177 Security Blogs

Last Updated: 10 Apr 26 09:08 UTC

Blog List | Github | OPML

2026-08-01

Dark Reading
Black Hat USA


2026-04-10

ISC SANS
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)

Moonlock
This new macOS stealer hand-picks its victims by wallet size

Moonlock
Stealer season: Why MacSync and AMOS are the biggest threats to your Mac

Moonlock
North Korean “Sapphire Sleet” targets Macs via malicious npm packages


2026-04-09

Step Security
Top 2024 Predictions for CI/CD Security

Dark Reading
Russia's 'Fancy Bear' APT Continues Its Global Onslaught

Dark Reading
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

Bishop Fox Security
Inside Cirro: Attack Paths, Cloud Graphs, and Extensible Schemas

Microsoft Security
The agentic SOC—Rethinking SecOps for the next decade

Dark Reading
Do Ceasefires Slow Cyberattacks? History Suggests Not

Step Security
Dev Machine Guard Is Now Open Source: See What's Really Running on Your Developer Machine

Step Security
Datadog's DevSecOps 2026 Report Validates What We've Been Building

Talos Intelligence
The threat hunter’s gambit

Step Security
hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far

Step Security
Securing Vibe Coding and AI Coding Agents: An End-to-End Approach with StepSecurity

Step Security
Cline Supply Chain Attack Detected: cline@2.3.0 Silently Installs OpenClaw

Step Security
StepSecurity’s Unified Protection Across the SDLC Infrastructure Threat Framework (SITF)

Rapid7
What Project Glasswing Means for Security Leaders

Google Security Blog
Protecting Cookies with Device Bound Session Credentials

Meta Security
Escaping the Fork: How Meta Modernized WebRTC Across 50+ Use Cases

Microsoft Security
Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Red Siege InfoSec Blog
When All Else Fails: PowerShell Reflective Assembly Loading

Red Siege InfoSec Blog
Tool – EyeWitness

Microsoft Security
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

Malwarebytes
Scammers pose as Amazon support to steal your account

SentinelOne
Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions

Eclypsium
FCC Bans Routers Made Outside USA. But What IS a Router?

Rapid7
What’s New in Rapid7 Products and Services: Q1 2026 in Review

Malwarebytes
NSFW app leak exposes 70,000 prompts linked to individual users

Trail of Bits
Master C and C++ with our new Testing Handbook chapter

Schneier on Security
On Microsoft’s Lousy Cloud Security

Malwarebytes
30,000 private Facebook images allegedly downloaded by Meta employee

Talos Intelligence
From the field to the report and back again: How incident responders can use the Year in Review

Malwarebytes
This fake Windows support website delivers password-stealing malware

Step Security
@velora-dex/sdk Compromised on npm: Malicious Version Drops macOS Backdoor via launchctl Persistence

TrustedSec
IAM the Captain Now – Hijacking Azure Identity Access

ISC SANS
ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)

Dark Reading
Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers

ISC SANS
Number Usage in Passwords: Take Two, (Thu, Apr 9th)

Datadog HQ
Integrate Recorded Future threat intelligence with Datadog Cloud SIEM

Infernux Blog
Update: Log Horizon

Datadog HQ
Platform engineering metrics: What to measure and what to ignore

Datadog HQ
Not all index scans are equal: How we cut query latency by over 99%

Datadog HQ
Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog

Auth0
Secure Ruby on Rails RAG Applications with Auth0 FGA

Elastic Security Labs
Elastic on Defence Cyber Marvel 2026: A Technical overview from the Exercise Floor


2026-04-08

Ars Technica Security
Iran-linked hackers disrupt operations at US critical infrastructure sites

Dark Reading
Threat Actors Get Crafty With Emojis to Escape Detection

Dark Reading
AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties

Meta Security
Trust But Canary: Configuration Safety at Scale

Amazon Security
A framework for securely collecting forensic artifacts into S3 buckets

ISC SANS
TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)

Zero Day Initiative
Node.js Trust Falls: Dangerous Module Resolution on Windows

Dark Reading
Fraud Rockets Higher in Mobile-First Latin America

Aikido
GlassWorm goes native: New Zig dropper infects every IDE on your machine

Dark Reading
Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus

Searchlight Cyber
The True Cost of a Ransomware Attack in 2026

Malwarebytes
Your extensions leak clues about you, so we made sure Browser Guard doesn’t

ISC SANS
More Honeypot Fingerprinting Scans, (Wed, Apr 8th)

Dark Reading
Niobium Introduces The Fog

Dark Reading
Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams

Palo Alto Networks
Announcing ADEM Universal Agent

Black Hills Info Sec
Getting Started In Pentesting – Advice From The BHIS Pentest Lead

The Citizen Lab
Submission to the UN Working Group on the Use of Mercenaries

Dark Reading
Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCs

The Citizen Lab
A Cat-and-Mouse Game of Russian Internet Restrictions and Evasion

Rapid7
FortiGate CVE-2025-59718 Exploitation: Incident Response Findings

Malwarebytes
Russian hacking group targets home and small office routers to spy on users

Searchlight Cyber
What Are the Four Ways CTEM Fails Without ASM?

Searchlight Cyber
April 7th – This Week’s Top Cybersecurity and Dark Web Stories

Cloudflare
From bytecode to bytes: automated magic packet generation

Aikido
Aikido Attack finds multiple 0-days in Hoppscotch

Ars Technica Security
Thousands of consumer routers hacked by Russia's military

Schneier on Security
Python Supply-Chain Compromise

Malwarebytes
Timeshare owners warned to watch out for cartel-linked scams

Security Cafe
When AI Understands Code: Prompt Injection to RCE

Talos Intelligence
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations

Searchlight Cyber
How Do You Build An Attack Surface Management Program?

Embrace The Red
Given Enough Agents, All Bugs Become Shallow

Moonlock
How can you detect and remove keyloggers?

Moonlock
Notorious hacker returns with a new Mac stealer targeting $10K+ crypto wallets

ISC SANS
ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)

Datadog HQ
CI/CD security: How to secure your GitHub ecosystem

Datadog HQ
Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API

Datadog HQ
CI/CD security: threat modeling using a MITRE-style threat matrix

CrankySec
A New New Hope

Teleport Blog
NIST 800-171 and Agentic AI: What Autonomous Systems Mean for CUI Protection

Auth0
One Tenant, Unlimited Brand Experiences


2026-04-07

Cloudflare
Cloudflare targets 2029 for full post-quantum security

Dark Reading
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Eclypsium
BTS #71 - What Makes a Device a Router?

Dark Reading
Grafana Patches AI Bug That Could Have Leaked User Data

Step Security
axios Compromised on npm - Malicious Versions Drop Remote Access Trojan

Palo Alto Networks
Palo Alto Networks at Nutanix .NEXT 2026

ISC SANS
A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)

Amazon Security
Building AI defenses at scale: Before the threats emerge

Schneier on Security
Cybersecurity in the Age of Instant Software

Krebs on Security
Russia Hacked Routers to Steal Microsoft Office Tokens

Google Safety & Security
Here’s how we built Gmail to keep your data secure and private in the Gemini era.

Dark Reading
RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever

Dark Reading
Human vs. AI: Debates Shape RSAC 2026 Cybersecurity Trends

Dark Reading
Lies, Damned Lies, and Cybersecurity Metrics

Microsoft Security
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Mend
Container Security Without Context Is Just More Noise

Rapid7
A First Look at Our Speaker Lineup and Agenda for the Rapid7 2026 Global Cybersecurity Summit

Dark Reading
Focusing on the People in Cybersecurity at RSAC 2026 Conference

Bishop Fox Security
API Authentication Bypass in FortiClient EMS 7.4.5-7.4.6–CVE-2026-35616

Talos Intelligence
Talos Takes: 2025's ransomware trends and zombie vulnerabilities

Malwarebytes
Traffic violation scams swap links for QR codes to steal your card details

Searchlight Cyber
Your Complete Guide to Continuous Threat Exposure Management

Trail of Bits
What we learned about TEE security from auditing WhatsApp's Private Inference

Malwarebytes
Support platform breach exposes Hims & Hers customer data

Talos Intelligence
The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines

Talos Intelligence
Year in Review: Vulnerabilities old and new and something React2

Schneier on Security
Hong Kong Police Can Force You to Reveal Your Encryption Keys

Compass Security Blog
Common Entra ID Security Assessment Findings – Part 3: Weak Privileged Identity Management Configuration

Snyk
Secure What Matters: Scaling Effortless Container Security for the AI Era

TrustedSec
Building a Detection Foundation: Part 5 - Correlation in Practice

ISC SANS
ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882, (Tue, Apr 7th)

Troy Hunt
Weekly Update 498

Datadog HQ
Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA

Greynoise
Introducing C2 Detection: Know When Your Edge Devices Are Calling Home to Attackers

Sansec Threat Research
SVG Onload Tag Hides Magecart Skimmer on 99 Stores

Datadog HQ
Introducing the Datadog Code Security MCP


2026-04-06

Dark Reading
AI-Assisted Supply Chain Attack Targets GitHub

Cloudflare
How we built Organizations to help enterprises manage Cloudflare at scale

Dark Reading
Axios Attack Shows How Complex Social Engineering Is Industrialized

Dark Reading
Fortinet Issues Emergency Patch for FortiClient Zero-Day

Praetorian
The Attack Helix: Praetorian Guard’s AI Architecture for Offensive Security

Schneier on Security
New Mexico’s Meta Ruling and Encryption

Step Security
Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack

Microsoft Security
Inside an AI‑enabled device code phishing campaign

Meta Security
How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines

Microsoft Security
Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

Dark Reading
Automated Credential Harvesting Campaign Exploits React2Shell Flaw

The Citizen Lab
Submission to the National Security and Intelligence Committee of Parliamentarians

The Citizen Lab
John Scott-Railton Shares Tips and Tools to Protect Yourself Digitally

Bishop Fox Security
Delivered by Trust: What the Axios Supply Chain Attack Means for Security Leaders

Dark Reading
Shadow AI in Healthcare Is Here to Stay

Black Lantern Security
Artificial Foolishness: The Hidden Dangers of External-Facing LLMs

Dark Reading
OWASP GenAI Security Project Gets Update, New Tools Matrix

Schneier on Security
Google Wants to Transition to Post-Quantum Cryptography by 2029

Buchodi
Cracking a Malvertising DGA From the Device Side

ISC SANS
How often are redirects used in phishing in 2026?, (Mon, Apr 6th)

Malwarebytes
A week in security (March 30 – April 5)

Aikido
The cybersecurity doomerism around Mythos doesn't match what we see on the ground

Krebs on Security
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

ISC SANS
ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)

Rosecurify
Seclog - #172

Infernux Blog
Building a practical log baseline

Datadog HQ
Capture and analyze custom heatmaps in Session Replay


2026-04-05

Malwarebytes
Killer robots are here. Now what? (Lock and Code S07E07)

Ars Technica Security
CBP facility codes sure seem to have leaked via online flashcards


2026-04-04

Amazon Security
Introducing the Landing Zone Accelerator on AWS Universal Configuration and LZA Compliance Workbook

Buchodi
Apple's Spotlight Search Results Come With Engagement Metrics. No One Knew.

Elastic Security Labs
Elastic Security Integrations Roundup: Q1 2026


2026-04-03

Malwarebytes
That dream job offer from Coca-Cola or Ferrari? It’s a trap for your passwords

Schneier on Security
Friday Squid Blogging: Jurassic Fish Chokes on Squid

Dark Reading
Inconsistent Privacy Labels Don't Tell Users What They Are Getting

Varonis
A Look Inside Claude's Leaked AI Coding Agent

Ars Technica Security
OpenClaw gives users yet another reason to be freaked out about security

Rapid7
Metasploit Wrap-Up 04/03/2026

Escape DAST
Everything I Learned About Harness Engineering and AI Factories in San Francisco (April 2026)

Talos Intelligence
Do not get high(jacked) off your own supply (chain)

Dark Reading
Apple Breaks Precedent, Patches DarkSword for iOS 18

Talos Intelligence
Axios NPM supply chain incident

Praetorian
Meet Vespasian. It Sees What Static Analysis Can’t.

Amazon Security
How AWS KMS and AWS Encryption SDK overcome symmetric encryption bounds

Dark Reading
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting

Malwarebytes
Blocking children from social media is a badly executed good idea

Rapid7
You Don’t Have a Security Problem, You Have a Visibility Problem

Dark Reading
Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication

Dark Reading
Claude Source Code Leak Highlights Big Supply Chain Missteps

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 14

Dark Reading
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain

Dark Reading
CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry

Schneier on Security
Company that Secretly Records and Publishes Zoom Meetings

Trail of Bits
Simplifying MBA obfuscation with CoBRA

NVISO Labs
The Axios npm supply chain incident: fake dependency, real backdoor