2025-07-11
Schneier on Security
Squid Dominated the Oceans in the Late Cretaceous
Schneier on Security
Tradecraft in the Information Age
Datadog HQ
Elevate web security and mitigate third-party risk with Reflectiz in the Datadog Marketplace
Ars Technica Security
New Windows 11 build adds self-healing “quick machine recovery” feature
Searchlight Cyber
Hunters International Shuts Down and Offers Free Decryptors
Palo Alto Networks
Setting the Standard for Zero Trust Platforms
2025-07-10
Schneier on Security
Using Signal Groups for Activism
Microsoft Security
Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report
Github Security Blog
Modeling CORS frameworks with CodeQL to find security vulnerabilities
Offensive Security
CVE-2025-27636 – Remote Code Execution in Apache Camel via Case-Sensitive Header Filtering Bypass
Pwner Blog
FortiWeb Pre-Auth RCE (CVE-2025-25257)
Talos Intelligence
Patch, track, repeat
Talos Intelligence
Asus and Adobe vulnerabilities
Dark Reading
Digital Fingerprints Test Privacy Concerns in 2025
Dark Reading
Ingram Micro Up and Running After Ransomware Attack
Dark Reading
4 Arrested in UK Over M&S, Co-op, Harrods Hacks
Dark Reading
SIM Swap Fraud Is Surging — and That's a Good Thing
Teleport Blog
Why We Believe in In-Person Onboarding at Teleport
Ars Technica Security
Pro basketball player and 4 youths arrested in connection to ransomware crimes
Krebs on Security
UK Arrests Four in ‘Scattered Spider’ Ransom Group
2025-07-09
Schneier on Security
Yet Another Strava Privacy Leak
Microsoft Security
Microsoft expands Zero Trust workshop to cover network, SecOps, and more
Atredis Partners
Uncovering Privilege Escalation Bugs in Lenovo Vantage
Datadog HQ
Monitor your LiteLLM AI proxy with Datadog
Datadog HQ
Understanding data lineage
Bishop Fox Security
You’re Pen Testing AI Wrong: Why Prompt Engineering Isn’t Enough
Dark Reading
AirMDR Tackles Security Burdens for SMBs With AI
Dark Reading
Know Your Enemy: Understanding Dark Market Dynamics
Ars Technica Security
Browser extensions turn nearly 1 million browsers into website-scraping bots
Ars Technica Security
Critical CitrixBleed 2 vulnerability has been under active exploit for weeks
ReversingLabs
Announcing RL Spectra Analyze Version 9.5
Searchlight Cyber
Three Reasons Why Traditional Attack Surface Management Now Isn’t Enough
Krebs on Security
Microsoft Patch Tuesday, July 2025 Edition
Palo Alto Networks
Palo Alto Networks Commitment to Europe
2025-07-08
Troy Hunt
Weekly Update 459
Microsoft Security
Enhancing Microsoft 365 security by eliminating high-privilege access
Kevin Beaumont
CitrixBleed 2 exploitation started mid-June — how to spot it
Amazon Security
Spring 2025 PCI DSS compliance package available now
White Knight Labs
Understanding Type Confusion in Kernel Driver
Auth0
Unlock Enterprise Readiness: How to Edit Existing Connections with Self-Service SSO in your SaaS App
Compass Security Blog
xvulnhuntr
Trail of Bits
Investigate your dependencies with Deptective
Talos Intelligence
Microsoft Patch Tuesday for July 2025 — Snort rules and prominent vulnerabilities
Dark Reading
AI Trust Score Ranks LLM Security
Dark Reading
Microsoft Patches 137 CVEs in July, but No Zero-Days
Dark Reading
Malicious Open Source Packages Spike 188% YoY
Flatt Security Research
Why XSS Persists in This Frameworks Era?
Claroty
CVE-2025-44958
Claroty
CVE-2025-6243
Claroty
CVE-2025-44955
Claroty
CVE-2025-44963
Claroty
CVE-2025-44961
Claroty
CVE-2025-44960
Claroty
CVE-2025-44954
Claroty
CVE-2025-44962
Claroty
CVE-2025-44957
Searchlight Cyber Research
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)
ReversingLabs
Malicious pull request infects VS Code extension
Google Security Blog
Advancing Protection in Chrome on Android
Palo Alto Networks
Modernizing Cybersecurity for State and Local Government
Sabotage Sec Blog
Love for Microsoft Component Object Model, RPC and AMSI attack surface
Zero Day Initiative
The July 2025 Security Update Review
2025-07-07
Schneier on Security
Hiding Prompt Injections in Academic Papers
Project Black
Password Policy GPO
Microsoft Security
Learn how to build an AI-powered, unified SOC in new Microsoft e-book
Malwarebytes
A week in security (June 30 – July 6)
Dark Reading
Bert Blitzes Linux & Windows Systems
Dark Reading
'Hunters International' RaaS Group Closes Its Doors
Ars Technica Security
Unless users take action, Android will let Gemini access third-party apps
Ars Technica Security
“No honor among thieves”: M&S hacking group starts turf war