2026-05-05
2025-12-11
Amazon Security
Embracing our broad responsibility for securing digital infrastructure in the European Union
Elastic Security Labs
NANOREMOTE, cousin of FINALDRAFT
2025-12-10
Dark Reading
Storm-0249 Abuses EDR Processes in Stealthy Attacks
Google Security Blog
HTTPS certificate industry phasing out less secure domain validation methods
Microsoft Security
From awareness to action: Building a security-first culture for the agentic AI era
Microsoft Security
Clarity in complexity: New insights for transparent email security
Malwarebytes
December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices
ISC SANS
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection), (Wed, Dec 10th)
Black Hills Info Sec
How to Set Smart Goals (That Actually Work For You)
Bishop Fox Security
A Hacker Holiday Gift Guide: 2025 Edition
Schneier on Security
FBI Warns of Fake Video Scams
Searchlight Cyber
December 10th – This Week’s Top Cybersecurity and Dark Web Stories
Google Safety & Security
Build the internet young people are asking for — instead of simply banning them from it
Dark Reading
Japanese Firms Suffer Long Tail of Ransomware Damage
Fastly
DDoS in November
2025-12-09
Talos Intelligence
Microsoft Patch Tuesday for December 2025 — Snort rules and prominent vulnerabilities
Krebs on Security
Microsoft Patch Tuesday, December 2025 Edition
Microsoft Security
Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack
Palo Alto Networks
Winning the AI Race Starts with the Right Security Platform
Palo Alto Networks
Partners Are Fueling Innovation with Cortex XSIAM and Prisma SASE
Zero Day Initiative
The December 2025 Security Update Review
Google Security Blog
Further Hardening Android GPUs
Microsoft Security
Changing the physics of cyber defense
White Knight Labs
From Veeam to Domain Admin: Real-World Red Team Compromise Path
Offensive Security
How Will AI Affect Cybersecurity?
Offensive Security
How to Gain Experience in Cybersecurity
Schneier on Security
AI vs. Human Drivers
Talos Intelligence
New BYOVD loader behind DeadLock ransomware attack
Talos Intelligence
New in Snort3: Enhanced rule grouping for greater flexibility and control
Project Black
Orthanc 1.12.9 User Impersonation
CrankySec
It's never simple
2025-12-08
Amazon Security
IAM Policy Autopilot: An open-source tool that brings IAM policy expertise to builders and AI coding assistants
Dark Reading
Apache Issues Max-Severity Tika CVE After Patch Miss
Dark Reading
Exploitation Activity Ramps Up Against React2Shell
Amazon Security
AWS launches AI-enhanced security innovations at re:Invent 2025
Google Security Blog
Architecting Security for Agentic Capabilities in Chrome
Microsoft Security
Stronger together: New Beazley collaboration enhances cyber resilience
Schneier on Security
Substitution Cipher Based on The Voynich Manuscript
Malwarebytes
A week in security (December 1 – December 7)
ISC SANS
ISC Stormcast For Monday, December 8th, 2025 https://isc.sans.edu/podcastdetail/9728, (Mon, Dec 8th)
Fastly
Fastly’s Proactive Protection for React2Shell, Critical React RCE CVE-2025-55182 and CVE-2025-66478
2025-12-06
Krebs on Security
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill
2025-12-05
Schneier on Security
Friday Squid Blogging: Vampire Squid Genome
Atredis Partners
Designing a Passive LiDAR Detector Device - Hardware
Palo Alto Networks
Crossing the Autonomy Threshold
Dark Reading
CISOs Should Be Asking These Quantum Questions Today
Kevin Beaumont
Cybersecurity industry overreacts to React vulnerability, starts panic, burns own house down again
Schneier on Security
New Anonymous Phone Service
Troy Hunt
Weekly Update 481
Embrace The Red
The Normalization of Deviance in AI
ISC SANS
ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th)
Amazon Security
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
Okta Security
Okta’s Response to React2Shell
Joshua Rogers
Another AI slop story: ChatGPT vs. Human
Elastic Security Labs
Automating detection tuning requests with Kibana cases
Cloudflare
Cloudflare outage on December 5, 2025
2025-12-04
Dark Reading
How Agentic AI Can Boost Cyber Defense
Krebs on Security
SMS Phishers Pivot to Points, Taxes, Fake Retailers
Praetorian
Critical Advisory: Remote Code Execution in Next.js (CVE-2025-66478) with Working Exploit
Dark Reading
CISA Warns of 'Ongoing' Brickstorm Backdoor Attacks
Dark Reading
CISA Publishes Security Guidance for Using AI in OT
Talos Intelligence
Socomec DIRIS Digiware M series and Easy Config, PDF XChange Editor vulnerabilities
Talos Intelligence
Your year-end infosec wrapped
Microsoft Security
Cybersecurity strategies to prioritize now
Rapid7
React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components
Palo Alto Networks
Securing the AI Frontier
Bishop Fox Security
Arista NextGen Firewall XSS to RCE Chain
Malwarebytes
Canadian police trialing facial recognition bodycams
Searchlight Cyber
The Intelligence Hidden in Ransomware Data
Talos Intelligence
Spy vs. spy: How GenAI is powering defenders and attackers