2025-06-13
Schneier on Security
Friday Squid Blogging: Stubby Squid
Schneier on Security
Paragon Spyware Used to Spy on European Journalists
Amazon Security
How to create post-quantum signatures using AWS KMS and ML-DSA
Amazon Security
AI security strategies from Amazon and the CIA: Insights from AWS Summit Washington, DC
Google Safety & Security
An age assurance tool for Europe and beyond
Dark Reading
Cyberattacks on Humanitarian Orgs Jump Worldwide
Google Security Blog
Mitigating prompt injection attacks with a layered defense strategy
Palo Alto Networks
The New AI Attack Surface — How Cortex Cloud Secures MCP
Eclypsium
Secure Device Lifecycle Management
2025-06-12
Microsoft Security
Cyber resilience begins before the crisis
Cloudflare
Cloudflare service outage June 12, 2025
Troy Hunt
Weekly Update 456
Schneier on Security
Airlines Secretly Selling Passenger Data to the Government
Elastic Security Labs
Call Stacks: No More Free Passes For Malware
The Citizen Lab
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted
Ars Technica Security
Coming to Apple OSes: A seamless, secure way to import and export passkeys
Sansec Threat Research
Adobe patches critical Magento admin takeover via menu injection
Krebs on Security
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Palo Alto Networks
See How We’re Fortifying Cloud and AI at AWS re:Inforce 2025
Talos Intelligence
Know thyself, know thy environment
Offensive Security
CVE-2024-21683 – Authenticated RCE via “Add a New Language” in Atlassian Confluence
Offensive Security
CVE‑2025‑49113 – Post‑Auth Remote Code Execution in Roundcube via PHP Object Deserialization
Eclypsium
Securing AI Data Centers
2025-06-11
Project Black
FileFlows SQL Injection by Decompiling .NET Code
Fastly
DDoS in May
Amazon Security
AWS completes Police-Assured Secure Facilities (PASF) audit in Europe (London) AWS Region
Black Lantern Security
Doomla! Zero Days
Dark Reading
ConnectWise to Rotate Code-Signing Certificates
Dark Reading
Agentic AI Takes Over Gartner's SRM Summit
Synacktiv
NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073
Searchlight Cyber
Why is Attack Surface Management Now Worth the Cost?
Redteam-Pentesting.de
A Look in the Mirror - The Reflective Kerberos Relay Attack
Krebs on Security
Patch Tuesday, June 2025 Edition
Talos Intelligence
catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
2025-06-10
Rapid7
Patch Tuesday - June 2025
Amazon Security
Building identity-first security: A guide to the Identity and Access Management track at AWS re:Inforce 2025
Datadog HQ
Explore your data with Sheets, DDSQL Editor, and Notebooks for advanced analysis in Datadog
Datadog HQ
Detect anomalies beyond spikes and new values with Content Anomaly Detection in Cloud SIEM
Datadog HQ
Reduce cloud storage costs and improve operational efficiency with Datadog Storage Monitoring
White Knight Labs
Understanding Double Free in Windows Kernel Drivers
Ars Technica Security
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.
Dark Reading
PoC Code Escalates Roundcube Vuln Threat
Synacktiv
Exploiting Heroes of Might and Magic V
Zero Day Initiative
The June 2025 Security Update Review
Sicuranext Blog
Influencing LLM Output using logprobs and Token Distribution
Sicuranext Blog
Influencing LLM Output using logprobs and Token Distribution
TrustedSec
Common Mobile Device Threat Vectors
Talos Intelligence
Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities
Eclypsium
Leading Cloud Computing Company Relies on Eclypsium to Protect AI Data Center Infrastructure
Compass Security Blog
LinkedIn for OSINT: tips and tricks
2025-06-09
Troy Hunt
Weekly Update 455
Schneier on Security
New Way to Covertly Track Android Users
Embrace The Red
Hosting COM Servers with an MCP Server
Malwarebytes
How and where to report an online scam
Malwarebytes
Been scammed online? Here’s what to do
Malwarebytes
A week in security (June 1 – June 7)
Amazon Security
Building secure foundations: A guide to network and infrastructure security at AWS re:Inforce 2025
Dark Reading
'Librarian Ghouls' Cyberattackers Strike at Night
Dark Reading
Next-Gen Developers Are a Cybersecurity Powder Keg
Palo Alto Networks
Securing AI Agent Innovation with Prisma AIRS MCP Server
2025-06-08
Ars Technica Security
Cybercriminals turn to “residential proxy” services to hide malicious traffic