177 Security Blogs

Last Updated: 15 Apr 26 23:40 UTC

Blog List | Github | OPML

2026-04-15

Dark Reading
Critical MCP Integration Flaw Puts NGINX at Risk

Ars Technica Security
"TotalRecall Reloaded" tool finds a side entrance to Windows 11's Recall database

Eye Security Research
Making AI Agents Work in Europe’s Regulatory Reality

Dark Reading
Navigating the Unique Security Risks of Asia's Digital Supply Chain

Praetorian
Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit

Malwarebytes
AI clickbait can turn your notifications into a scam feed

Microsoft Security
Incident response for AI: Same fire, different fuel

Dark Reading
Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now

Step Security
Announcing Dependabot Configuration Enhancements: Cooldown and Group Support

Dark Reading
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests

PT Swarm
Slowburn: Looking through AMD Platform Configuration Blobs infrastructure

PT SWARM
Slowburn: Looking through AMD Platform Configuration Blobs infrastructure

Varonis
The Map is Not the Territory: The Impact of Anthropic Mythos on Data Security

The Citizen Lab
From Stuxnet to Operation Epic Fury: The China-Iran Intelligence Nexus

Black Hills Info Sec
Signed, Trusted, and Abused: Proxy Execution via WebView2

Malwarebytes
Fake YouTube copyright notices can steal your Google login

Cloudflare
Rearchitecting the Workflows control plane for the agentic era

Cloudflare
Browser Run: give your agents a browser

Cloudflare
Project Think: building the next generation of AI agents on Cloudflare

Cloudflare
Add voice to your agent

Cloudflare
Introducing Agent Lee - a new interface to the Cloudflare stack

Cloudflare
Register domains wherever you build: Cloudflare Registrar API now in beta

Searchlight Cyber
Vulnerability Management: How to Prioritize Real Threats Over Noise

Rapid7
A Clearer Path from Prioritized Exposures to Remediation Progress

Dark Reading
Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Schneier on Security
Defense in Depth, Medieval Style

Malwarebytes
From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

Talos Intelligence
The n8n n8mare: How threat actors are misusing AI workflow automation

Malwarebytes
April Patch Tuesday fixes two zero-days, including one under active attack

Malwarebytes
Credit Resources Vault: Why this credit email set off our scam alarms

Searchlight Cyber
April 14th – This Week’s Top Cybersecurity and Dark Web Stories

ISC SANS
ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)

ISC SANS
Scanning for AI Models, (Tue, Apr 14th)

Dark Reading
Microsoft Bets $10B to Boost Japan's AI, Cybersecurity

Auth0
The Product Architecture Behind Trusted AI Experiences

CrankySec
Smash the glass wing


2026-04-14

SentinelOne
Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack

Amazon Security
Secure AI agent access patterns to AWS resources using Model Context Protocol

Rapid7
Patch Tuesday - April 2026

Krebs on Security
Patch Tuesday, April 2026 Edition

Dark Reading
Privilege Elevation Dominates Massive Microsoft Patch Update

The Citizen Lab
Beijing Codifies Repression of Overseas Activists

Talos Intelligence
Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities

Dark Reading
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses

Ars Technica Security
UK gov's Mythos AI tests help separate cybersecurity threat from hype

Github Security Blog
Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

ISC SANS
Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)

Auth0
How to Monitor Auth0 Usage Metrics

Dark Reading
War Game Exercise Demonstrates How Social Media Manipulation Works

Schneier on Security
Upcoming Speaking Engagements

Varonis
How Varonis Atlas Enables ISO/IEC 42001 Compliance

Github Security Blog
How exposed is your code? Find out in minutes—for free

Talos Intelligence
State-sponsored threats: Different objectives, similar access paths

Cloudflare
Securing non-human identities: automated revocation, OAuth, and scoped permissions

Cloudflare
Scaling MCP adoption: Our reference architecture for simpler, safer and cheaper enterprise deployments of MCP

Cloudflare
Managed OAuth for Access: make internal apps agent-ready in one click

Cloudflare
Secure private networking for everyone: users, nodes, agents, Workers — introducing Cloudflare Mesh

Bishop Fox Security
Anthropic’s Claude Mythos Preview: The AI Cybersecurity Inflection Point

Aikido
Axios CVE-2026-40175: a critical bug that’s… not exploitable

Rapid7
Your Cloud Detection Strategy in 2026: What to Expect at the Global Cybersecurity Summit

Malwarebytes
Omnistealer uses the blockchain to steal everything it can

Schneier on Security
How Hackers Are Thinking About AI

Malwarebytes
ChatGPT under scrutiny as Florida investigates campus shooting

Compass Security Blog
Common Entra ID Security Assessment Findings – Part 4: Weak Conditional Access Policies

Troy Hunt
Weekly Update 499

TrustedSec
Benchmarking Self-Hosted LLMs for Offensive Security

ISC SANS
ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)

Sansec Threat Research
Over 200 PrestaShop stores expose installer, allowing full takeover

Datadog HQ
Detect runtime threats in Python Lambda functions with Datadog AAP

Datadog HQ
Offline evaluation for AI agents: Best practices

Auth0
How to Enable Self-Service Identity Management for B2B SaaS in Auth0

Elastic Security Labs
Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT


2026-04-13

Dark Reading
Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads

Dark Reading
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm

Dark Reading
Adobe Patches Actively Exploited Zero-Day That Lingered for Months

Dark Reading
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness

Schneier on Security
On Anthropic’s Mythos Preview and Project Glasswing

Varonis
Deep Dive into Architectural Vulnerabilities in Agentic LLM Browsers

Dark Reading
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials

Cloudflare
Building a CLI for all of Cloudflare

Cloudflare
Durable Objects in Dynamic Workers: Give each AI-generated app its own database

Cloudflare
Agents have their own computers with Sandboxes GA

ISC SANS
Scans for EncystPHP Webshell, (Mon, Apr 13th)

Cloudflare
Dynamic, identity-aware, and secure Sandbox auth

Rapid7
Turning Log Lines into Answers: Instant Clarity for SOC Teams

Aikido
Bug bounty isn’t dead, but the old model is breaking

Malwarebytes
Simply opening a PDF could trigger this Adobe Reader zero-day

Project Black
LibreNMS < 26.3.0 Authenticated RCE & XSS

Schneier on Security
AI Chatbots and Trust

Binarly
Binarly Risk Score: A New Approach to Vulnerability Prioritization

Malwarebytes
A week in security (April 6 &#8211; April 12)

ISC SANS
ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)

Rosecurify
Seclog - #173


2026-04-12

Cloudflare
Welcome to Agents Week

Step Security
Securing Vibe Coding and AI Coding Agents: An End-to-End Approach with StepSecurity

Step Security
Introducing StepSecurity Dev Machine Guard: Protecting Developer Machines from Supply Chain Attacks

Step Security
Top 2024 Predictions for CI/CD Security

MaskRay's Blog
Recent lld/ELF performance improvements


2026-04-10

Schneier on Security
Friday Squid Blogging: Squid Overfishing in the South Pacific

Dark Reading
Hims Breach Exposes the Most Sensitive Kinds of PHI

Dark Reading
Your Next Breach Will Look Like Business as Usual

Rapid7
Metasploit Wrap-Up 04/10/2026

Praetorian
The Attack Helix: Praetorian Guard’s AI Architecture for Offensive Security

Praetorian
Bypassing LLM Supervisor Agents Through Indirect Prompt Injection

Cloudflare
500 Tbps of capacity: 16 years of scaling our global network

Malwarebytes
Fake Claude site installs malware that gives attackers access to your computer

Dark Reading
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats

Talos Intelligence
[Video] The TTP Ep. 22: The Collapse of the Patch Window

Google Security Blog
Bringing Rust to the Pixel Baseband

Dark Reading
Orange Business Reimagines Enterprise Voice Communications With Trust and AI

Malwarebytes
ClickFix finds a new way to infect Macs

Dark Reading
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 15

Dark Reading
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

NVISO Labs
Security’s Blind Spot: Physical Keyloggers That Bypass Antivirus Entirely

Schneier on Security
Sen. Sanders Talks to Claude About AI and Privacy

Moonlock
How to identify and remove a remote access trojan (RAT)

ISC SANS
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)

Moonlock
Do Macs need antivirus software, or is built-in malware protection enough?

Moonlock
This new macOS stealer hand-picks its victims by wallet size

Moonlock
Stealer season: Why MacSync and AMOS are the biggest threats to your Mac

Moonlock
North Korean “Sapphire Sleet” targets Macs via malicious npm packages

Datadog HQ
Introducing our open source AI-native SAST

Sansec Threat Research
ClickFix malware hits DoD cybersecurity vendor homepage

Snyk
Governing Security in the Age of Infinite Signal – From Discovery to Control

Greynoise
Just 21 IP Addresses Are Now Behind Nearly Half of All RDP Scanning on the Internet

Auth0
OpenClaw's Credential Problem Is Not a Secrets Problem


2026-04-09

Dark Reading
Russia's 'Fancy Bear' APT Continues Its Global Onslaught

Dark Reading
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

Step Security
axios Compromised on npm - Malicious Versions Drop Remote Access Trojan

Step Security
Datadog's DevSecOps 2026 Report Validates What We've Been Building

Step Security
@velora-dex/sdk Compromised on npm: Malicious Version Drops macOS Backdoor via launchctl Persistence

Step Security
Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack

Step Security
StepSecurity’s Unified Protection Across the SDLC Infrastructure Threat Framework (SITF)

Step Security
Cline Supply Chain Attack Detected: cline@2.3.0 Silently Installs OpenClaw

Step Security
hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far

Step Security
10 Layers Deep: How StepSecurity Stops TeamPCP's Trivy Supply Chain Attack on GitHub Actions

Step Security
Dev Machine Guard Is Now Open Source: See What's Really Running on Your Developer Machine

Microsoft Security
The agentic SOC—Rethinking SecOps for the next decade

Bishop Fox Security
Inside Cirro: Attack Paths, Cloud Graphs, and Extensible Schemas

Dark Reading
Do Ceasefires Slow Cyberattacks? History Suggests Not

Talos Intelligence
The threat hunter’s gambit

Rapid7
What Project Glasswing Means for Security Leaders

Google Security Blog
Protecting Cookies with Device Bound Session Credentials

Mend
Anthropic’s Project Glasswing: What It Means for AppSec

Meta Security
Escaping the Fork: How Meta Modernized WebRTC Across 50+ Use Cases

Microsoft Security
Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Red Siege InfoSec Blog
When All Else Fails: PowerShell Reflective Assembly Loading

Red Siege InfoSec Blog
Tool – EyeWitness

Microsoft Security
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

Malwarebytes
Scammers pose as Amazon support to steal your account

SentinelOne
Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions

Eclypsium
FCC Bans Routers Made Outside USA. But What IS a Router?

Rapid7
What’s New in Rapid7 Products and Services: Q1 2026 in Review

Malwarebytes
NSFW app leak exposes 70,000 prompts linked to individual users

Trail of Bits
Master C and C++ with our new Testing Handbook chapter

Schneier on Security
On Microsoft’s Lousy Cloud Security

Malwarebytes
30,000 private Facebook images allegedly downloaded by Meta employee

Talos Intelligence
From the field to the report and back again: How incident responders can use the Year in Review

Malwarebytes
This fake Windows support website delivers password-stealing malware

TrustedSec
IAM the Captain Now – Hijacking Azure Identity Access

ISC SANS
ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)

Dark Reading
Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers

ISC SANS
Number Usage in Passwords: Take Two, (Thu, Apr 9th)

Auth0
Secure Ruby on Rails RAG Applications with Auth0 FGA

Infernux Blog
Update: Log Horizon

Datadog HQ
Integrate Recorded Future threat intelligence with Datadog Cloud SIEM

Datadog HQ
Platform engineering metrics: What to measure and what to ignore

Datadog HQ
Not all index scans are equal: How we cut query latency by over 99%

Datadog HQ
Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog

Teleport Blog
From Plaintext, to BLESS, to Identity: The Evolution of Secure Remote Access

Elastic Security Labs
Elastic on Defence Cyber Marvel 2026: A Technical overview from the Exercise Floor