CI/CD systems must not automatically assume an activity is legitimate simply because it was signed with a valid developer token. Instead, they must prioritize identity protection. Attackers have already been observed specifically stealing credentials such as NPM tokens and GitHub… Read More "Shai-Hulud & Co.: The supply chain as Achilles’ heel"
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are. 16 Jan 2026 • , 4 min. read In November, Britain’s Security Service began… Read More "Why LinkedIn is a hunting ground for threat actors – and how to protect yourself"
Ravie LakshmananFeb 03, 2026Artificial Intelligence / Privacy Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence (GenAI) features. “It provides a single place to block… Read More "Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox"
“Enterprises did not enter a machine identity crisis because of agentic AI. They entered it years ago through service accounts, embedded API keys, long lived tokens, and automation credentials that were created to keep systems moving and then quietly forgotten,”… Read More "Think agentic AI is hard to secure today? Just wait a few months"
It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these best practices. 02 Feb 2026 • , 5 min. read Cybercriminals have always been drawn to major… Read More "Beware of Winter Olympics scams and other cyberthreats"
A new and interesting kind of cyber theft is making rounds in the cyber world. This time the theft involves UPI (Unified Payments Interface) as the medium for tricking innocent victims into losing their money. The increasing popularity and ease… Read More "How to protect yourself from becoming victim of UPI frauds?"
Ravie LakshmananFeb 03, 2026Malware / Open Source A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking group to deliver… Read More "Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group"
Social media is a fraudster’s heaven. There are billions of targets – Facebook itself has over 2.9 billion monthly active users. Because of the very nature of these platforms, users can be quite careless about the amount of personal information… Read More "How social media is used to commit financial fraud"
Ransomware is the fasted-growing category of cybercrime. It’s estimated that over 4,000 ransomware attacks occur daily. Given the sheer volume of these attacks and the deep attack surface connections between organizations and their vendors, there’s a high likelihood that some… Read More "The Ultimate Ransomware Defense Guide (2026)"
It’s a plastic world we live in. The proliferation of plastic money everywhere, in the form of debit and credit cards, means that the concept of paper money is soon becoming obsolete. Swiping a card seems to have become almost… Read More "Know your ATM card and the various frauds related to it"
