Skip to main content

Cybersecurity

General cybersecurity news and analysis

Researcher sits at desk with laptop and notepad in empty, brightly-lit office.

Researchers Warn of LLM Guardrail Vulnerability to Multi-Turn Manipulation

Beware: even the toughest-sounding safety guardrails on large language models can be easily bypassed by clever attackers who use multi-turn conversations to manipulate them. Cisco researchers found that none of the models they tested were completely safe from this type of exploitation.

Analyst 207
Conference organizer working on laptop in quiet office with city view.

Security Researcher Exploits Flaw in Pretalx Conference Tool

A security researcher recently uncovered a vulnerability in pretalx, a popular conference tool, that could let hackers inject malicious code into an organizer's interface, putting sensitive data at risk. This flaw, known as a stored cross-site scripting vulnerability, could be triggered through simple search queries.

Analyst 207
Blurred container image on a pallet with a laptop showing a container registry in the background.

Gitea Flaw Exposes Private Container Images to Unauthenticated Attacks

A newly disclosed vulnerability in Gitea, tracked as CVE-2026-27771, allows unauthenticated attackers to access private container images, potentially exposing tens of thousands of deployments worldwide. This flaw lets anyone on the internet pull private images without needing an account, password, or credentials.

Analyst 207
Well-lit conference room with large wooden table and chairs in a modern British financial sector office.

UK Firms Bolster Cyber Defenses as AI Risks Mount

As uncertainty becomes the new normal, UK businesses are bolstering their cyber defenses, with 68% of leaders planning to boost cybersecurity investment over the next year. Despite this, many remain vulnerable, with fewer than three in 10 confident in their ability to respond to a major cyber incident.

Analyst 207
Windows 11 laptop on a neutral surface with subtle screen activity.

Microsoft Releases KB5089573 Update With Performance, Reliability Upgrades

Boost your Windows 11 experience with the latest KB5089573 update, featuring significant performance and reliability upgrades, including faster app launches and smoother core shell experiences. This optional update also makes Windows Hello the default sign-in method, and is now rolling out as part of Microsoft's non-security preview schedule.

Analyst 207
Empty clean room with workstations and computer components on a central workbench.

Apple Bolsters Encryption with Quantum-Resistant Code Release

Apple is taking a major leap in securing our digital lives by releasing quantum-resistant code, adding an extra layer of protection against potential future threats. By integrating this advanced encryption into its corecrypto library, the company is safeguarding the data of over 2.5 billion active devices worldwide.

Analyst 207
Professor observes 3D room scan with human figures on large screen beside WiFi router and measuring instruments.

Wi-Fi Sensing Technology Reveals Human Presence

Imagine being able to detect the presence of people in a room, simply by observing how radio waves bounce off them - it's a game-changing technology that's now a reality, thanks to innovative WiFi sensing research. By harnessing the power of WiFi signals, scientists can create a kind of invisible map, revealing not just the space, but the people within it.

Analyst 207
Researcher in a lab setting working on a computer displaying lines of code.

Anthropic's AI Model Uncovers 10,000 Software Vulnerabilities

Anthropic's AI model has made a groundbreaking discovery, uncovering over 10,000 high- or critical-severity software vulnerabilities in just a month of testing. This game-changing technology is shifting the focus from detection to fixing these bugs, highlighting the need for increased human capacity to triage, report, and deploy patches.

Analyst 207
Secure research facility under construction on a Texas campus with blurred researchers in the background.

Texas Tech University Bolsters Critical Infrastructure Security with New Research Site

Texas Tech University is taking a giant leap in safeguarding America's critical infrastructure with the launch of a cutting-edge research site, solidifying its role as a leader in national security. The new facility at the Reese National Security Complex will supercharge innovation and collaboration to tackle vulnerabilities and protect the nation's backbone.

Analyst 207
Modern tech lab with computer screens and devices on a neutral surface, surrounded by abstract shapes suggesting data…

Varonis Integrates Claude Compliance API for Enhanced AI Governance

Varonis has integrated the Claude Compliance API into its Atlas AI Security Platform, empowering enterprises to confidently adopt AI with enhanced governance and oversight. This integration enables security teams to monitor AI usage, detect misuse, and assess risks with unparalleled data context.

Analyst 207
Office workstation with laptop, desk, chair, and papers in a calm, neutral-colored setting.

Microsoft Defender Automatically Isolates Hacked Endpoints

Microsoft Defender for Endpoint just got a major boost with its new automatic isolation feature, which swiftly isolates compromised devices to prevent attackers from wreaking havoc on your organization. This cutting-edge capability is part of Microsoft's automatic attack disruption feature, designed to contain threats and give security teams more time to respond.

Analyst 207
Server room with rows of computer servers and a single laptop in the foreground.

Microsoft Fixes SharePoint Flaw That Exposes Servers to Remote Code Execution

Microsoft just patched a high-severity flaw in SharePoint that could let hackers execute malicious code remotely - and it's crucial you update your servers ASAP to stay safe. The vulnerability, tracked as CVE-2026-45659, has a CVSS score of 8.8, making it a prime target for attackers.

Analyst 207
IT staff members in a server room look at a laptop with urgency, surrounded by rows of servers and racks near a large window.

India's CERT-In Mandates Swift Patching for Exposed Flaws

CERT-In is urging organizations to act fast to contain cyber threats, setting a tight 12-hour deadline to patch known vulnerabilities in critical, internet-facing systems. This swift response aims to combat the accelerating threat of AI-driven cyber-attacks.

Analyst 207
Large, empty government building interior with podium and blurred seal on wall.

CISA Mandates Patching of Exploited Drupal Vulnerability

The US Cybersecurity and Infrastructure Security Agency has issued a directive requiring federal agencies to patch a critical Drupal vulnerability, known as CVE-2026-9082, by May 27 to prevent devastating SQL injection attacks. This highly critical flaw allows hackers to exploit PostgreSQL-powered Drupal sites and gain unauthorized access to sensitive information.

Analyst 207
Rack-mounted servers in a server room with one server prominently displayed.

Microsoft Warns of Domain Controller Lookup Failures on Windows Server 2016

If you've installed the KB5087537 update on your Windows Server 2016 system, be aware that domain controller lookup may fail if your server hostname is exactly 15 characters long. This issue affects only those with 15-character hostnames, so check yours to see if you're impacted.

Analyst 207
Network operations center interior with daylight streaming in through a large window and analysts at console stations…

Agentic AI Tames Network Detection's Alert Firehose

Imagine sifting through 847 network anomalies daily - that's like trying to find a needle in a haystack! With agentic AI triage, that overwhelming number is dramatically reduced to just 4 prioritized detections, complete with the evidence and suggested actions analysts need to take swift and effective action.

Analyst 207
A computer workstation with a laptop and large monitor sits in a university computer lab or corporate training room.

Mandiant Exposes KnowledgeDeliver Vulnerability via ViewState Deserialization

A critical vulnerability, CVE-2026-5426, was discovered in KnowledgeDeliver installations, allowing unauthenticated remote code execution across multiple customer sites due to identical ASP.NET machineKey values. This widespread flaw was caused by a standardized web.config with hardcoded keys, used across deployments, leaving sites vulnerable to attack.

Analyst 207
System administrator working at a network operations workstation amidst rows of computer servers in a Linux data center.

AI-Discovered Bugs Expose Linux Security Trend

Linux is facing a surge in security vulnerabilities, with two high-risk kernel-level flaws uncovered just days apart - a trend that's expected to continue, potentially forcing companies to reboot servers on a weekly basis. These recently publicized issues, including Dirty Frag, Copy Fail, and Fragnesia, are linked by a common weakness in the page cache, a core kernel abstraction.

Analyst 207
Developer interacts with laptop in bright office, emphasizing secure package management.

GitHub Enhances npm with 2FA-Gated Publishing to Thwart Supply Chain Attacks

GitHub's new staged publishing feature on npm adds an extra layer of security, requiring maintainers to approve package releases after completing a two-factor authentication challenge, effectively preventing unauthorized publishes and reducing the risk of supply chain attacks. This human gate ensures proof of presence for every package release, safeguarding the integrity of the npm ecosystem.

Analyst 207
Blurred computer screen in foreground, rows of servers and workstations in background.

AI Model Exposes 10,000 High-Severity Flaws in Widely Used Software

In just one month, a cutting-edge AI model has uncovered a staggering 10,000 high-severity flaws in widely used software, thanks to Anthropic's innovative Project Glasswing initiative. This groundbreaking tool is already making waves in the cybersecurity world by detecting critical vulnerabilities in some of the world's most important software.

Analyst 207
Rows of humming Linux servers and equipment with softly blurred screens displaying code, conveying vulnerability.

AI-Driven Linux Bugs Expose Growing Security Trend

Linux is facing a surge in high-risk security vulnerabilities, with multiple kernel-level flaws emerging in rapid succession - a trend that's likely to continue, forcing companies to take frequent server reboots to stay safe. Recent bugs like Dirty Frag, Copy Fail, and Fragnesia are more than just isolated incidents, they're part of a pattern that exposes the weaknesses of a single kernel subsystem.

Analyst 207
Laptop screen shows GitHub repository with blurred username and repository name, in a softly focused CISA office background.

CISA Faces Scrutiny Over Leaked Credentials

The US Cybersecurity and Infrastructure Security Agency (CISA) is under fire after dozens of its internal credentials were accidentally exposed on a public GitHub account, sparking concerns over potential security breaches. Despite the agency's assurance that no sensitive data was compromised, lawmakers and experts are demanding answers on how this incident occurred.

Analyst 207
Serene daytime scene with a lone American flag waving gently in soft natural light.

Cybersecurity Forum Urges Respectful Discourse

On Memorial Day, we take a moment to express our deepest gratitude to those who made the ultimate sacrifice for our country - we owe you everything. This heartfelt tribute is anchored by a poignant photo of a soldier's moment of respite during a pivotal moment in history, July 4, 1944, at Cherbourg.

Analyst 207
Professional in a government agency setting near a whiteboard or screen.

CISA Opens KEV Nominations to Bolster Vulnerability Intelligence

CISA is now accepting nominations for its Known Exploited Vulnerabilities catalog, empowering public reporting to strengthen the nation's cybersecurity posture by quickly identifying and mitigating exploited vulnerabilities. By submitting through the new KEV nomination form, you're helping to keep federal, private, and critical infrastructure networks safe.

Analyst 207