My Cybersecurity Homelab: A Hands-On Journey into Defensive and Offensive Operations
A personal cybersecurity lab was built using readily available hardware to provide practical experience in defensive and offensive security operations.
Read more
AI NewsCybersecurityCloud Security
CTO New Year Resolutions for a More Secure 2026
CTOs must prioritize AI governance, MCP security, supply chain hardening, security/engineering alignment, and post-quantum realities in 2026.
Read more
AI NewsCybersecurityCloud Security
Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign
Attackers misused Google Cloud Application Integration to send 9,394 phishing emails from Google domains, bypassing filters and stealing credentials.
Read more
AI NewsCybersecurityRisk Management
The ROI Problem in Attack Surface Management
Attack surface management ROI improves when ownership, exposure duration, and risky endpoints decline—not when asset counts rise.
Read more
AI NewsCybersecurityAPT
Transparent Tribe APT Launches New Cyber-Espionage Attacks Against India
Transparent Tribe (APT36) is deploying advanced RATs via malicious LNK files in a sustained cyber-espionage campaign targeting Indian government and academic institutions.
The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, impacting millions of Android devices, alongside macOS malware and emerging cyber threats.
Read more
AI NewsCloudCybersecurity
Cloudflare Year in Review: AI Bots Drive Traffic, Post-Quantum Encryption Surpasses 50%
Cloudflare’s 2025 Year in Review reveals a 19% increase in global internet traffic, alongside aggressive crawling by AI bots and a surge in post-quantum encryption to 50%.
Read more
AI NewsCybersecurityEconomics
AI Skepticism Rises as ROI Doubts and Economic Fears Mount
Growing concerns about an AI economic bubble and unrealized return on investment are fueling a surge in skepticism towards the technology.
Read more
AI NewsCybersecurityAPI Security
Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System
IBM disclosed a critical CVSS 9.8 authentication bypass vulnerability in IBM API Connect, potentially allowing remote access; patches are available.
Read more
AI NewsCybersecurityThreat Intelligence
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
A China-linked threat actor compromised 8.8 million users over seven years with malicious browser extensions designed for data theft and corporate espionage.
Omdia predicts a surge in agentic AI-related identity breaches, increased IGA adoption in mid-market firms, and closer SOC-Identity team collaboration by 2026.
Read more
AI NewsCybersecuritySoftware Supply Chain
New Shai-Hulud Strain and Fake Jackson Package Target Developers
Researchers discovered a modified Shai-Hulud npm worm and a malicious Jackson Maven package, highlighting ongoing supply chain attacks targeting developer credentials.
Read more
AI NewsCybersecurityVulnerability Management
Sunken Ships: Learning From Ivanti EPMM Attacks
The Ivanti EPMM zero-day attacks in Spring 2025 compromised thousands of organizations via a simple GET request, highlighting critical risks in endpoint management systems.
Read more
AI NewsCybersecurityBlockchain
Trust Wallet Hack: $8.5M Drained via Shai-Hulud Supply Chain Attack
Trust Wallet suffered an $8.5 million loss after a malicious Chrome extension update, stemming from a supply chain attack leveraging exposed GitHub secrets.
Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability enabling unauthenticated remote code execution via file upload; a patch is now available.
Read more
AI NewsCybersecurityThreat Intelligence
Cybersecurity Predictions 2026: AI Arms Race; Malware Autonomy
Cybersecurity predictions for 2026 indicate an escalating AI arms race, with attackers leveraging autonomous malware and defenders adopting AI-powered tools.
Read more
AI NewsCybersecuritySOC Operations
How to Integrate AI into Modern SOC Workflows
The 2025 SANS SOC Survey shows 69% of SOCs still rely on manual reporting processes, highlighting a key area for AI integration.
Read more
AI NewsCybersecurityThreat Intelligence
Mustang Panda Employs Signed Rootkit for TONESHELL Backdoor Deployment
Mustang Panda used a signed kernel-mode rootkit to deploy the TONESHELL backdoor, targeting Asian government networks and evading detection.
Read more
AI NewsCybersecurityRisk Management
New Tech Deployments That Cyber Insurers Recommend for 2026
Cyber insurers recommend six key technologies to mitigate risk, as phishing attack damages skyrocketed 30% in the first half of 2025.
Read more
AI NewsCybersecurityMalware
Silver Fox Targets Indian Users With ValleyRAT Malware via Tax-Themed Phishing
Silver Fox is deploying ValleyRAT, a modular Windows RAT, through India income tax phishing emails, resulting in potential credential theft and system compromise.
Read more
AI NewsCybersecuritySoftware Engineering
Stop the Hijack: A Developer's Guide to AI Agent Security and Tool Guardrails
Autonomous AI agents introduce new security risks like Indirect Prompt Injection and Tool Inversion, requiring robust defenses like PoLP and runtime guardrails.
Read more
AI NewsCybersecurityThreat Intelligence
5 Threats That Defined Security in 2025
2025 saw significant security threats including the continued attacks of Salt Typhoon, CISA budget cuts, and the critical React2Shell vulnerability.
Read more
AI NewsCybersecurityDevSecOps
Stop Secrets Creep Across Developer Platforms
Dark Reading Confidential Episode 13 reveals a 23 million exposed secrets in the public space in the last year, highlighting the growing risk of developer-exposed sensitive information.