2025-07-02
Schneier on Security
Ubuntu Disables Spectre/Meltdown Protections
Malwarebytes
Qantas: Breach affects 6 million people, “significant” amount of data likely taken
Troy Hunt
Weekly Update 458
Ars Technica Security
AT&T rolls out Wireless Account Lock protection to curb the SIM-swap scourge
Trail of Bits
Buckle up, Buttercup, AIxCC’s scored round is underway!
Dark Reading
Qantas Airlines Breached, Impacting 6M Customers
Dark Reading
US Treasury Sanctions BPH Provider Aeza Group
Searchlight Cyber
How Modern ASM Uncovers Hidden Risks in Real Time
Red Siege InfoSec Blog
Penetration Testing in SDLC
Red Siege InfoSec Blog
Logic Attacks: Abusing The System
Palo Alto Networks
Navigating Heightened Cyber Risks from Iranian Threats
Talos Intelligence
PDFs: Portable documents, or perfect deliveries for phish?
2025-07-01
Google Safety & Security
We are announcing Sparkasse as our first national credential partner for EU age assurance.
Schneier on Security
Iranian Blackout Affected Misinformation Campaigns
Cloudflare
Message Signatures are now part of our Verified Bots Program, simplifying bot authentication
Malwarebytes
Facebook wants to look at your entire camera roll for “AI restyling” suggestions, and more
White Knight Labs
Understanding Out-Of-Bounds in Windows Kernel Driver
Amazon Security
Remote access to AWS: A guide for hybrid workforces
Github Security Blog
Understand your software’s supply chain with GitHub’s dependency graph
Ars Technica Security
US critical infrastructure exposed as feds warn of possible attacks from Iran
Microsoft Security
Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers
Dark Reading
Like SEO, LLMs May Soon Fall Prey to Phishing Scams
Dark Reading
We've All Been Wrong: Phishing Training Doesn't Work
Leviathan Security
Integrating Security Metrics into Quality Models: A DORA-Aligned Strategy
Searchlight Cyber Research
How we got persistent XSS on every AEM cloud site, thrice
2025-06-30
Schneier on Security
How Cybersecurity Fears Affect Confidence in Voting Systems
Malwarebytes
AT&T to pay compensation to data breach victims. Here’s how to check if you were affected
Malwarebytes
A week in security (June 23 – June 29)
Ars Technica Security
Drug cartel hacked FBI official’s phone to track and kill informants, report says
Microsoft Security
Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations
Dark Reading
Why Cybersecurity Should Come Before AI in Schools
Meta Security
Meta joins Kotlin Foundation
Krebs on Security
Senator Chides FBI for Weak Advice on Mobile Security
2025-06-28
2025-06-27
Schneier on Security
Friday Squid Blogging: What to Do When You Find a Squid “Egg Mop”
Schneier on Security
The Age of Integrity
Eclypsium
Ars Technica: Actively exploited vulnerability gives extraordinary control over server fleets
Eclypsium
The Hacker News: CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
Malwarebytes
Fake DocuSign email hides tricky phishing attempt
SpiderLabs
Tracing Blind Eagle to Proton66
Github Security Blog
GitHub Advisory Database by the numbers: Known security vulnerabilities and what you can do about them
Ars Technica Security
Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe
Microsoft Security
Unveiling RIFT: Enhancing Rust malware analysis through pattern matching
Dark Reading
'CitrixBleed 2' Shows Signs of Active Exploitation
Dark Reading
US Falling Behind China in Exploit Production
Searchlight Cyber
Scattered Spider Shifts Focus to Insurance Industry
2025-06-26
Schneier on Security
White House Bans WhatsApp
Malwarebytes
Why the Do Not Call Registry doesn’t work
Ars Technica Security
Actively exploited vulnerability gives extraordinary control over server fleets
Dark Reading
How Geopolitical Tensions Are Shaping Cyber Warfare
ReversingLabs
SAFE and Trusted: Why the Spectra Assure Community Badge Belongs on Your Open Source Project
Compass Security Blog
Pwn2Own Ireland 2024 – Ubiquiti AI Bullet
Palo Alto Networks
Global Reach — The New Scale of Chinese Cyberthreats
Talos Intelligence
Getting a career in cybersecurity isn’t easy, but this can help
Talos Intelligence
Decrement by one to rule them all: AsIO3.sys driver exploitation