177 Security Blogs

Last Updated: 02 Apr 26 10:01 UTC

Blog List | Github | OPML

2026-08-01

Dark Reading
Black Hat USA


2026-04-02

Talos Intelligence
UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications

Talos Intelligence
Qilin EDR killer infection chain

Talos Intelligence
Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders

watchTowr Labs
You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701)

Talos Intelligence
An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases

Step Security
TeamPCP Plants WAV Steganography Credential Stealer in telnyx PyPI Package

Step Security
axios Compromised on npm - Malicious Versions Drop Remote Access Trojan

Step Security
Malicious IoliteLabs VSCode Extensions Target Solidity Developers on Windows, macOS, and Linux with Backdoor

Step Security
10 Layers Deep: How StepSecurity Stops TeamPCP's Trivy Supply Chain Attack on GitHub Actions

ISC SANS
ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)

Elastic Security Labs
How we caught the Axios supply chain attack

Elastic Security Labs
Hooked on Linux: Rootkit Detection Engineering

Elastic Security Labs
Prioritizing Alerts Triage with Higher-Order Detection Rules


2026-04-01

Praetorian
A Possible Solution to the Zodiac Killer Z32 Cipher

Malwarebytes
Wikipedia’s AI agent row likely just the beginning of the bot-ocalypse

Microsoft Security
Mitigating the Axios npm supply chain compromise

ISC SANS
Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)

Github Security Blog
Securing the open source supply chain across GitHub

Dark Reading
LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut

Schneier on Security
Is “Hackback” Official US Cybersecurity Strategy?

Dark Reading
Cyberattacks Intensify Pressure on Latin American Governments

The Citizen Lab
The Perils of Privatized Cyberwarfare

Dark Reading
Venom Stealer MaaS Platform Commoditizes ClickFix Attacks

Malwarebytes
WhatsApp on Windows users targeted in new campaign, warns Microsoft

Black Hills Info Sec
Cloud Security: Tips and Resources for Securing the Cloud

ISC SANS
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

SentinelOne
The Implementation Blind Spot | Why Organizations Are Confusing Temporary Friction with Permanent Safety

Varonis
A Quiet "Storm": Infostealer Hijacks Sessions, Decrypts Server-Side

Cloudflare
Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver

Malwarebytes
Why we’re still not doing April Fools’ Day

Eclypsium
Eclypsium Detects F5 BIG-IP Remote Code Execution Vulnerability (CVE-2025-53521)

Rapid7
What CISOs Should Expect from AI Powered MDR in 2026, According to Rapid7 CEO Corey Thomas

Cloudflare
Introducing EmDash — the spiritual successor to WordPress that solves plugin security

Searchlight Cyber
The 2026 ‘Forum Wars’: Deconstructing the BreachForums Drama

Moonlock
Moonlock on MacVoices: What Mac security looks like today

Trail of Bits
Mutation testing for the agentic era

Dark Reading
Are We Training AI Too Late?

Searchlight Cyber
March 30th – This Week’s Top Cybersecurity and Dark Web Stories

Schneier on Security
A Taxonomy of Cognitive Security

Palo Alto Networks
Closing the Gap by Enhancing Visibility and Mitigating Risks

Snyk
Building AI Security with Our Customers: 5 Lessons from Evo’s Design Partner Program

ISC SANS
ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)

Elastic Security Labs
Elastic releases detections for the Axios supply chain compromise

Elastic Security Labs
Inside the Axios supply chain compromise - one RAT to rule them all

Teleport Blog
Kubernetes for Agentic AI: Best Practices for Security and Observability

Star Labs
CHECK Removed, Context Confused, Checkmate Achieved

Datadog HQ
Measure the business impact of every product change with Datadog Experiments

Infernux Blog
Tool Release: Log Horizon

Auth0
Scale Enterprise Teams Securely with Roles for Auth0 FGA


2026-03-31

Dark Reading
The Forgotten Endpoint: Security Risks of Dormant Devices

Dark Reading
Axios NPM Package Compromised in Precision Attack

Amazon Security
New compliance guide available: ISO/IEC 27001:2022 on AWS

Dark Reading
Google's Vertex AI Is Over-Privileged. That's a Problem

Dark Reading
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

Malwarebytes
Asking AI for personal advice is a bad idea, Stanford study shows

SentinelOne
How SentinelOne’s AI EDR Autonomously Discovered and Stopped Anthropic’s Claude from Executing a Zero Day Supply Chain Attack, Globally

Ars Technica Security
Quantum computers need vastly fewer resources than thought to break vital encryption

Microsoft Security
The threat to critical infrastructure has changed. Has your readiness?

Google Security Blog
VRP 2025 Year in Review

Amazon Security
AWS Security Agent on-demand penetration testing now generally available

Meta Security
Meta Adaptive Ranking Model: Bending the Inference Scaling Curve to Serve LLM-Scale Models for Ads

Microsoft Security
Applying security fundamentals to AI: Practical advice for CISOs

Dark Reading
AI and Quantum Are Forcing a Rethink of Digital Trust

Malwarebytes
Axios supply chain attack chops away at npm trust

Microsoft Security
WhatsApp malware campaign delivers VBScript and MSI backdoors

Ars Technica Security
Iran's hackers are on the offensive against the US and Israel

Dark Reading
Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations

Cloudflare
Introducing Programmable Flow Protection: custom DDoS mitigation logic for Magic Transit customers

Rapid7
Initial Access Brokers have Shifted to High-Value Targets and Premium Pricing

Palo Alto Networks
Five Browser and AI Security Questions Keeping CxOs up at Night

Schneier on Security
Inventors of Quantum Cryptography Win Turing Award

Trail of Bits
How we made Trail of Bits AI-native (so far)

Talos Intelligence
Ransomware in 2025: Blending in is the strategy

Mend
Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install

Compass Security Blog
Common Entra ID Security Assessment Findings – Part 2: Privileged Unprotected Groups

ISC SANS
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)

ISC SANS
ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)

ISC SANS
TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)

Troy Hunt
Weekly Update 497

Elastic Security Labs
Fake Installers to Monero: A Multi-Tool Mining Operation

Auth0
Securing the AI Agents that Power the Future of Retail


2026-03-30

Snyk
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

Dark Reading
AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

ISC SANS
DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)

Dark Reading
AI-Driven Code Surge Is Forcing a Rethink of AppSec

Troy Hunt
HIBP Mega Update: Passkeys, k-Anonymity Searches, Massive Speed Enhancements and a Bulk Domain Verification API

Dark Reading
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation

Eclypsium
Enhancing NERC CIP Compliance with the Eclypsium Platform

Black Lantern Security
red-run 2.0: Agent Teams

Rapid7
Red Teaming in 2026: What to Expect at our 2026 Global Cybersecurity Summit

Dark Reading
Manufacturing & Healthcare Share Struggles with Passwords

Meta Security
AI for American-Produced Cement and Concrete

Microsoft Security
Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio

Dark Reading
Storm Brews Over Critical, No-Click Telegram Flaw

Google Safety & Security
Evolving expectations of what’s possible

Malwarebytes
New macOS security feature will alert users about possible ClickFix attacks

Schneier on Security
Apple’s Camera Indicator Lights

Malwarebytes
A week in security (March 23 – March 29)

Cloudflare
Cloudflare Client-Side Security: smarter detection, now open to everyone

Aikido
axios compromised on npm: maintainer account hijacked, RAT deployed

ISC SANS
ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)

Rosecurify
Seclog - #171

Infernux Blog
Upcoming Microsoft Sentinel features

Sansec Threat Research
Mass PolyShell attack wave hits 471 stores in one hour


2026-03-29

watchTowr Labs
Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2)

Buchodi
ChatGPT Won't Let You Type Until Cloudflare Reads Your React State. I Decrypted the Program That Does It.

Infernux Blog
Privileged Access 101 in Entra ID


2026-03-28

watchTowr Labs
The Sequels Are Never As Good, But We're Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread)

ISC SANS
TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)

Step Security
litellm: Credential Stealer Hidden in PyPI Wheel

Android Offensive Security Blog
A Technical Deep Dive into CVE-2024-23380: Exploiting GPU Memory Corruption to Android Root


2026-03-27

Google Safety & Security
How Google Does It: An inside look at cybersecurity

Rapid7
Metasploit Wrap-Up 03/27/2026

Schneier on Security
Friday Squid Blogging: Bioluminescent Bacteria in Squid

Microsoft Security
How Microsoft Defender protects high-value assets in real-world attack scenarios

Dark Reading
China Upgrades the Backdoor It Uses to Spy on Telcos Globally

Dark Reading
Wartime Usage of Compromised IP Cameras Highlight Their Danger

Auth0
Unifying the Retail Customer Journey from Web to AI Agent with Auth0

Rapid7
Why CVSS is No Longer Enough for Exposure Management

Malwarebytes
Criminals are renting virtual phones to bypass bank security

Mend
Famous Telnyx Pypi Package compromised by TeamPCP

Dark Reading
Infrastructure Attacks With Physical Consequences Down 25%

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 13

Dark Reading
Google Sets 2029 Deadline for Quantum-Safe Cryptography

Praetorian
Your API Has Authorization Bugs. Hadrian Finds Them.

Cloudflare
How we use Abstract Syntax Trees (ASTs) to turn Workflows code into visual diagrams

Malwarebytes
Bogus Avast website fakes virus scan, installs Venom Stealer instead

NVISO Labs
Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism

Aikido
Popular telnyx package compromised on PyPI by TeamPCP

Moonlock
A new infostealer is targeting iPhones, evading built-in defenses

Moonlock
Apple brings Background Security Improvements to Mac and iPhone

Moonlock
This malicious browser extension can infect a Mac via a PNG file

Praetorian
Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem

Moonlock
How to quickly get rid of adware on your Mac

Datadog HQ
Analyzing round trip query latency

Datadog HQ
Configuring JavaScript caches for better performance

Elastic Security Labs
Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER


2026-03-26

Amazon Security
Preparing for agentic AI: A financial services approach

Ars Technica Security
Internet Yiff Machine: We hacked 93GB of "anonymous" crime tips

Black Lantern Security
Amelia Booking Pro ≤ 9.1.2: Authenticated Customer-to-Admin Password Reset via IDOR

Dark Reading
Coruna, DarkSword & Democratizing Nation-State Exploit Kits

Dark Reading
Is the FCC's Router Ban the Wrong Fix?

Dark Reading
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles

Dark Reading
Critical Flaw in Langflow AI Platform Under Attack

Step Security
xygeni-action Compromised: C2 Reverse Shell Backdoor Injected via Tag Poisoning

Step Security
bittensor-wallet 4.0.2 Compromised on PyPI - Backdoor Exfiltrates Private Keys

Step Security
Malicious npm Releases Found in Popular React Native Packages - 130K+ Monthly Downloads Compromised

Step Security
Malicious Polymarket Bot Hides in Hijacked dev-protocol GitHub Org and Steals Wallet Keys

Step Security
ForceMemo: Hundreds of GitHub Python Repos Compromised via Account Takeover and Force-Push

Step Security
Trivy Compromised a Second Time - Malicious v0.69.4 Release, aquasecurity/setup-trivy, aquasecurity/trivy-action GitHub Actions Compromised

Step Security
CanisterWorm: How a Self-Propagating npm Worm Is Spreading Backdoors Across the Ecosystem

Step Security
Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags

Talos Intelligence
TP-Link, Canva, HikVision vulnerabilities

Talos Intelligence
A puppet made me cry and all I got was this t-shirt

Malwarebytes
Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka

Github Security Blog
A year of open source vulnerability trends: CVEs, advisories, and malware

Dark Reading
How Organizations Can Use Mistakes to Level Up Their Security Programs

Dark Reading
AI-Powered Dependency Decisions Introduce, Ignore Security Bugs

Synacktiv
Kubernetes forensics 1/3: what the container ?

Malwarebytes
GlassWorm attack installs fake browser extension for surveillance

Cloudflare
A one-line Kubernetes fix that saved 600 hours a year

Rapid7
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

Bishop Fox Security
strongSwan CVE-2026-25075: Integer Underflow in VPN Authentication

Talos Intelligence
Talos Takes: 2025 insights from Talos and Splunk

Dark Reading
Intermediaries Driving Global Spyware Market Expansion

Moonlock
Can an iPhone get a virus or malware, and what are the signs?

Schneier on Security
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters

Malwarebytes
Landmark verdicts put Meta’s “addiction machine” platforms on trial