179 Security Blogs

Last Updated: 22 Apr 26 02:30 UTC

Blog List | Github | OPML

2026-04-22

Step Security
pgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP Canister

ISC SANS
ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)

Amazon Security
Winter 2025 SOC 1 report is now available with 184 services in scope

ISC SANS
[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)


2026-04-21

Troy Hunt
Weekly Update 500

Ars Technica Security
Mozilla: Anthropic's Mythos found 271 security vulnerabilities in Firefox 150

Dark Reading
Ransomware Negotiator Pleads Guilty to BlackCat Scheme

Dark Reading
Exploits Turn Windows Defender into Attacker Tool

Mend
From Panic to Playbook: Modernizing Zero‑Day Response in AppSec

Praetorian
500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

Microsoft Security
Detection strategies across cloud and identities against infiltrating IT workers

Meta Security
Modernizing the Facebook Groups Search to Unlock the Power of Community Knowledge

Varonis
AI Security Platforms—Centralized Visibility, Enforcement and Monitoring for AI Systems

Dark Reading
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk

Dark Reading
Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

Krebs on Security
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

Rapid7
Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

Google Safety & Security
3 new ways Ads Advisor is making Google Ads safer and faster

Malwarebytes
Fake Google Antigravity downloads are stealing accounts in minutes

Rapid7
From Bulk Export to AI-ready Security Workflows: Introducing Rapid7’s Open-Source MCP Server and Agent Skill

Searchlight Cyber
What is Preemptive Threat Exposure Management (PTEM)?

Cloudflare
Moving past bots vs. humans

Malwarebytes
Real Apple notifications are being used to drive tech support scams

Ars Technica Security
Contrary to popular superstition, AES 128 is just fine in a post-quantum world

Talos Intelligence
[Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025

Talos Intelligence
Phishing and MFA exploitation: Targeting the keys to the kingdom

Dark Reading
Chinese APT Targets Indian Banks, Korean Policy Circles

Schneier on Security
Mexican Surveillance Company

Malwarebytes
Android 17 ends all-or-nothing access to your contacts

Talos Intelligence
Bad Apples: Weaponizing native macOS primitives for movement and execution

ISC SANS
A .WAV With A Payload, (Tue, Apr 21st)

ISC SANS
ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)

Datadog HQ
Bringing observability data hosting to the UK on AWS

Datadog HQ
Identify and fix code issues faster with Datadog’s Azure DevOps Source Code integration

Auth0
CheckMate for Auth0: Six Months of Growth

Auth0
Multi-Tenant SaaS: Managing Auth0 Organizations with the My Organization API


2026-04-20

Leviathan Security
The Power of Good Privacy Practices

Dark Reading
Vercel Employee's AI Tool Access Led to Data Breach

Dark Reading
Serial-to-IP Devices Hide Thousands of Old & New Bugs

Varonis
Securing AI Application Development

SentinelOne
Automation at Machine Speed: Rethinking Execution in Modern Cybersecurity

Varonis
The Vercel Breach: The Steps To Take Now to Protect Your Organization

Rapid7
Project Glasswing and the Next Challenge for Defenders: Turning Faster Discovery into Faster Action

Microsoft Security
Making opportunistic cyberattacks harder by design

Filippo Valsorda
Quantum Computers Are Not a Threat to 128-bit Symmetric Keys

Amazon Security
How to clone an AWS CloudHSM cluster across Regions

Dark Reading
WhatsApp Leaks User Metadata to Attackers

Aikido
Introducing Endpoint Protection: Security for Developer Devices

Malwarebytes
Big Tech can stop scams. They just don’t (Lock and Code S07E08)

Malwarebytes
Mythos: An AI tool too powerful for public release

Cloudflare
Building the agentic cloud: everything we launched during Agents Week 2026

Cloudflare
Orchestrating AI Code Review at scale

Cloudflare
The AI engineering stack we built internally — on the platform we ship

Sicuranext Blog
A nice approach to AWS security group management

Sicuranext Blog
A nice approach to AWS security group management

Searchlight Cyber
The Intelligence Hidden in Ransomware Data

Schneier on Security
Is “Satoshi Nakamoto” Really Adam Back?

Malwarebytes
A week in security (April 13 – April 19)

ISC SANS
Handling the CVE Flood With EPSS, (Mon, Apr 20th)

ISC SANS
ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)

ZeroPath
Critical Spinnaker Vulns Allow RCE And Production Compromise

Teleport Blog
NIST CSF 2.0 and Agentic AI: Building Profiles for Autonomous Systems

Conduition
Pruning Hypertrees for the Lax and Lazy

Rosecurify
Seclog - #174

Greynoise
The Internet Changes Before the Advisory Drops


2026-04-19

Doyensec
CFITSIO Fuzzing: Memory Corruptions and a Codex-Assisted Pipeline


2026-04-18

Microsoft Security
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook


2026-04-17

Embrace The Red
Breaking Opus 4.7 with ChatGPT (Hacking Claude's Memory)

Ars Technica Security
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"

Schneier on Security
Friday Squid Blogging: New Giant Squid Video

Rapid7
Metasploit Wrap-Up 04/17/2026

Dark Reading
How NIST's Cutback of CVE Handling Impacts Cyber Teams

Dark Reading
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

Palo Alto Networks
The AI Ecosystem Edge — Introducing Our Frontier AI Alliance

Praetorian
The Attack Helix: Praetorian’s AI & Economic Architecture for Offensive Security

Aikido
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mailcow

Eclypsium
BTS #72 - AI-Powered Firmware Hacking: The Future of Vulnerability Discovery

Amazon Security
Transform security logs into OCSF format using a configuration-driven ETL solution

Microsoft Security
Containing a domain compromise: How predictive shielding shut down lateral movement

Dark Reading
Every Old Vulnerability Is Now an AI Vulnerability

Malwarebytes
This old-school scam is still working

Escape DAST
Top XBOW Alternatives in 2026

Palo Alto Networks
Defender's Guide to the Frontier AI Impact on Cybersecurity

Palo Alto Networks
Introducing Unit 42 Frontier AI Defense

Cloudflare
Introducing the Agent Readiness score. Is your site agent-ready?

Cloudflare
Shared Dictionaries: compression that keeps up with the agentic web

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 16

Varonis
The Invisible Footprint: How Anonymous S3 Requests Evade AWS Logging

Cloudflare
Introducing Flagship: feature flags built for the age of AI

Dark Reading
Coast Guard's New Cybersecurity Rules Offer Lessons for CISOs

Cloudflare
Redirects for AI Training enforces canonical content

Cloudflare
Unweight: how we compressed an LLM 22% without sacrificing quality

Cloudflare
Agents that remember: introducing Agent Memory

Cloudflare
Agents Week: network performance update

Schneier on Security
Mythos and Cybersecurity

Ars Technica Security
Recent advances push Big Tech closer to the Q-Day danger zone

Trail of Bits
We beat Google’s zero-knowledge proof of quantum cryptanalysis

Searchlight Cyber
Explore the Data Breach Dashboard in Cerberus

Searchlight Cyber
Faster speed to triage with improved detail view in DarkIQ

Malwarebytes
“Your shipment has arrived” email hides remote access software

TrustedSec
Mythos, Memory Loss, and the Part InfoSec Keeps Missing

Moonlock
Apple Intelligence can be hijacked using prompt injection

Moonlock
CISA warns: New vulnerability found in Adobe’s PDF tools for Mac

Moonlock
New ClickFix attack bypasses Mac Terminal protections

ISC SANS
ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)

ISC SANS
Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)

Datadog HQ
Centralize observability management with Datadog Governance Console

Datadog HQ
Every team should be A/B testing

Auth0
The AI Design Formula Does Not Exist — Yet


2026-04-16

Troy Hunt
Here's What Agentic AI Can Do With Have I Been Pwned's APIs

Dark Reading
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities

Rapid7
CVE-2026-33032: Nginx UI Missing MCP Authentication

Dark Reading
North Korea Uses ClickFix to Target macOS Users' Data

SentinelOne
Frontier AI Reinforces the Future of Modern Cyber Defense

ISC SANS
[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)

Dark Reading
'Harmless' Global Adware Transforms Into an AV Killer

Talos Intelligence
Foxit, LibRaw vulnerabilities

Escape DAST
DAST Tools: Complete Buyer's Guide & 10 Solutions to know in 2026

Talos Intelligence
The Q1 vulnerability pulse

Meta Security
Capacity Efficiency at Meta: How Unified AI Agents Optimize Performance at Hyperscale

Microsoft Security
Building your cryptographic inventory: A customer strategy for cryptographic posture management

Aikido
Reliable CVE sources in the age of NIST NVD cutbacks

Dark Reading
Two-Factor Authentication Breaks Free From the Desktop

Dark Reading
Microsoft's Original Windows Secure Boot Certificate Is Expiring

Microsoft Security
Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

Meta Security
Post-Quantum Cryptography Migration at Meta: Framework, Lessons, and Takeaways

Cloudflare
Cloudflare’s AI Platform: an inference layer designed for agents

Cloudflare
Building the foundation for running extra-large language models

Step Security
Announcing Dependabot Configuration Enhancements: Cooldown and Group Support

Cloudflare
Artifacts: versioned storage that speaks Git

Cloudflare
Deploy Postgres and MySQL databases with PlanetScale + Workers

Cloudflare
AI Search: the search primitive for your agents

Rapid7
ClickFix Phishing Campaign Masquerading as a Claude Installer

Bishop Fox Security
Taking Maestro in Stride: AI Threat Modeling Frameworks

Malwarebytes
Browser Guard gets even better with Access Control 

Malwarebytes
“iCloud storage is full” scam is back, and now it wants your payment details

Talos Intelligence
PowMix botnet targets Czech workforce

Talos Intelligence
More than pretty pictures: Wendy Bishop on visual storytelling in tech

Schneier on Security
Human Trust of AI Agents

Malwarebytes
A fake Slack download is giving attackers a hidden desktop on your machine

Malwarebytes
Booking.com breach gives scammers what they need to target guests

Palo Alto Networks
Securing the UK’s Digital Future

Eye Security
Introducing complisec: Giving AI Agents the Context to Know What They’re Allowed to Do

Cloudflare
Cloudflare Email Service: now in public beta. Ready for your agents

Dark Reading
6-Year Ransomware Campaign Targets Turkish Homes & SMBs

TrustedSec
Dungeons and Daemons

ISC SANS
ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)

Datadog HQ
Manage service tracing across hosts with Single Step Instrumentation rules

Infernux Blog
How to use Log Horizon to improve Microsoft Sentinel posture

Datadog HQ
Route OTel data from AI apps to ClickHouse and Datadog using Observability Pipelines

Datadog HQ
Spotting CI/CD misconfigurations before the bots do: Securing GitHub Actions with Datadog IaC Security

Fastly
Adapting in the Era of AI


2026-04-15

Dark Reading
Critical MCP Integration Flaw Puts NGINX at Risk

Ars Technica Security
"TotalRecall Reloaded" tool finds a side entrance to Windows 11's Recall database

Eye Security Research
Making AI Agents Work in Europe’s Regulatory Reality

Dark Reading
Navigating the Unique Security Risks of Asia's Digital Supply Chain

Praetorian
Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit

Malwarebytes
AI clickbait can turn your notifications into a scam feed

Microsoft Security
Incident response for AI: Same fire, different fuel

Dark Reading
Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now

Dark Reading
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests

PT SWARM
Slowburn: Looking through AMD Platform Configuration Blobs infrastructure

PT Swarm
Slowburn: Looking through AMD Platform Configuration Blobs infrastructure

Varonis
The Map is Not the Territory: The Impact of Anthropic Mythos on Data Security

The Citizen Lab
From Stuxnet to Operation Epic Fury: The China-Iran Intelligence Nexus

Black Hills Info Sec
Signed, Trusted, and Abused: Proxy Execution via WebView2

Malwarebytes
Fake YouTube copyright notices can steal your Google login

Cloudflare
Project Think: building the next generation of AI agents on Cloudflare

Cloudflare
Introducing Agent Lee - a new interface to the Cloudflare stack

Cloudflare
Register domains wherever you build: Cloudflare Registrar API now in beta

Searchlight Cyber
Vulnerability Management: How to Prioritize Real Threats Over Noise

Rapid7
A Clearer Path from Prioritized Exposures to Remediation Progress

Dark Reading
Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Schneier on Security
Defense in Depth, Medieval Style

Malwarebytes
From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

Talos Intelligence
The n8n n8mare: How threat actors are misusing AI workflow automation

Malwarebytes
April Patch Tuesday fixes two zero-days, including one under active attack

Malwarebytes
Credit Resources Vault: Why this credit email set off our scam alarms

Searchlight Cyber
April 14th – This Week’s Top Cybersecurity and Dark Web Stories

OWASP
Bridging the Gap in Product Lifecycle Management: How OpenEoX and CLE Work Together