134 Security Blogs

Last Updated: 11 Jun 25 03:07 UTC

Blog List | Github | OPML

2025-06-11

Krebs on Security
Patch Tuesday, June 2025 Edition


2025-06-10

Fastly
CISO Perspective: Q1 2025 Threat Insights Report

Malwarebytes
GirlsDoPorn owner faces life in jail after pleading guilty to sex trafficking

Malwarebytes
44% of people encounter a mobile scam every single day, Malwarebytes finds

Malwarebytes
Google bug allowed phone number of almost any user to be discovered

Amazon Security
Building identity-first security: A guide to the Identity and Access Management track at AWS re:Inforce 2025

Binarly
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass

Trail of Bits
What we learned reviewing one of the first DKLs23 libraries from Silence Laboratories

Dark Reading
Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast

Dark Reading
PoC Code Escalates Roundcube Vuln Threat

Dark Reading
Red Canary Expands AI Innovations to Cut Alert Overload

Dark Reading
GitHub: How Code Provenance Can Prevent Supply Chain Attacks

Dark Reading
United Natural Food's Operations Limp Through Cybersecurity Incident

Dark Reading
Poisoned npm Packages Disguised as Utilities Aim for System Wipeout

Dark Reading
SSH Keys: The Most Powerful Credential You're Probably Ignoring

Ars Technica Security
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

Zero Day Initiative
The June 2025 Security Update Review

Synacktiv
Exploiting Heroes of Might and Magic V

Compass Security Blog
LinkedIn for OSINT: tips and tricks

ReversingLabs
OWASP's Chat Playground lets security teams toy with gen AI

Sicuranext Blog
Infuencing LLM Output using logprobs and Token Distribution

Sicuranext Blog
Infuencing LLM Output using logprobs and Token Distribution

TrustedSec
Common Mobile Device Threat Vectors

Rapid7
Patch Tuesday - June 2025

Rapid7
BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

Rapid7
Key Takeaways from the Take Command Summit 2025: Demystifying Cloud Detection & Response – The Future of SOC and MDR

Eclypsium
Leading Cloud Computing Company Relies on Eclypsium to Protect AI Data Center Infrastructure

Eclypsium
The Ultimate Guide to AI Data Center Infrastructure Security

Eclypsium
GenAI Compute Infrastructure Under Siege: Defending the Foundation of AI

Eclypsium
AI Data Centers: The Cyber Target of the Century

Eclypsium
Eclypsium Secures AI Data Centers as AI Arms Race Escalates

Eclypsium
AI is Critical Infrastructure: Securing the Foundation of the Global Future

Datadog HQ
Optimize and troubleshoot AI infrastructure with Datadog GPU Monitoring

Datadog HQ
Ensure trust across the entire data life cycle with Datadog Data Observability

Datadog HQ
Connect your AI agents to Datadog tools and context using the Datadog MCP Server

Datadog HQ
Automate Cloud SIEM investigations with Bits AI Security Analyst

Datadog HQ
Improve performance and reliability with Proactive App Recommendations

Datadog HQ
Automatically identify issues and generate fixes with the Bits AI Dev Agent

Datadog HQ
Introducing Bits AI SRE, your AI on-call teammate

Datadog HQ
Debug live production issues with the Datadog Cursor extension

Datadog HQ
Unify remediation and communication with Datadog Incident Response

Datadog HQ
Monitor, troubleshoot, and improve agentic systems with Datadog

Datadog HQ
Monitor your OpenAI agents with Datadog LLM Observability

Datadog HQ
Rightsize workloads and reduce costs with Datadog Kubernetes Autoscaling

Datadog HQ
Make data-driven design decisions with Product Analytics

Datadog HQ
Store and analyze high-volume logs efficiently with Flex Logs

Datadog HQ
Explore your data with Sheets, DDSQL Editor, and Notebooks for advanced analysis in Datadog

Datadog HQ
Search your historical logs more efficiently with Datadog Archive Search

Datadog HQ
Send Azure logs to Datadog faster and more easily with automated log forwarding

Datadog HQ
Detect anomalies beyond spikes and new values with Content Anomaly Detection in Cloud SIEM

Datadog HQ
DASH 2025 Act & Automate: Guide to Datadog's newest announcements

Datadog HQ
DASH 2025: Guide to Datadog's newest announcements

Datadog HQ
DASH 2025 Observe & Analyze: Guide to Datadog's newest announcements

Datadog HQ
DASH 2025 Secure & Govern: Guide to Datadog's newest announcements

Datadog HQ
Detect and investigate query regressions with Datadog Database Monitoring

Datadog HQ
Detect issues and optimize spend with Databricks serverless job monitoring

Datadog HQ
Protect the life cycle of your application code and libraries with Datadog Code Security

Datadog HQ
Accelerate Oracle Cloud Infrastructure monitoring with Datadog OCI QuickStart

Datadog HQ
Proactively enforce infrastructure best practices with Datadog Resource Policies

Datadog HQ
Visualize cloud security relationships with Datadog Security Graph

Datadog HQ
Detect Amazon Bedrock misconfigurations with Datadog Cloud Security

Datadog HQ
Building on open source IaC scanning tools with Datadog

Datadog HQ
Track engineering metrics with customizable, executive-ready reports in Datadog’s IDP

Datadog HQ
Ship software quickly and confidently with Datadog IDP

Datadog HQ
Accelerate Kubernetes issue resolution with AI-powered guided remediation

Datadog HQ
Create and monitor LLM experiments with Datadog

Datadog HQ
Monitor and optimize your Flex Logs compute usage

Datadog HQ
Security and SRE: How we implemented our combined approach

Datadog HQ
Reduce cloud storage costs and improve operational efficiency with Datadog Storage Monitoring

Datadog HQ
Find what's driving errors and latency with Tag Analysis

Talos Intelligence
Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities

White Knight Labs
Understanding Double Free in Windows Kernel Drivers

Mend
The Growing Challenge of Shadow MCP: Unauthorized AI Connectivity in Your Codebase


2025-06-09

Malwarebytes
How and where to report an online scam

Malwarebytes
Been scammed online? Here’s what to do

Malwarebytes
A week in security (June 1 – June 7)

Schneier on Security
New Way to Track Covertly Android Users

Auth0
Offload Authentication and Clear the Way for Creativity

Auth0
Introducing Auth0’s Developer Experience Principles

Embrace The Red
Hosting COM Servers with an MCP Server

Amazon Security
Building secure foundations: A guide to network and infrastructure security at AWS re:Inforce 2025

Troy Hunt
Weekly Update 455

Binarly
Binarly Finds Six High Severity Firmware Vulnerabilities in HP Enterprise Devices

Binarly
Breaking Through Another Side: Bypassing Firmware Security Boundaries

Binarly
Binarly Transparency Platform v3.0: Actionable Threat Intelligence Meets Exploitation-Aware Prioritization

Binarly
Binarly Transparency Platform v2.7 Hits New Milestone, Propelling Enterprises Toward Post-Quantum Readiness

Binarly
Repeatable Supply Chain Security Failures in Firmware Key Management

Binarly
Clevo Boot Guard Keys Leaked in Update Package

Binarly
Repeatable Failures: AMI UsbRt - Six Years Later, Firmware Attack Vector Still Affect Millions of Enterprise Devices

Dark Reading
New Trump Cybersecurity Order Reverses Biden, Obama Priorities

Dark Reading
OpenAI Bans ChatGPT Accounts Linked to Nation-State Threat Actors

Dark Reading
'Librarian Ghouls' Cyberattackers Strike at Night

Dark Reading
Gartner: How Security Teams Can Turn Hype Into Opportunity

Dark Reading
SIEMs Missing the Mark on MITRE ATT&CK Techniques

Dark Reading
Next-Gen Developers Are a Cybersecurity Powder Keg

Dark Reading
China-Backed Hackers Target SentinelOne in 'PurpleHaze' Attack Spree

Rapid7
5 Things Security Leaders Need to Know About Agentic AI

Rapid7
Navigating AWS Migration: Achieving Clarity and Confidence

Datadog HQ
Migrate historical logs from Splunk and Elasticsearch using Observability Pipelines

Palo Alto Networks
Securing AI Agent Innovation with Prisma AIRS MCP Server


2025-06-08

Ars Technica Security
Cybercriminals turn to “residential proxy” services to hide malicious traffic


2025-06-06

Malwarebytes
How to update Chrome on every operating system

Malwarebytes
OpenAI forced to preserve ChatGPT chats

Malwarebytes
Booking.com reservation abused as cybercriminals steal from travelers

Schneier on Security
Friday Squid Blogging: Squid Run in Southern New England

Schneier on Security
Hearing on the Federal Government and AI

Schneier on Security
Report on the Malicious Uses of AI

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 23

Amazon Security
2025 ISO and CSA STAR certificates now available with three new Regions

Amazon Security
How to use on-demand rotation for AWS KMS imported keys

Dark Reading
Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward

Dark Reading
F5 Acquires Agentic AI Security Startup Fletch

Dark Reading
BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI Warns

Dark Reading
Docuseries Explores Mental, Physical Hardships of CISOs

Dark Reading
Synthetic Data Is Here to Stay, but How Secure Is It?

Dark Reading
MSFT-CrowdStrike 'Rosetta Stone' for Naming APTs: Meh?

Dark Reading
Prep for Layoffs Before They Compromise Security

Ars Technica Security
Millions of low-cost Android devices turn home networks into crime platforms

Searchlight Cyber
Global Law Enforcement Takedown Disrupts Prolific Cybercrime Tool AVCheck

Searchlight Cyber
BidenCash Marketplace Seized by U.S. Law Enforcement

Rapid7
Metasploit Wrap-up 06/06/25

Rapid7
Cultivating Growth and Development at Rapid7

Rapid7
India's Cyber Leaders Prepare for AI-Driven Threats

Datadog HQ
Create rich, up-to-date visualizations of your AWS infrastructure with Cloudcraft in Datadog

Hunt and Hackett
Cyber Risks in Agriculture: A Guide for Business Leaders


2025-06-05

Malwarebytes
Pornhub, RedTube, and YouPorn block access in France, VPN use set to soar

Malwarebytes
Ransomware hiding in fake AI, business tools

Auth0
Auth0 and Amazon Web Services: The Secret Ingredients That Drive Fan Engagement

Star Labs
Solo: A Pixel 6 Pro Story (When one bug is all you need)

Microsoft Security
Connect with us at the Gartner Security & Risk Management Summit

Microsoft Security
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3

NVISO Labs
Intercepting traffic on Android with Mainline and Conscrypt

Amazon Security
Many voices, one community: Three themes from RSA Conference 2025

Dark Reading
SecOps Teams Need to Tackle AI Hallucinations to Improve Accuracy

Dark Reading
Digital Forensics Firm Cellebrite to Acquire Corellium

Dark Reading
'PathWiper' Attack Hits Critical Infrastructure In Ukraine

Dark Reading
Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

Dark Reading
Backdoored Malware Reels in Newbie Cybercriminals

Dark Reading
Questions Swirl Around ConnectWise Flaw Used in Attacks

Dark Reading
Finding Balance in US AI Regulation

Dark Reading
Iranian APT 'BladedFeline' Hides in Network for 8 Years

Dark Reading
Cybersecurity Training in Africa Aims to Bolster Professionals' Ranks

Krebs on Security
Proxy Services Feast on Ukraine’s IP Address Exodus

TrustedSec
Full Disclosure, GraphGhost: Are You Afraid of Failed Logins?

Snyk
Snyk for Government Achieves FedRAMP Moderate Authorization: A Milestone for Secure Government Software

Snyk
Humans at the Center: Redefining the Role of Developers in an AI-Powered Future

Eclypsium
BlackLotus UEFI Bootkit Patching & Mitigations

Eclypsium
SMM Callout Vulnerabilities in UEFI

Datadog HQ
Announcing Go tracer v2.0.0

Talos Intelligence
Everyone's on the cyber target list

Talos Intelligence
Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine

The Citizen Lab
Techno-Legal Internet Controls in Indonesia and Their Impact on Free Expression

Palo Alto Networks
GenAI's Impact — Surging Adoption and Rising Risks in 2025

Offensive Security
CVE-2025-24893 – Unauthenticated Remote Code Execution in XWiki via SolrSearch Macro


2025-06-04

Malwarebytes
Google fixes another actively exploited vulnerability in Chrome, so update now!

Schneier on Security
The Ramifications of Ukraine’s Drone Attack

Auth0
Navigating New App Store Rules: Identity Solutions for Revenue Growth

Google Safety & Security
Our latest scams survey sees changing online security habits

XPN's Blog
Tokenization Confusion

Katie Knowles
Persisting Unseen: Defending against Entra ID persistence

Red Siege InfoSec Blog
Authentication vs. Authorization in Web App Penetration Testing

Dark Reading
35K Solar Devices Vulnerable to Potential Hijacking

Dark Reading
Vishing Crew Targets Salesforce Data

Dark Reading
How Neuroscience Can Help Us Battle 'Alert Fatigue'

Dark Reading
Researchers Bypass Deepfake Detection With Replay Attacks

Dark Reading
Attackers Impersonate Ruby Packages to Steal Sensitive Telegram Data

Dark Reading
Beware of Device Code Phishing

Ars Technica Security
Two certificate authorities booted from the good graces of Chrome

Searchlight Cyber
Where Does Cyber Risk Come From Within an Organization?

Snyk
From Risk to Resilience: Achieving HIPAA Standards in Your App

Snyk
The Future of Developer Upskilling Is Human-Led, AI-Supported

Rapid7
Rapid7 Q1 2025 Incident Response Findings

Bishop Fox Security
2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation