Adam Marrè, CISO at Arctic Wolf, said that what makes this new vulnerability particularly concerning is that it’s being actively exploited and appears to work even on fully patched systems. That immediately raises the risk profile. “Even without full visibility… Read More "Hackers have been exploiting an unpatched Adobe Reader vulnerability for months"
An Iranian government hacking collective has been targeting dissidents, journalists and opposition groups in a campaign dating back to autumn 2023, the FBI has revealed. The Handala group, which claimed responsibility for a recent wiper attack on US medtech firm… Read More "Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals"
A prolific initial access broker (IAB) who played a key role in dozens of ransomware attacks costing victims over $9m, has been sentenced to 81 months behind bars in the US. Russian national, Aleksei Volkov, 26, of St. Petersburg, was… Read More "Russian Initial Access Broker Handed 81-Month Sentence"
Key Takeaways Hybrid Infrastructure Risk Assessment helps organizations identify security gaps across cloud and on-premise environments. Hybrid cloud risk assessment requires visibility across workloads, networks, and identities. A strong risk assessment framework for hybrid infrastructure connects infrastructure risk with real… Read More "How Can Organizations Perform Hybrid Infrastructure Risk Assessment Effectively?"
Ravie LakshmananApr 09, 2026Vulnerability / Mobile Security Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. “This flaw allows apps on… Read More "EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets"
For example, newer and faster algorithms have already been developed, such as the JVG algorithm, that require less quantum computational power (qubits) to factor large prime numbers, on which some legacy cryptosystems such as RSA are based. Google argues that… Read More "Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning"
Endpoint cybersecurity software fails to protect one in five enterprise devices, leaving organizations vulnerable to cyber threats, research by Absolute Security has warned. This protection gap means that organizations face the equivalent of 76 days a year in which they’re… Read More "Enterprise Cybersecurity Software Fails 20% of the Time, Warns Report"
European travel company Eurail is notifying over 300,000 people that their personal information was stolen in a December 2025 data breach. The incident was initially disclosed in January, when the company warned that customers who were issued a Eurail pass… Read More "300,000 People Impacted by Eurail Data Breach"
Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April 2024 announcement, Device Bound Session Credentials (DBSC) is now entering public availability for Windows users on Chrome 146, and expanding… Read More "Protecting Cookies with Device Bound Session Credentials"
Proof of Work (PoW) Ties every node to a real computational cost, making mass fake node creation prohibitively expensive Blockchain and permissionless networks Proof of Stake (PoS) Requires staked capital per node; slashing penalties deter attackers from running Sybil nodes… Read More "Sybil Attacks Explained: Risks, Examples & Prevention"
