193 Security Blogs

Last Updated: 22 Jun 26 17:00 UTC

Blog List | Github | OPML

2026-06-22

Trail of Bits
Introducing Patch the Planet

Dark Reading
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign

Meta Security
Adopting AV1 for Real-Time Communication (RTC) at Scale

Microsoft Security
One intrusion, two cyberattackers: Uncovering parallel threat activity

Exodus Blog
Out of Shift: How a Shared State Bug in V8’s AsmJS Parser Broke the Ubercage

Amazon Security
Prevent data exfiltration: AWS egress controls for cloud workloads

Searchlight Cyber
How to Measure Continuous Attack Surface Management Success: Essential Metrics That Matter

Malwarebytes
Thousands of D-Link routers under control of AryStinger botnet

Jericho
2026 East Coast Drive (Part 3: VA / DC)

ISC SANS
Webshells Remain Popular, (Mon, Jun 22nd)

Wiz
Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows

Malwarebytes
Document delivery scams: What are they and what’s their goal?

JFrog
PixelSmash – Critical FFmpeg Vulnerability Turns Media Files into Weapons

MIT Technology Review
The Download: record-breaking subsea tunnels and flexible data centers

Schneier on Security
Professional Athletes and Wearables

Escape DAST
Race against the Machine: Can you match AI's pentesting time?

MIT Technology Review
Inside the world’s deepest and longest subsea road tunnel

Malwarebytes
A week in security (June 15 – June 21)

ISC SANS
ISC Stormcast For Monday, June 22nd, 2026 https://isc.sans.edu/podcastdetail/9980, (Mon, Jun 22nd)

GitGuardian
BSides San Antonio 2026: Following Trust Across Applications, Cloud, and Compliance


2026-06-21

Jericho
2026 East Coast Drive (Part 2: North Carolina / Virginia)

ToxSec
AI Tar Pits Are Drowning LLM Scrapers in Infinite Garbage


2026-06-20

Step Security
15 Malicious JetBrains Plugins Stole AI API Keys from 70,000 Developers

Jericho
2026 East Coast Drive (Part 1: NaClCON)

Project Black
Liquidfiles Privilege Escalation

Socket
GitHub Actions Checkout Now Blocks Risky pull_request_target Checkouts

Joshua Rogers
Hacking fun with zip-slips, tar-slips, symlinks, hardlinks, collisions, and more


2026-06-19

Schneier on Security
Friday Squid Blogging: Victims of Unregulated Squid Fishing

Kevin Beaumont
An update on FortiBleed — what’s happening with victim orgs

Socket
Introducing Repository Access Permissions and Custom Roles

Rapid7
Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more

Malwarebytes
Nearly 15,000 infected websites cleaned in SocGholish crackdown

The Citizen Lab
WhatsApp Accuses NSO of Fresh Pegasus Targeting

Jericho
My Quest for the White Squirrel!

Escape DAST
How Escape helped Bridgetech Group replace pentests with automated evidence

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 25

Dark Reading
Stressors, AI Forcing Changes to Cybersecurity Teams

Cloudflare
Temporary Cloudflare Accounts for AI agents

MIT Technology Review
The Download: AI bottleneck debates, and BCI trials take off

Malwarebytes
Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap

Schneier on Security
Anthropic’s Fable and the State of AI

MIT Technology Review
A startup claims it broke through a bottleneck that’s holding back LLMs

MIT Technology Review
The inevitable weakness of metrics

MIT Technology Review
Brain-computer interface trials are taking off

ISC SANS
eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)

Palo Alto Networks
Expanding Our Footprint: Local Cloud Availability for Prisma AIRS in Japan

Moonlock
Apple Pay scams: how to spot them and what to do if you’re scammed

Moonlock
Meta disrupts a WhatsApp phishing campaign spreading spyware

Moonlock
Apple explains why macOS 26 blocks pasted Terminal commands

Moonlock
Downloaded a Mac app? It could be an infostealer in disguise

Moonlock
Apple adds more privacy controls to Find My and Maps

Praetorian
GhostPack Necromancy: Reforging C# Tools with WasmForge

Microsoft Security
AutoJack: How a single page can RCE the host running your AI agent

Elastic Security Labs
Lost in relocation: analysis of a new loader distributing CASTLESTEALER

Elastic Security Labs
Azure AD Graph Activity Logs: Ingestion and threat detection to close the visibility gap


2026-06-18

Ars Technica Security
Microsoft discovers new lightweight backdoor that steals cryptocurrency

Socket
Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection

Palo Alto Networks
The Invisible CEO of Crisis: Breaking the Cycle of CISO Burnout

Eclypsium
FortiBleed: You Can't Patch Your Way Out of This

Dark Reading
Novo Nordisk Breach Highlights Software Development Pipeline Risk

Ars Technica Security
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds

Microsoft Security
New Forrester study shows customers who unified with Microsoft Security benefited from 124% ROI

Amazon Security
Accelerate security investigations with Kiro CLI

Dark Reading
Operation Escaneo Signals Shift in LatAm Threat Landscape

Dark Reading
FIFA Bug Exposes World Cup Streams to Remote Takeover

Talos Intelligence
Close Encounters of the Human Kind

Cloudflare
Build your own vulnerability harness

Krebs on Security
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm

Amazon Security
Spring 2026 SOC 1 and 2 reports are now available in OSCAL format

Dark Reading
Salesforce Data Thefts Continue via Klue App Compromise

NVISO Labs
The Road to Post-Quantum Readiness Part 1 of 2: Understanding the Risk

Jericho
Colorado Voting System Irregularities & Continued Rigging

Rapid7
Why Security Teams Need To Start Earlier

GitGuardian
How Five PostgreSQL Optimizations Sped Up Our Dashboard

ToxSec
Meta's Rule of Two: The Fix for Agent Prompt Injection

JFrog
npm v12’s Biggest Security Change: From Implicit to Explicit Trust

Aikido
Aikido x OWASP: 200 free credits for individual members

Eclypsium
Securing the Foundation: What the New White House AI Executive Order Means for Federal Cybersecurity

Cloudflare
Celebrating 12 years of Project Galileo

Dark Reading
Get Out of Security Debt by Tackling the Exposure Problem

Bishop Fox Security
Shynet | VERSION 0.13.1

Malwarebytes
Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control

Wiz
The President’s Executive Actions on AI Have a Lot to Say on Cybersecurity

MIT Technology Review
The Download: a new hunt for dark matter and Kenya’s case for going solar

Malwarebytes
Retro gaming fans are the new target for fake GitHub malware

Mend
Frontier Model Is the Wrong Meter for Continuous Security

Schneier on Security
Embedding Forbidden Text in Spyware to Discourage AI Analysis

Step Security
Mastra npm Supply Chain Attack: 140+ Packages Backdoored via easy-day-js Typosquat

Step Security
Miasma and Hades Are Spreading Now: Detect Them on Developer Machines with Suspicious Files

Step Security
Prevent npm and Python Supply Chain Attacks on Developer Machines with Package Configs

Step Security
400+ AUR Packages Hijacked: What the “Atomic Arch” Campaign Means for Supply-Chain Security

Talos Intelligence
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model

MIT Technology Review
Geoengineering still faces major practical challenges

Malwarebytes
Kodak confirms breach as ShinyHunters’ leak threat reaches deadline

MIT Technology Review
The search for dark matter has been blown wide open

Searchlight Cyber
Three Days to Patch: What CISA’s New Directive Says About the Pace of Modern Exploitation

Hunt and Hackett
How to move from ClickOps to fully automated Microsoft Entra ID infrastructure

OWASP
Aikido and OWASP bring agentic Code Audit to the global AppSec community

Dark Reading
EU Gets a Head Start in Developing 6G Network Security

Snyk
The full Snyk AI Security Platform, free for open source maintainers

TrustedSec
Modern Web Application Content Discovery

Microsoft Security
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

dgl
SSH port knocking with OpenBSD 7.9

Moonlock
Docusign scams: What they look like, how they work, and what to do

ISC SANS
ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th)

ISC SANS
The Behavior of Coordinated SSH Brute Force Attacks over the last three months [Guest Diary], (Wed, Jun 17th)

Bishop Fox Security
The Smash-and-Grab Era

Auth0
LLMjacking and the Hidden Cost of a Stolen API Key

Auth0
The Part of Software Engineering AI Cannot Replace

Fastly
Deploying Fastly's Next-Gen WAF with Google Cloud Service Extensions to Help Secure Traffic at Scale


2026-06-17

Microsoft Security
Crypto Clipper uses Tor and worm-like propagation for persistence and control

Malwarebytes
Roblox developers are losing entire games to malware attacks

Socket
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions

Ars Technica Security
Massive breach spills credentials for thousands of sensitive networks

Dark Reading
INC Ransomware Thrives by Mastering the Basics

Cloudflare
Bringing more agent harnesses and frameworks to Cloudflare, starting with Flue

Microsoft Security
Beyond the benchmark: Advancing security at AI speed

Praetorian
FreeBSoD: Leveraging Language Models to Find and Exploit Kernel Bugs (Part 1 of 2)

The Citizen Lab
How Freedom Tech Is Pushing Back Against Digital Authoritarianism

Microsoft Security
​​Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave™ report

Ars Technica Security
"Dangerous" AI models are coming no matter what

Microsoft Security
AI is accelerating cyberattacks—here’s how to stay ahead

ISC SANS
The browser blind spot: Why your security tool may not be blocking what you think it is [Guest Diary], (Wed, Jun 17th)

Malwarebytes
Rokarolla Android malware can take over your phone and steal banking logins

Amazon Security
Introducing AWS Continuum: Security at machine speed

Wiz
The Red Agent POV: How it Reasoned its Way to SSRF

Wiz
Introducing the Red Agent POV Series

Kevin Beaumont
FortiBleed — 75k Fortinet firewalls have admin passwords cracked

Dark Reading
Sweeping Credential-Harvesting Heist Compromises 30K+ Fortinet Devices

SentinelOne
The Agentic SOC: Solving Security’s Investigation Capacity Crisis in the Frontier AI Era

Black Hills Info Sec
Everyone’s Selling AI That Kills Pentesting. We Built One That Doesn’t.

Cloudflare
Introducing the Cloudflare One stack: agent-powered deployment

MIT Technology Review
The Download: a reality check for geoengineering and the science of interoception

Rapid7
Malware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader Chain

Ars Technica Security
Windows and Linux users: The deadline to update Secure Boot keys is near

Schneier on Security
AI Use by the US Government

Malwarebytes
24 billion stolen records exposed online. Here’s what to do

Mend
Mastra npm Scope Takeover: 140+ Packages Compromised via easy-day-js Dropper

Malwarebytes
Malwarebytes earns AV-TEST Top Product award, aces other third-party tests

NVISO Labs
Reducing Microsoft Sentinel Costs Without Compromising Detection – Part 1: The Summary Rules Quest

Searchlight Cyber
June 17th – This Week’s Top Cybersecurity and Dark Web Stories

Aikido
Over 140 popular Mastra npm Packages Hit by Supply Chain Attack

Dark Reading
UK Social Media Ban for Minors Has Privacy Experts Worried

Socket
140+ Mastra npm Packages Compromised in Coordinated Supply Chain Attack

ISC SANS
ISC Stormcast For Wednesday, June 17th, 2026 https://isc.sans.edu/podcastdetail/9976, (Wed, Jun 17th)

Auth0
AI Agents Are Not Users: Building an Identity Model That Reflects That

Teleport Blog
Automating Identity and Access for FedRAMP 20x KSIs with Teleport

Greynoise
5 Things I Show Every SOC Team When We Wire GreyNoise Into Their SOAR

Sansec Threat Research
Unauthenticated remote code execution in JTL Shop

Fastly
UA Spoofing 101: Detection and Defense with Fastly’s Next-Gen WAF


2026-06-16

Socket
npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners

Snyk
A Day in the Life of an AI Engineer in Snyk's Lisbon Office

Dark Reading
Fileless Phantom Stealer Targets Browser Credentials

Dark Reading
Security Community Slams US Ban on Exporting Mythos, Fable

Doyensec
Introducing Session Switcher. Swap Burp Sessions with One Click!

Snyk
A Forgotten Contributor Account Compromised the Entire Mastra npm Package Scope

Dark Reading
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

Eclypsium
BTS #76 - Binwalk, Brickstorm, AI Model Madness

Aikido
Multiple JetBrains IDE plugins caught stealing AI keys

Eclypsium
No Patch Coming: The Arista EOS Tunnel Bug Your Scanner Will Miss

Amazon Security
Threat tactic spotlight: Subdomain takeover

Dark Reading
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence

Mend
Why AI Can’t Verify Its Own Code and What That Means for Enterprise AppSec

Praetorian
Sharing is Caring: SMB Secret Scanning with Sulla

Dark Reading
'Lorem Ipsum' Malware Pivots to ClickFix Delivery

Offensive Security
AI vs Traditional Penetration Testing: Tooling and Outcomes

Socket
Introducing Manifest Alerts

Xint
FAQ: Are the Incremental Improvements in New Models Worth the Higher Cost?

Palo Alto Networks
Securing the Agentic AI Frontier: Palo Alto Networks and Databricks Deliver a New Standard for AI Security

Bishop Fox Security
A Crash, Not a Shell: SolarWinds Serv-U CVE-2026-28318

Cloudflare
Cloudflare DMARC Management is now generally available

Aikido
Introducing Code Audit: Find complex vulnerabilities hidden in your source code

Malwarebytes
“Free World Cup stream” sites are serving scams, not football

Malwarebytes
Cardiac patients’ medical data stolen and held to ransom

GitGuardian
Extending Our Mission With Developer Endpoint Protection

Ars Technica Security
Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Schneier on Security
Flock Cameras Are Being Used for Stalking

Wiz
Wiz Exposure Management Dashboard: Your CTEM Command Center

Malwarebytes
Deepfake posting sites depicting famous women taken down by feds

Searchlight Cyber
14 Months of Warning: What Preemptive Threat Intelligence Reveals about the ShinyHunters Supply Chain Breaches

ISC SANS
From a VHDX File to a Remcos RAT, (Tue, Jun 16th)

Resecurity
Cybercriminals Are Targeting EdTech: Data Breaches and Ransomware Attacks on the Rise

Resecurity
CVE-2026-20253: Splunk Enterprise Pre-Authentication Remote Code Execution

TrustedSec
JQ for Hackers

ISC SANS
ISC Stormcast For Tuesday, June 16th, 2026 https://isc.sans.edu/podcastdetail/9974, (Tue, Jun 16th)

Moonlock
The 15 common Telegram scams you should watch out for

Himanshu Anand
Fine-tune an LLM on Vertex AI, own the whole GCP project

Fastly
Credential Stuffing is the Real Boss Fight for Gaming Platforms


2026-06-15

Eclypsium
Stay Ahead of Your Next CJIS Audit

Socket
GlassWASM: WebAssembly Malware Found in Trojanized Open VSX Extensions

Malwarebytes
Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software 

Dark Reading
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk

Dark Reading
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft

Ars Technica Security
Users cry foul after AMD stripped memory crypto from its consumer CPUs

Rapid7
NIS2 is raising the bar. Here’s how to turn readiness into resilience.

Rapid7
Does Your Security Programme Align With NIS2 Requirements?

Dark Reading
China-Nexus Actor Spies on US Researchers Undetected for a Year