Our top picks and essential reads
A novel self-propagating malware dubbed CanisterWorm uses Internet Computer Protocol smart contracts as an untakedownable C2 channel, spreading...
FBI and CISA alert warns Russian state actors have compromised thousands of messaging accounts belonging to US government officials, military personnel,...
CVE-2026-20131, a maximum-severity CVSS 10.0 insecure deserialization flaw in Cisco Firepower Management Center, was exploited by Interlock ransomware as...
CVE-2026-33017, a CVSS 9.3 unauthenticated remote code execution vulnerability in the Langflow AI platform, was weaponized by threat actors within 20...
The Interlock ransomware gang has been actively exploiting a CVSS 10.0 insecure deserialization flaw in Cisco Secure Firewall Management Center since late...
A new Grip Security report analyzing 23,000 SaaS environments finds 100% of companies operate shadow AI they cannot see or control — with a 490% spike in...
A critical remote code execution vulnerability (CVSS 9.1) in Wazuh versions 4.0.0–4.14.2 allows an attacker with access to a worker node to achieve root...
Security researchers disclosed critical flaws across three major AI platforms: Amazon Bedrock AgentCore's sandbox can be bypassed via DNS to exfiltrate...
The LeakNet ransomware gang is using ClickFix social engineering for initial access and a Deno-based malware loader to execute fileless payloads from...
The GlassWorm threat actor has launched a new sub-campaign called ForceMemo, using stolen GitHub tokens to silently force-push malware into hundreds of...
Canadian telecom giant Telus Digital has confirmed a security incident after the ShinyHunters hacking group claimed to have stolen nearly 1 petabyte of...
CISA adds CVE-2025-68613 to the Known Exploited Vulnerabilities catalog — a CVSS 9.9 flaw in n8n's workflow expression evaluation system that enables...
Threat actor UNC6426 leveraged stolen credentials from last year's nx npm supply chain attack to achieve full AWS administrator access at a victim...
Transform Claude Code from a chatbot into a DevOps co-pilot. Set up CLAUDE.md templates, custom hooks, reusable agents, deployment skills, and MCP server...
Build guardrails around AI-generated code with Claude Code hooks, security-scanning agents, OWASP-aware prompting, and automated secret detection. A...
North Korean threat actor UNC4899 compromised a cryptocurrency organization after a developer AirDropped a trojanized archive from a personal device to a...
Microsoft-tracked threat actor Velvet Tempest is deploying Termite ransomware via a ClickFix social-engineering chain that loads DonutLoader and installs...
TriZetto Provider Solutions, a Cognizant subsidiary serving 875,000 US healthcare providers, has confirmed a 2024 cyberattack went undetected for nearly a...
Google's Threat Intelligence Group tracked 90 zero-day vulnerabilities actively exploited in 2025, with enterprise software and appliances accounting for...
LexisNexis Legal & Professional confirms a data breach after threat actor FulcrumSec exploited an unpatched React2Shell vulnerability to exfiltrate 2.04...
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...
Following the joint U.S.-Israeli military operation against Iran, Palo Alto Networks Unit 42 reports an unprecedented surge in cyber retaliation with...
Google's Threat Intelligence Group dismantles UNC2814, a China-linked operation that deployed a novel backdoor called GRIDTIDE abusing Google Sheets API...
During Operation 'Roar of the Lion,' a coordinated cyber offensive knocked Iran's internet connectivity down to just 4% of normal traffic, blacking out...
A CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN has been exploited since at least 2023. CISA issues Emergency Directive ED 26-03 as all Five...
A Russian-linked phishing operation dubbed Diesel Vortex has stolen over 1,649 credentials from major freight and logistics companies across the US and...
TAT-8, the pioneering fiber-optic cable that went live in 1988 and helped birth the modern internet, is being recovered after 38 years on the seabed — its...
Anthropic revealed that three Chinese AI companies — DeepSeek, Moonshot AI, and MiniMax — orchestrated industrial-scale distillation campaigns using...
The U.S. Treasury sanctioned Russian zero-day exploit broker Operation Zero, its founder Sergey Zelenyuk, and affiliated entities after an FBI...
A partial DHS shutdown since February 14 has furloughed 1,453 of CISA's 2,341 employees, halting vulnerability scanning, threat advisories, and critical...
A 53MB source code leak from identity verification giant Persona reveals how routine age verification selfies feed into a surveillance system linking...
ESET researchers discover PromptSpy, the first known Android malware family that abuses Google's Gemini AI at runtime to dynamically navigate device UIs...
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access is under active exploitation,...
A maximum-severity code injection vulnerability in Microsoft's Semantic Kernel Python SDK allows authenticated attackers to execute arbitrary code through...
The January 2025 ransomware attack on government technology giant Conduent continues to expand in scope, now confirmed to affect 15.4 million in Texas and...
The French Economy Ministry confirmed that a hacker stole credentials from a government official and accessed France's FICOBA centralized bank account...
Notepad++ releases emergency v8.9.2 patch after a China-linked APT group hijacked the update mechanism for six months, deploying the Chrysalis backdoor to...
A maximum-severity CVSS 10.0 hardcoded credentials vulnerability in Dell RecoverPoint for VMs has been under active exploitation by China-nexus threat...
A new ransomware strain called Reynolds bundles a Bring Your Own Vulnerable Driver component directly in its payload, killing EDR processes from...
A SmartLoader campaign distributes a trojanized Model Context Protocol (MCP) server disguised as Oura Health's legitimate tool, deploying StealC...
A new mobile spyware platform called ZeroDayRAT supports Android 5-16 and iOS up to version 26, providing real-time camera streaming, keylogging, 2FA...
Apple has patched CVE-2026-20700, a memory corruption vulnerability in dyld used in 'extremely sophisticated' targeted attacks. Discovered by Google TAG,...
A critical pre-authentication OS command injection vulnerability in BeyondTrust Remote Support and Privileged Remote Access with CVSS 9.9 is being...
Russia-linked APT28 (Fancy Bear) weaponized Microsoft Office CVE-2026-21509 within days of disclosure, deploying espionage implants against Ukrainian...
A routine configuration update at Cloudflare's Ashburn data center introduced a BGP routing error on February 16 that cascaded across the internet,...
A high-severity use-after-free vulnerability in Chrome's CSS engine is being actively exploited in the wild. Google's first in-the-wild Chrome zero-day of...
Two critical Ivanti Endpoint Manager Mobile zero-days with CVSS 9.8 were exploited to breach the Dutch Data Protection Authority, European Commission, and...
A misconfigured Google Firebase backend in the Chat & Ask AI app exposed 300 million private chatbot conversations from 25 million users, including...
Google reports that APT groups from China, Russia, Iran, and North Korea are all actively using Gemini AI for cyber operations including target...
The Netherlands' largest mobile network operator Odido has disclosed a data breach affecting 6.2 million customers, exposing names, addresses, bank...
Google Threat Intelligence Group attributes a previously undocumented JavaScript malware called CANFAIL to a Russian-linked threat actor targeting...
North Korea's Lazarus Group is running a fake recruitment campaign codenamed Graphalgo, planting 192 malicious packages on npm and PyPI that target...
BlackFog's 2025 State of Ransomware Report reveals a 49% increase in ransomware attacks year-over-year, with evolving tactics shifting toward...
Apple releases emergency patches across all platforms for a memory corruption vulnerability in the Dynamic Link Editor (dyld) that was exploited in...
A hacker revealed 6.8 billion email addresses online on February 11, 2026, in one of the largest email database leaks in history, raising concerns about...
North Korean threat actors are running sophisticated campaigns using AI-generated deepfake videos and the ClickFix social engineering technique to target...
Cybersecurity Ventures forecasts ransomware damage costs will surge to $74 billion globally in 2026, up from $57 billion in 2025, as attacks grow more...
Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...
Actively exploited zero-day in Windows RDS allows authenticated attackers with low privileges to escalate to SYSTEM. Public exploit code available....
Singapore discloses that APT group UNC3886 compromised all four major telecom providers using zero-day exploits and rootkits, triggering the nation's...
Agentic AI oversight, post-quantum migration, AI-driven SOCs, and regulatory volatility lead Gartner's annual cybersecurity trend forecast as the threat...
OpenAI unveils Frontier, a platform for building and managing AI agents like employees, alongside GPT-5.3-Codex — its most capable agentic coding model...
A critical zero-day in BeyondTrust Remote Support and Privileged Remote Access enables unauthenticated command execution, potentially compromising entire...
Singapore discloses that APT group UNC3886 conducted a targeted espionage campaign against M1, SIMBA, Singtel, and StarHub using a previously unknown...
Actively exploited Windows Shell vulnerability bypasses SmartScreen protection, allowing malicious files to execute without security warnings. Patch...
Critical path traversal vulnerability in WinRAR enables ransomware and credential theft as Russian and Chinese threat actors weaponize phishing campaigns...
Learn how to build a Progressive Web App with offline-first architecture using Next.js, SQLite for local storage, and Supabase for cloud sync. Includes...
IoT botnet Kimwolf launches sustained attack against The Invisible Internet Project (I2P), disrupting the encrypted, decentralized communications network...
Researchers uncover VoidLink, an 88,000-line Zig-based malware framework built with AI assistance that targets AWS, Azure, GCP, and Kubernetes environments.
A critical unauthenticated remote code execution vulnerability in Palo Alto Networks PAN-OS GlobalProtect gateway allows complete firewall takeover. CVSS 9.8.
Run thorough health checks on Active Directory infrastructure including Domain Controllers, replication, DNS, SYSVOL, FSMO roles, and critical services...
Design and implement event-driven architectures using Python asyncio. Covers event buses, async task orchestration, graceful shutdown, and real-world...
Create a fully functional Active Directory lab environment for practicing common attack techniques including Kerberoasting, AS-REP roasting,...
The FBI and CISA issue joint advisory on sophisticated AI-generated deepfake voice and video attacks targeting C-suite executives in financial...
UNC1069, a North Korean APT group, deployed a sophisticated ClickFix scam using a fake Zoom meeting to target a cryptocurrency executive in a social...
Cisco discloses a high-severity privilege escalation vulnerability in IOS XE Web UI that allows authenticated users to gain root access. Active...
Deploy and configure Local Administrator Password Solution (LAPS) to automatically manage local administrator passwords across domain-joined computers,...
Palo Alto Unit 42 reveals a state-aligned group designated TGR-STA-1030 compromised government and critical infrastructure targets in 37 countries using...
Fortinet patches a critical heap-based buffer overflow in FortiOS SSL VPN that allows unauthenticated remote code execution on FortiGate appliances....
Master Nmap from basic host discovery to advanced scanning techniques. Covers port scanning, service detection, OS fingerprinting, NSE scripts, and...
Fortinet patches a CVSS 9.8 SQL injection in FortiClientEMS 7.4.4 allowing unauthenticated remote code execution. Endpoint management servers across...
A structured approach to open-source intelligence gathering covering domain reconnaissance, email enumeration, social media profiling, and infrastructure...
Amazon's AI-powered Alexa+ assistant reaches general availability with enhanced conversational AI, smart home integration, and multi-modal capabilities.
SpaceX's strategic tie-up with xAI and planned mid-2026 IPO could reshape the tech sector, with SpaceX valued near $1 trillion and xAI at $250 billion.
Critical deserialization vulnerability in SolarWinds Web Help Desk enables unauthenticated remote code execution. CISA confirms active exploitation.
Security experts predict autonomous AI systems will be responsible for at least one major enterprise breach within months, as threat actors weaponize...
Threat intelligence reports show 8 active ransomware groups claimed 26 victims on February 2nd alone, with major corporations including BASF and Honeywell...
Two severe vulnerabilities in Google Looker, dubbed 'LookOut', could allow attackers to gain complete control of self-hosted deployments affecting 60,000+...
A maximum-severity flaw dubbed 'Ni8mare' in the popular workflow automation platform n8n allows unauthenticated attackers to gain full control of...
Deploy Microsoft Dynamics 365 Business Central in Docker containers for development, testing, and demonstration. Covers container setup, management, and...
Implement Zero Trust security with Microsoft Entra ID Conditional Access. Covers named locations, device compliance, risk-based policies, and...
Deploy and configure Microsoft Defender for Endpoint. Covers onboarding methods, ASR rules, network protection, EDR in block mode, and automated investigation.
Deploy Docker Engine natively on Windows without Docker Desktop. Covers installation, Windows container mode, lifecycle management, and troubleshooting.
Deploy and manage BitLocker encryption at scale using PowerShell, with automatic TPM validation, recovery key backup to Azure AD and NinjaRMM, and...
Automate FortiGate firewall policy creation, backup, and auditing using PowerShell and the FortiOS REST API. Includes bulk rule deployment, change...
Configure FortiGate SSL VPN for secure remote user access. Covers portal setup, user authentication, firewall policies, and FortiClient configuration.
Complete ransomware incident response playbook following NIST framework. Covers detection, containment, eradication, recovery, and lessons learned.
Configure Windows Autopilot for zero-touch device deployment. Covers hardware hash import, deployment profiles, ESP configuration, and user-driven enrollment.
Deploy and manage SentinelOne EDR agents across your environment. Covers manual installation, verification, troubleshooting, and best practices.
Master threat hunting using SentinelOne's Deep Visibility query language. Learn to investigate suspicious processes, detect lateral movement, hunt for...
Deploy enterprise-ready Azure environment with hub-spoke network, Azure Firewall, Log Analytics, Defender for Cloud following Microsoft CAF best practices.
Deploy Microsoft Sentinel as your cloud-native SIEM with data connectors, analytics rules, workbooks, and SOAR automation for comprehensive security operations.
Create a lightweight, offline-capable documentation search system using keyword-based scoring instead of ML embeddings. Perfect for air-gapped...
Build a secure CI/CD pipeline with GitHub Actions deploying to Azure. Covers build, test, security scanning (SAST/DAST), and deployment with OIDC...
Deploy enterprise SD-WAN with FortiGate featuring dual ISP failover, performance SLAs, application steering, and Zero Trust architecture integration.
Deploy enterprise-grade centralized management for your Fortinet Security Fabric with FortiManager for configuration management and FortiAnalyzer for...
Deploy a complete self-hosted media automation system with Plex, Sonarr, Radarr, Prowlarr, and more. Includes Traefik reverse proxy, Authentik SSO, and...
Build a production-grade K3s cluster on Proxmox/bare metal with Longhorn storage, Traefik ingress, cert-manager, and ArgoCD for GitOps.
Full deployment lifecycle for SentinelOne EDR - agent rollout, policy configuration, exclusions, threat hunting queries, and response playbooks.
Security researchers have identified a severe authentication bypass vulnerability affecting multiple enterprise VPN products. Immediate patching recommended.
Learn how to set up a production-grade homelab with proper network segmentation, monitoring, and security controls. Perfect for IT professionals and...
New AI-powered threat detection and automated incident response capabilities coming to Microsoft 365 E5 subscribers this quarter.
Step-by-step project guide for building a functional SIEM using Wazuh, Elastic, and Grafana. Perfect for homelabs and small businesses.
Cloudflare discloses the largest publicly reported DDoS attack to date, peaking at 31.4 Tbps during 'The Night Before Christmas' campaign attributed to...
Deploy a modern, high-performance VPN using WireGuard. Covers server setup, client configuration, and security best practices for secure remote access.
Ransomware attacks against healthcare organizations have increased 67% in the first month of 2026, with multiple hospital systems reporting service disruptions.
Comprehensive guide to hardening Linux servers covering user management, service configuration, kernel security, and ongoing maintenance for production systems.
Automate Windows security baseline checks using PowerShell. Validate configurations against CIS benchmarks for password policies, audit settings, and...
Learn to analyze Windows Security Event Logs to detect brute force attacks, lateral movement, privilege escalation, and other security threats using PowerShell.
WorldLeaks extortion group claims responsibility for a data breach on Nike, allegedly exposing 1.4 terabytes of internal data including supply chain and...
Create a dedicated vulnerability scanning environment using OpenVAS. Learn to identify security weaknesses in your infrastructure safely and effectively.
Security researchers warn of mass exploitation campaigns targeting Fortinet FortiGate firewalls. Over 50,000 devices believed to be compromised globally.
Microsoft reveals adversaries using AI for automated vulnerability discovery, phishing campaigns, and malware generation. AI-crafted phishing emails...
Qilin ransomware group claims responsibility for massive healthcare breach, stealing 850GB of sensitive patient data across multiple states. Initial...
CISA has issued an emergency directive requiring federal agencies to mitigate Ivanti Connect Secure vulnerabilities within 48 hours as active exploitation...
Microsoft's first security update of 2026 addresses 114 vulnerabilities including three zero-days. One flaw is actively exploited in the wild with CISA...
Create an isolated malware analysis environment for safely examining suspicious files and understanding threat behavior without risking your infrastructure.
The US Treasury Department has confirmed a significant cybersecurity incident, attributing the breach to state-sponsored threat actors who accessed...
Claims administration firm Sedgwick confirms cybersecurity incident at government subsidiary after TridentLocker ransomware group claims theft of 3.4 GB...