Skip to main content

Cybersecurity

General cybersecurity news and analysis

Windows 11 laptop on a minimalist desk with lid ajar, screen displaying ambient daylight.

Exploiting Windows Drivers Without Hardware: The BYOVD Perspective

Discover how attackers can exploit Windows drivers without hardware, turning kernel-mode driver bugs into powerful tools to bypass security controls. The Atos Threat Research Center reveals a game-changing method to manipulate reachability from userland on Windows 11 23H2.

Analyst 207
Network devices on a rack in a server room, highlighting potential vulnerability to exploitation.

Ubiquiti Fixes Maximum-Severity UniFi OS Flaws

Ubiquiti has patched three critical vulnerabilities in UniFi OS that left nearly 100,000 Internet-exposed endpoints, including 50,000 in the US, open to remote attacks without requiring login credentials. The fixes address severe flaws that could allow unauthorized system changes, file access, and even command injection.

Analyst 207
Bright office setting with a laptop and smartphone, conveying a sense of security and technology.

Apple Thwarts $2.2bn in App Store Fraud with AI-Driven Defenses

Apple's AI-powered defenses have successfully blocked a whopping $2.2 billion in App Store fraud over the past year, and a staggering $11.2 billion over six years, protecting consumers and businesses from malicious actors.

Analyst 207
Researcher sits at cluttered desk in modern office with laptop and papers.

Cisco Tests AI for Incident Reports, Finds Mixed Results

Cisco's experiment with AI-generated incident reports yielded mixed results, with large language models producing significant inaccuracies, unusual conclusions, and inconsistent writing styles when used for long-form technical content. The findings revealed four predictable failure modes, highlighting the need for guardrails to ensure reliable outcomes.

Analyst 207
Network equipment sits in a well-lit, clean data center environment.

Cisco Fixes API Flaw Enabling Unauth Data Access

Cisco has patched a critical API flaw that allowed hackers to access sensitive data without authentication, potentially leading to configuration changes with admin-level privileges. This vulnerability, tracked as CVE-2026-20223, highlights the importance of robust API security measures to prevent devastating breaches.

Analyst 207
Empty seats face a podium in a formal conference setting.

CISA Warns of Open-Source Vulnerabilities Amid Delayed Security Improvements

The open-source community's rapid vulnerability discovery is a pressing concern, with the tempo of exploitation accelerating and straining traditional defensive practices, according to CISA's acting director Nick Andersen. He warns that this situation will require hard security decisions to mitigate the risks to federal and private networks.

Analyst 207
Close-up of laptop screen with blurred macOS interface and subtle coding environment hints.

macOS Exploit Enables Kernel Memory Corruption

A newly discovered macOS exploit has raised concerns about potential kernel memory corruption, but details on the vulnerability and how to protect yourself are scarce. A cryptic post claims to offer more information, but be cautious of explicit threats from the user behind the handle @ALFDAD.

Analyst 207
Unoccupied workstation with laptop and technical equipment in a brightly-lit server room.

Google API Keys Remain Usable for 23 Minutes After Deletion

Deleting a Google API key doesn't mean it's immediately useless to hackers - in fact, our experiments show it can remain active for up to 23 minutes, allowing attackers to continue misusing it even after you've tried to revoke access.

Analyst 207
Person in casual tech outfit sits near laptop with blank screen in modern office setting.

HackerOne Slashes Bug Bounty Rewards Amid AI-Driven Report Surge

HackerOne's Internet Bug Bounty program has slashed payouts, with medium-severity vulnerabilities now earning just $297, down from $1,843, and critical ones fetching $2,257, down from $9,250. The program is currently on pause as the company retools its rewards structure.

Analyst 207
Sleek, modern tech headquarters interior with cityscape view through large window.

Apple Foils $11 Billion in App Store Fraud Over Six Years

Apple's vigilant efforts have paid off, blocking a whopping $11 billion in App Store fraud over the past six years, with a staggering $2.2 billion foiled in 2025 alone. The tech giant's winning combination of human review and cutting-edge tech has kept scammers at bay.

Analyst 207
IT professionals work in a network operations center with a laptop displaying a blurred REST API endpoint.

Cisco Secure Workload Flaw Exposes Site Admin Privileges

A critical vulnerability in Cisco Secure Workload, known as CVE-2026-20223, allows hackers to gain Site Admin privileges without authentication, putting sensitive information and configuration changes at risk. Cisco has warned of this maximum-severity flaw and advised on remediation steps.

Analyst 207
Person in dimly lit server room looks concerned at laptop screen amidst outdated equipment.

Cyber Confidence Erodes as Readiness Paradox Grows

Most organizations claim they're confident in their ability to tackle cyberwarfare and AI-driven threats, but their actions tell a different story - with many admitting to lacking the budget and resources to back up their boasts. This alarming gap between confidence and capability is what we call the Cyber Readiness Paradox.

Analyst 207
Rows of rack-mounted computer equipment in a dimly lit server room with cables and muted warning signs.

Linux Rootkits Persist in Updated Forms

A single misstep with an over-privileged or poorly designed agent can quickly spiral into a serious incident, making the UK National Cyber Security Centre's warning feel alarmingly relevant. This urgency was underscored at Pwn2Own Berlin, where researchers exploited 47 zero-day flaws, raking in over $1.2 million in rewards.

Analyst 207
Modern office setting with an unsecured laptop and exposed network cable on a desk.

Vulnerability Exploitation Surpasses Credentials as Top Breach Entry Point

The latest Verizon Data Breach Investigations Report reveals a significant shift in how breaches occur: vulnerability exploitation now accounts for 31% of breaches, surpassing stolen credentials as the top entry point for hackers. Ransomware remains a major threat, involved in nearly half of all breaches.

Analyst 207
Cluttered coding workspace with laptop, notes, and city view.

Vulnerable Code Proliferates as AI Exploits Rise in Supply Chains

The alarming truth is that 75% of organizations are knowingly shipping vulnerable code, despite the risks, with the window from disclosure to exploit shrinking dramatically from 840 days in 2018 to just under two days today. This trend is expected to accelerate, with exploits potentially available in as little as one minute by 2028.

Analyst 207
Dimly lit computer server room with focused terminal amidst blurred screens.

Linux Flaw Exposes SSH Keys, Password Hashes

A critical nine-year-old flaw in the Linux kernel, known as CVE-2026-46333, allows everyday users to access highly sensitive data, including SSH private keys and system password hashes, on popular Linux distributions. Fortunately, patches and updates are available to fix this vulnerability.

Analyst 207
Ordinary office setting with interconnected devices and a central computer screen displaying a blurred network map.

Identity Exposures Form Highways for Cyber Attacks

A single compromised identity can become a superhighway for cyber attacks, giving hackers access to nearly every critical workload a business relies on - as seen in a recent incident where a cached AWS access key on one Windows machine put 98% of the company's cloud environment at risk. Identity has become the ultimate attack path, carrying with it a multitude of permissions just waiting to be exploited.

Analyst 207
A Flipper One device sits on a workbench surrounded by development tools and engineering notes.

Flipper Devices Seeks Community Help to Build Open Linux Platform

Join the mission to revolutionize hardware experimentation with Flipper Devices' new Linux platform, Flipper One, a high-performance tool for networking, AI, and radio analysis that's getting a boost from community collaboration. By pooling their expertise, the community can help bring this game-changing platform to life.

Analyst 207
Linux terminal window on a workstation screen displays a command-line interface in a clean server room setting.

Linux Flaw Enables Root Command Execution on Major Distros

A newly discovered Linux flaw, tracked as CVE-2026-46333, allows hackers to easily gain root access on major distributions, putting countless systems at risk. This nine-year-old vulnerability, just recently exposed, is a wake-up call for Linux users everywhere.

Analyst 207
Rows of computer servers and storage devices in a brightly-lit server room with a single terminal in the foreground.

Drupal Flaw Exposes PostgreSQL Sites to Remote Code Execution Attacks

A vulnerability in Drupal Core's database abstraction API leaves PostgreSQL sites open to devastating SQL injection attacks, allowing hackers to send malicious requests and wreak havoc. This highly critical flaw, tracked as CVE-2026-9082, has been patched with urgent security updates.

Analyst 207
Developer working on laptop in modern workspace with code snippets and technical diagrams nearby.

Microsoft Unveils AI-Powered Red Teaming Tools to Bolster Software Security

Microsoft is shifting the conversation around AI safety from philosophical debates to hands-on action, empowering developers to build more secure software with innovative tools. With the launch of Rampart, a cutting-edge red-teaming tool, the company is putting AI-powered security into practice, helping developers proactively identify and fix vulnerabilities.

Analyst 207
Government official examines secure computer screen in high-tech procurement office.

Federal Agencies Face New Security Tests in AI Procurement

When it comes to AI procurement, federal agencies must prioritize cybersecurity over speed to avoid potentially disastrous consequences, especially when AI systems are tied to critical infrastructure. Compromising on security can have far-reaching and devastating impacts.

Analyst 207
Researcher in lab setting interacts with complex AI technology setup.

Measuring AI Security Effectiveness Proves Elusive

Measuring AI security effectiveness is a complex challenge that can't be reduced to a single score or benchmark. Relying on benchmarks alone simply doesn't work when it comes to safeguarding AI systems.

Analyst 207
Modern lab interior with workstations, laptop, and scientific instruments.

Check Point Targets AI Trust Gap with Deepchecks Acquisition

Check Point is bridging the AI trust gap with its acquisition of Deepchecks, gaining cutting-edge model validation capabilities to help organizations ensure the reliability and accuracy of their AI-driven actions. This strategic move enables businesses to effectively test, evaluate, and monitor machine learning systems and mitigate operational risks associated with generative AI.

Analyst 207