Dark Reading
Venezuelan Oil Company Downplays Alleged US Cyberattack

Dark Reading
Russia Hits Critical Orgs Via Misconfigured Edge Devices

Mend
NPM User Flooding Registry with Fake Font Packages

Searchlight Cyber
December 17th – This Week’s Top Cybersecurity and Dark Web Stories

Malwarebytes
SoundCloud, Pornhub, and 700Credit all reported data breaches, but the similarities end there

Eclypsium
Eclypsium Releases Version 4.2, Expanding Network Edge Security, Advanced Threat Detection, and Asset Profile Verification

Eclypsium
The Hitch-hacker’s Guide to the Galaxy’s Edge: 2025 in Cyber Stats

Dark Reading
Browser Extension Harvests 8M Users' AI Chatbot Data

Offensive Security
6 Benefits of a Fully Certified Cybersecurity Team

Offensive Security
Blue Team vs Red Team: Should Defenders Learn Offensive Skills?

Dark Reading
Enterprises Gear Up Ahead of 2026's IT Transformation Shift

Krebs on Security
Most Parked Domains Now Serving Malicious Content

Varonis
Phishing Attacks: Types, Statistics, and Prevention

White Knight Labs
Securing Agentic AI Systems

Malwarebytes
Android mobile adware surges in second half of 2025

Palo Alto Networks
Where Cloud Security Stands Today and Where AI Breaks It

Palo Alto Networks
Untangling Hybrid Cloud Security

Sicuranext Blog
Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers

Sicuranext Blog
Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers

Schneier on Security
Chinese Surveillance and AI

Trail of Bits
Use GWP-ASan to detect exploits in production environments

Malwarebytes
Photo booth flaw exposes people’s private pictures online

Malwarebytes
Google is discontinuing its dark web report: why it matters

NVISO Labs
The Detection & Response Chronicles: Exploring Telegram Abuse

Synacktiv
Exploiting Anno 1404

Snyk
Old AI Security vs Evo: Watch Agentic Security Replace Weeks of Manual Work

TrustedSec
Top 10 Blogs of 2025

ISC SANS
ISC Stormcast For Tuesday, December 16th, 2025 https://isc.sans.edu/podcastdetail/9740, (Tue, Dec 16th)

Teleport Blog
Secure AI Agent Infrastructure with Zero-Code MCP

Datadog HQ
Troubleshooting Cilium network policies: Four common pitfalls

Fastly
Smarter Data Migration: Move Less, Save More with Fastly

Auth0
FAPI for Developers: Here Is Your Guide


2025-12-15

Eclypsium
BTS #65 - Exploring AI in Firmware Analysis

Dark Reading
How Cyber Insurance MGAs Shape Policies for Evolving Cyber-Risks

Dark Reading
Apple Patches More Zero-Days Used in 'Sophisticated' Attack

Ars Technica Security
Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

Amazon Security
What AWS Security learned from responding to recent npm supply chain threat campaigns

Dark Reading
Think Like an Attacker: Cybersecurity Tips From a CISO

Microsoft Security
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

Amazon Security
Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure

Microsoft Security
Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense

Eclypsium
How to Operationalize NSA Guidance on UEFI Secure Boot at Scale

Meta Security
How AI Is Transforming the Adoption of Secure-by-Default Mobile Frameworks

Malwarebytes
Pig butchering is the next “humanitarian global crisis” (Lock and Code S06E25)

Dark Reading
Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files

Cloudflare
ChatGPT's rivals, Kwai's quiet rise: the top Internet services of 2025

Cloudflare
The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Malwarebytes
PayPal closes loophole that let scammers send real emails with fake purchase notices

ISC SANS
More React2Shell Exploits CVE-2025-55182, (Mon, Dec 15th)

Schneier on Security
Against the Federal Moratorium on State-Level Regulation of AI

Auth0
An Accessible Guide to WCAG 3.3.9: Going for Gold

Rapid7
SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Malwarebytes
A week in security (December 8 – December 14)

Eye Security
Microsoft 365 AitM Phishing Protection: Free Browser Extension

Eye Security Research
AitM Block: Preventing Modern M365 Phishing Attacks

ISC SANS
ISC Stormcast For Monday, December 15th, 2025 https://isc.sans.edu/podcastdetail/9738, (Mon, Dec 15th)

Datadog HQ
2025 cloud security roundup: How attackers abused identities, supply chains, and AI

Datadog HQ
Monitor your Kubernetes operators to keep applications running smoothly

Datadog HQ
From performance to impact: Bridging frontend teams through shared context

Teleport Blog
OWASP Top 10 for Agentic Applications 2026: Key Takeaways & How to Take Action

Sansec Threat Research
Critical backdoor found in MGT Varnish extension

Fastly
An Indispensable Pillar of Resilience - The Human


2025-12-14

Schneier on Security
Upcoming Speaking Engagements

ISC SANS
Wireshark 4.6.2 Released, (Sun, Dec 14th)

MaskRay's Blog
Weak AVL Tree


2025-12-13

ISC SANS
ClickFix Attacks Still Using the Finger, (Sat, Dec 13th)


2025-12-12

Schneier on Security
Friday Squid Blogging: Giant Squid Eating a Diamondback Squid

Amazon Security
Implementing HTTP Strict Transport Security (HSTS) across AWS services

Troy Hunt
Processing 630 Million More Pwned Passwords, Courtesy of the FBI

Dark Reading
The CISO-COO Partnership: Protecting Operational Excellence

Rapid7
Metasploit Wrap-Up 12/12/2025

Dark Reading
React2Shell Exploits Flood the Internet as Attacks Continue

Dark Reading
Vibe Coding: Innovation Demands Vigilance

Dark Reading
Microsoft Will Bundle Security Copilot With M365 Enterprise Licenses

Dark Reading
Supply Chain Attacks Targeting GitHub Actions Increased in 2025

Malwarebytes
The US digital doxxing of H-1B applicants is a massive privacy misstep

Atredis Partners
Designing a Passive LiDAR Detector Device - Firmware

Amazon Security
Meet digital sovereignty needs with AWS Dedicated Local Zones expanded services

Malwarebytes
Google ads funnel Mac users to poisoned AI chats that spread the AMOS infostealer

Arch Cloud Labs
Chatting with Chippies: Modifying TP-Link AX 1800 Firmware

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 50

SpiderLabs
A Rising Tide of Threats: The Offshore Energy Industry’s Threat Landscape

SpiderLabs
Threat Intelligence News from LevelBlue SpiderLabs December 2025

Dark Reading
Are Trade Concerns Trumping US Cybersecurity?

Schneier on Security
Building Trustworthy AI Agents

Trail of Bits
Catching malicious package releases using a transparency log

Malwarebytes
How private is your VPN?

Synacktiv
ActivID administrator account takeover : the story behind HID-PSA-2025-002

Dark Reading
Hamas-Linked Hackers Probe Middle Eastern Diplomats

ISC SANS
Abusing DLLs EntryPoint for the Fun, (Fri, Dec 12th)

Moonlock
Apple and Google are warning users about new Predator spyware

Moonlock
Apple security bounties are down, even though Mac malware is up

Fastly
4 Recommendations to Maximize Savings and Performance with Fastly’s CDN

Fastly
Essential Checklist: Get Ready for Peak Traffic Season with Fastly


2025-12-11

Dark Reading
Money Mules Require Banks to Switch From Defense to Offense

Dark Reading
Encouraging Industry Voices to Write for the Commentary Section

Amazon Security
Exploring the new AWS European Sovereign Cloud: Sovereign Reference Framework

Palo Alto Networks
Redefining Workspace: Prisma Browser Secures Leadership in Frost Radar

Dark Reading
Attackers Exploited Gogs Zero-Day Flaw for Months

Talos Intelligence
One newsletter to rule them all

Schneier on Security
AIs Exploiting Smart Contracts

Microsoft Security
Imposter for hire: How fake people can gain very real access

Malwarebytes
DroidLock malware locks you out of your Android device and demands ransom

Cloudflare
React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques

Dark Reading
AI in OT Sparks Cascade of Complex Challenges

SentinelOne
CyberVolk Returns | Flawed VolkLocker Brings New Features With Growing Pains

Malwarebytes
Malwarebytes for Mac now has smarter, deeper scans 

Trail of Bits
Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis

Malwarebytes
[Updated] Another Chrome zero-day under attack: update now

Rapid7
New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Rapid7
Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Dark Reading
Copilot's No-Code AI Agents Liable to Leak Company Data