126 Security Blogs

Last Updated: 21 Mar 25 13:43 UTC

Blog List | Github | OPML

2025-03-21

Rapid7
Rapid7 MDR Supports AWS GuardDuty's New Attack Sequence Alerts

Moonlock
Critical FBI warning: Online file converters are spreading malware

Troy Hunt
Weekly Update 444

Schneier on Security
NCSC Releases Post-Quantum Cryptography Timeline

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 12

SentinelOne
When Python Is Poisoned | How Runtime Security Stops the tj-actions Attack

NVISO Labs
How to hunt & defend against Business Email Compromise (BEC)

Cloudflare
RDP without the risk: Cloudflare's browser-based solution for secure third-party access

Cloudflare
Detecting sensitive data and misconfigurations in AWS and GCP with Cloudflare One

Cloudflare
Enhance data protection in Microsoft Outlook with Cloudflare One’s new DLP Assist

Cloudflare
Prepping for post-quantum: a beginner’s guide to lattice cryptography

Cloudflare
Improving Data Loss Prevention accuracy with AI-powered context analysis

Cloudflare
Cloudflare is now IRAP assessed at the PROTECTED level, furthering our commitment to the global public sector

Dark Reading
Why Cyber Quality Is the Key to Security

RAM - Security Insights
Security Compliance Fit

Searchlight Cyber
Cyberattack to Blame for Recent X Outage

TrustedSec
Trimarc Joins TrustedSec: Strengthening Our Commitment to Security


2025-03-20

Rapid7
Rapid7 and IDC ASM Spotlight Paper Blog

Fastly
Fastly’s Next-Gen WAF named a Strong Performer in Forrester Wave™

SpiderLabs
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2

Talos Intelligence
Tomorrow, and tomorrow, and tomorrow: Information security and the Baseball Hall of Fame

Talos Intelligence
UAT-5918 targets critical infrastructure entities in Taiwan

Schneier on Security
Critical GitHub Attack

Malwarebytes
Semrush impersonation scam hits Google Ads

Malwarebytes
Targeted spyware and why it’s a concern to us

SentinelOne
How to Build and Maintain an Effective AWS Security Posture

watchTowr Labs
By Executive Order, We Are Banning Blacklists - Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120)

Cloudflare
Cloudflare named a leader in Web Application Firewall Solutions in 2025 Forrester report

Cloudflare
Introducing Cloudy, Cloudflare’s AI agent for simplifying complex configurations

Cloudflare
HTTPS-only for Cloudflare APIs: shutting the door on cleartext traffic

Cloudflare
Simplify allowlist management and lock down origin access with Cloudflare Aegis

Cloudflare
Making Application Security simple with a new unified dashboard experience

Cloudflare
Improved support for private applications and reusable access policies with Cloudflare Access

Dark Reading
VexTrio Using 20,000 Hacked WordPress Sites in Traffic Redirect Scheme

Dark Reading
University Competition Focuses on Solving Generative AI Challenges

Dark Reading
Why It's So Hard to Stop Rising Malicious TDS Traffic

Dark Reading
Ukraine Defense Sector Under Attack via Dark Crystal RAT

Dark Reading
Are We Closing the Gender Gap in Cybersecurity?

Dark Reading
HP Brings Quantum-Safe Encryption to Printers

Dark Reading
Mobile Jailbreaks Exponentially Increase Corporate Risk

Dark Reading
India Is Top Global Target for Hacktivists, Regional APTs

Elastic Security Labs
Shedding light on the ABYSSWORKER driver

Snyk
Overcoming AppSec Challenges in FinServ: How CIBC Balances Speed, Security, and Compliance

Krebs on Security
DOGE to Fired CISA Staff: Email Us Your Personal Data

Compass Security Blog
Bypassing Web Filters Part 4: Host Header Spoofing & Domain Fronting Detection Bypasses


2025-03-19

Datadog HQ
How state, local, and education organizations can manage logs flexibly and efficiently using Datadog Observability Pipelines

Okta Security
CSO Conversations: Matthew Hansen, Regional CSO of Americas West

Rapid7
Critical Veeam Backup & Replication CVE-2025-23120

Rapid7
Apache Tomcat CVE-2025-24813: What You Need to Know

Rapid7
Fake BianLian Ransomware Letters in Circulation

Rapid7
Fresh Faces Join the Take Command 2025 Lineup

Fastly
Testing Next-Gen WAF Rate Limiting Rule with GitHub Actions

SpiderLabs
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1

Moonlock
How to scan your router for malware and remove infections

Eclypsium
BTS #47 - BMC&C Part 3

Malwarebytes
The “free money” trap: How scammers exploit financial anxiety 

Malwarebytes
Sperm bank breach deposits data into hands of cybercriminals

SentinelOne
Dragon RaaS | Pro-Russian Hacktivist Group Aims to Build on “The Five Families” Cybercrime Reputation

Auth0
Japanese Now Available on the Auth0 Dashboard and Docs

Cloudflare
Cloudflare for AI: supporting AI adoption at scale with a security-first approach

Cloudflare
Improved Bot Management flexibility and visibility with new high-precision heuristics

Cloudflare
Take control of public AI application security with Cloudflare's Firewall for AI

Cloudflare
Trapping misbehaving bots in an AI Labyrinth

Cloudflare
An early look at cryptographic watermarks for AI-generated content

Cloudflare
How we train AI to uncover malicious JavaScript intent and make web surfing safer

Dark Reading
Critical Fortinet Vulnerability Draws Fresh Attention

Dark Reading
Nation-State Groups Abuse Microsoft Windows Shortcut Exploit

Dark Reading
Cytex Unveils AICenturion

Dark Reading
Enterprises Gain Control Over LLM Oversharing With Prompt Security's GenAI Authorization

Dark Reading
Infosys Settles $17.5M Class Action Lawsuit After Sprawling Third-Party Breach

Dark Reading
Women in CyberSecurity and ISC2 Announce the WiCyS + ISC2 Certified in CybersecuritySM Certification Spring Camp

Dark Reading
AI Cloud Adoption Is Rife With Cyber Mistakes

Dark Reading
Cybercriminals Taking Advantage of 'Shadow' Alliances, AI

Dark Reading
Why Cybersecurity Needs More Business-Minded Leaders

The Citizen Lab
Virtù o vizio? Un primo sguardo alle operazioni in espansione dello spyware di Paragon

The Citizen Lab
Virtue or Vice? A First Look at Paragon’s Proliferating Spyware Operations

Zero Day Initiative
Building an electric vehicle simulator to research EVSEs

Searchlight Cyber
Effective Ransomware Prevention Strategies

Palo Alto Networks
Palo Alto Networks Helps Secure Black Hat Asia 2025


2025-03-18

Datadog HQ
Key metrics for measuring your organization's security posture

Datadog HQ
Monitor your organization's security posture with Datadog

Eclypsium
BMC&C: Redfish Alert 3

Schneier on Security
Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Malwarebytes
AMOS and Lumma stealers actively spread to Reddit users

Malwarebytes
Amazon disables privacy option, will send your Echo voice recordings to the cloud

Amazon Security
2024 H2 IRAP report is now available on AWS Artifact for Australian customers

Amazon Security
AWS completes the annual UAE Information Assurance Regulation compliance assessment

Google Safety & Security
Google announces agreement to acquire Wiz

Auth0
Enrich Auth0 Access Tokens with Auth0 FGA Data

Cloudflare
Unleashing improved context for threat actor activity with our Cloudforce One threat events platform

Cloudflare
Extending Cloudflare Radar’s security insights with new DDoS, leaked credentials, and bots datasets

Dark Reading
Knostic Nabs $11M to Eliminate Enterprise AI Data Leaks

Dark Reading
Wireless Airspace Defense Firm Bastille Reveals Top Threats of 2025

Dark Reading
Automox Demonstrates IT and Security Impact With Launch of Precision Analytics

Dark Reading
Fujifilm Signs Strategic Collaboration Agreement With Amazon Web Services

Dark Reading
Duke University & GCF Partner to Identify Pathways for Advancing Women's Careers in Cybersecurity

Dark Reading
Google to Acquire Wiz for $32B in Multicloud Security Play

Dark Reading
Microsoft Sounds Warning on Multifunctional 'StilachiRAT'

Dark Reading
Black Basta Leader in League With Russian Officials, Chat Logs Show

Dark Reading
Extortion Reboot: Ransomware Crew Threatens Leak to Snowden

Dark Reading
Actively Exploited ChatGPT Bug Puts Organizations at Risk

Dark Reading
Orion Security Startup Tackles Insider Threats With AI

Dark Reading
3 AI-Driven Roles in Cybersecurity

PortSwigger
SAML roulette: the hacker always wins

Snyk
Building a Culture of Secure Coding: Empowering Developers to Build Resilient Software

Snyk
Unburdening Developers From Vulnerability Fatigue with Snyk Delta Findings

TrustedSec
Are Attackers "Passing Through" Your Azure App Proxy?

Compass Security Blog
Bypassing Web Filters Part 3: Domain Fronting

Palo Alto Networks
SOC and Awe — How Autonomous Security Is Changing the Game


2025-03-17

Star Labs
STAR Labs Windows Exploitation Challenge 2025 Writeup

Eclypsium
Hardware Hacking: Tools, Tips & Tricks for Total Domination

Schneier on Security
Improvements in Brute Force Attacks

Malwarebytes
Warning over free online file converters that actually install malware

Malwarebytes
1 in 10 people do nothing to stay secure and private on vacation

Malwarebytes
A week in security (March 10 – March 16)

SentinelOne
PinnacleOne ExecBrief | The Hidden Cyber Risks of Mergers & Acquisitions

watchTowr Labs
Bypassing Authentication Like It’s The ‘90s - Pre-Auth RCE Chain(s) in Kentico Xperience CMS

Amazon Security
AWS KMS CloudWatch metrics help you better track and understand how your KMS keys are being used

Dark Reading
OAuth Attacks Target Microsoft 365, GitHub

Dark Reading
ClickFix Attack Compromises 100+ Car Dealership Sites

Dark Reading
Lexmark Expands Print Security Services Worldwide

Dark Reading
Varonis Acquires Cyral to Reinvent Database Activity Monitoring

Dark Reading
Denmark Warns of Increased Cyber Espionage Against Telecom Sector

Dark Reading
Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

Dark Reading
RansomHub Taps FakeUpdates to Target US Government Sector

Dark Reading
How 'Open Innovation' Can Help Solve Problems Faster, Better & Cheaper

Dark Reading
How Economic Headwinds Influence the Ransomware Ecosystem

Sansec Threat Research
You have 2 weeks left to set up CSP for your store

Google Security Blog
Announcing OSV-Scanner V2: Vulnerability scanner and remediation tool for open source

Ars Technica Security
Large enterprises scramble after supply-chain attack spills their secrets

Snyk
Reconstructing the TJ Actions Changed Files GitHub Actions Compromise


2025-03-16

Troy Hunt
Weekly Update 443

MaskRay's Blog
Relocation generation in assemblers

Dark Reading
Intel's Secure Data Tunnel Moves AI Training Models to Data Sources


2025-03-14

Rapid7
Metasploit Weekly Wrap-Up 03/14/25

Schneier on Security
Friday Squid Blogging: SQUID Band

Schneier on Security
Upcoming Speaking Engagements

Malwarebytes
Research on iOS apps shows widespread exposure of secrets

Auth0
Developer Week 2025: Building a Long-Term Relationship with AI

Dark Reading
Threat Actor Impersonates Booking.com in Phishing Scheme

Dark Reading
Man-in-the-Middle Vulns Threaten Car Security

Dark Reading
Ransomware Developer Extradited, Admits Working for LockBit

Dark Reading
Threat Actor Tied to LockBit Ransomware Targets Fortinet Users

Dark Reading
CISA Cuts $10M in ISAC Funding & 100s of Employees

Dark Reading
Biggest Cyber Threats to the Healthcare Industry Today

Krebs on Security
ClickFix: How to Infect Your PC in Three Easy Steps

Palo Alto Networks
Key Cybersecurity Considerations for Financial Institutions