2025-12-19
Schneier on Security
Friday Squid Blogging: Petting a Squid
Google Safety & Security
Why we’re taking legal action against SerpApi’s unlawful scraping
Meta Security
DrP: Meta’s Root Cause Analysis Platform at Scale
Dark Reading
LongNosedGoblin Caught Snooping on Asian Governments
Krebs on Security
Dismantling Defenses: Trump 2.0 Cyber Year in Review
Dark Reading
A Cybersecurity Playbook for AI Adoption
Dark Reading
A Good Year for North Korean Cybercriminals
Schneier on Security
AI Advertising Company Hacked
2025-12-18
Talos Intelligence
Adios 2025, you won’t be missed
Black Hills Info Sec
The Curious Case of the Comburglar
Microsoft Security
New Microsoft e-book: 3 reasons point solutions are holding you back
Schneier on Security
Someone Boarded a Plane at Heathrow Without a Ticket or Passport
Palo Alto Networks
From the Hill: The AI-Cybersecurity Imperative in Financial Services
Google Safety & Security
Caring for the Future: a Council of Europe expert reads “The Future Report”
Datadog HQ
Centrally set up and scale monitoring of your infrastructure and apps with Datadog Fleet Automation
2025-12-17
Dark Reading
Critical Fortinet Flaws Under Active Attack
Dark Reading
'Cellik' Android RAT Leverages Google Play Store
Amazon Security
Security Hub CSPM automation rule migration to Security Hub
Talos Intelligence
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Dark Reading
'Fake Proof' and AI Slop Hobble Defenders
Microsoft Security
Access Fabric: A modern approach to identity and network access
Talos Intelligence
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Ars Technica Security
Browser extensions with 8 million users collect extended AI conversations
Meta Security
How We Built Meta Ray-Ban Display: From Zero to Polish
Bishop Fox Security
MITRE AADAPT Framework as a Red Team Roadmap
Malwarebytes
Inside a purchase order PDF phishing campaign
Palo Alto Networks
Partnering with Precision in 2026
Schneier on Security
Deliberate Internet Shutdowns
Talos Intelligence
Lexi DiScola’s guide to global teamwork and overflowing TBRs
2025-12-16
Troy Hunt
Weekly Update 482
Dark Reading
Why You Should Train Your SOC Like a Triathlete
Amazon Security
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Searchlight Cyber
December 17th – This Week’s Top Cybersecurity and Dark Web Stories
Malwarebytes
SoundCloud, Pornhub, and 700Credit all reported data breaches, but the similarities end there
Dark Reading
Browser Extension Harvests 8M Users' AI Chatbot Data
Krebs on Security
Most Parked Domains Now Serving Malicious Content
White Knight Labs
Securing Agentic AI Systems
Malwarebytes
Android mobile adware surges in second half of 2025
Palo Alto Networks
Where Cloud Security Stands Today and Where AI Breaks It
Palo Alto Networks
Untangling Hybrid Cloud Security
Schneier on Security
Chinese Surveillance and AI
Synacktiv
Exploiting Anno 1404
TrustedSec
Top 10 Blogs of 2025
Teleport Blog
Secure AI Agent Infrastructure with Zero-Code MCP
2025-12-15
Ars Technica Security
Microsoft will finally kill obsolete cipher that has wreaked decades of havoc
Amazon Security
What AWS Security learned from responding to recent npm supply chain threat campaigns
Microsoft Security
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
Amazon Security
Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure
Microsoft Security
Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense
Schneier on Security
Against the Federal Moratorium on State-Level Regulation of AI
Rapid7
SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums
Malwarebytes
A week in security (December 8 – December 14)
Eye Security Research
AitM Block: Preventing Modern M365 Phishing Attacks
Sansec Threat Research
Critical backdoor found in MGT Varnish extension