Security Blogs

Infernux Blog

This can't possibly work - building a detection engineering assistant

Black Hills Info Sec

The Curious Case of the Comburglar

Bad Privacy

Is Wifi Sensing The Most Privacy Invasive Technology of the Year?

Rapid7

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Microsoft Security

New Microsoft e-book: 3 reasons point solutions are holding you back

Schneier on Security

Someone Boarded a Plane at Heathrow Without a Ticket or Passport

Mend

Why AppSec and Network Risk Management Must Be Unified in the Modern Enterprise

SpiderLabs

LevelBlue SpiderLabs: SQL Injection in Orkes Conductor: CVE-2025-66387

Palo Alto Networks

From the Hill: The AI-Cybersecurity Imperative in Financial Services

Cloudflare

Announcing support for GROUP BY, SUM, and other aggregation queries in R2 SQL

Malwarebytes

The ghosts of WhatsApp: How GhostPairing hijacks accounts

Malwarebytes

Chrome extension slurps up AI chats after users installed it for privacy

Dark Reading

Dormant Iran APT is Still Alive, Spying on Dissidents

NVISO Labs

Integrating Abuse Case Scenarios to Improve Authorization Testing

Cyata

Speed Kills: Why Your AI Agents Are Exposing IAM Vulnerabilities

ISC SANS

Positive trends related to public IP ranges from the year 2025, (Thu, Dec 18th)

Google Safety & Security

Caring for the Future: a Council of Europe expert reads “The Future Report”

TrustedSec

Limiting Domain Controller Attack Surface: Why Less Services, Less Software, Less Agents = Less Exposure

ISC SANS

ISC Stormcast For Thursday, December 18th, 2025 https://isc.sans.edu/podcastdetail/9744, (Thu, Dec 18th)

Fastly

From AI Crawlers to Headless Bots: How Automated Traffic is Changing the Web

Auth0

Auth0 My Account API: Let Users Manage Their Own Account

Datadog HQ

From discovery to defense: Securing APIs with Datadog App and API Protection

Dark Reading

Critical Fortinet Flaws Under Active Attack

Dark Reading

In Cybersecurity, Claude Leaves Other LLMs in the Dust

Dark Reading

'Cellik' Android RAT Leverages Google Play Store

Dark Reading

Securing the Network Edge: A Comprehensive Framework for Modern Cybersecurity

Amazon Security

Security Hub CSPM automation rule migration to Security Hub

Talos Intelligence

Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities

Rapid7

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild

Dark Reading

The Future of Quantum-Safe Networks Depends on Interoperable Standards

Rapid7

Test for React2Shell with Application Security using New Functionality

ISC SANS

Maybe a Little Bit More Interesting React2Shell Exploit, (Wed, Dec 17th)

Microsoft Security

Access Fabric: A modern approach to identity and network access

Talos Intelligence

UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager

Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Malwarebytes

Two Chrome flaws could be triggered by simply browsing the web: Update now

Ars Technica Security

Browser extensions with 8 million users collect extended AI conversations

Dark Reading

"Fake Proof" and AI Slop Hobble Defenders

Rapid7

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

Meta Security

How We Built Meta Ray-Ban Display: From Zero to Polish

Bishop Fox Security

MITRE AADAPT Framework as a Red Team Roadmap

Malwarebytes

Inside a purchase order PDF phishing campaign

Palo Alto Networks

Partnering with Precision in 2026

Schneier on Security

Deliberate Internet Shutdowns

Talos Intelligence

Lexi DiScola’s guide to global teamwork and overflowing TBRs

Dark Reading

Afripol Focuses on Regional Cyber Challenges, Deepening Cooperation

ISC SANS

ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th)

Fastly

IDC Study Reveals 3X Gains from Modern AppSec Programs

Auth0

Continuous Authorization Testing: FGA, GitHub Actions, and CI/CD

Greynoise

There's Payloads, And Then There's pAIloads: A Look At Selected Opportunistic (And Possibly AI-"Enhanced") React2Shell Probes and Attacks

Greynoise

Coordinated Credential-Based Campaign Targets Cisco and Palo Alto Networks VPN Gateways

Fastly

Inside Fastly’s 2025 Internship Program: Projects, Impact & Culture

Dark Reading

Why a 17-Year-Old Built an AI Model to Expose Deepfake Maps

Troy Hunt

Weekly Update 482

Dark Reading

Why You Should Train Your SOC Like a Triathlete

Amazon Security

GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS

Dark Reading

Venezuelan Oil Company Downplays Alleged US Cyberattack

Dark Reading

Russia Hits Critical Orgs Via Misconfigured Edge Devices

Mend

NPM User Flooding Registry with Fake Font Packages

Searchlight Cyber

December 17th – This Week’s Top Cybersecurity and Dark Web Stories

Malwarebytes

SoundCloud, Pornhub, and 700Credit all reported data breaches, but the similarities end there

Eclypsium

Eclypsium Releases Version 4.2, Expanding Network Edge Security, Advanced Threat Detection, and Asset Profile Verification

Eclypsium

The Hitch-hacker’s Guide to the Galaxy’s Edge: 2025 in Cyber Stats

Dark Reading

Browser Extension Harvests 8M Users' AI Chatbot Data

Offensive Security

6 Benefits of a Fully Certified Cybersecurity Team

Offensive Security

Blue Team vs Red Team: Should Defenders Learn Offensive Skills?

Dark Reading

Enterprises Gear Up Ahead of 2026's IT Transformation Shift

Krebs on Security

Most Parked Domains Now Serving Malicious Content

White Knight Labs

Securing Agentic AI Systems

Varonis

Phishing Attacks: Types, Statistics, and Prevention

Malwarebytes

Android mobile adware surges in second half of 2025

Palo Alto Networks

Where Cloud Security Stands Today and Where AI Breaks It

Palo Alto Networks

Untangling Hybrid Cloud Security

Sicuranext Blog

Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers

Sicuranext Blog

Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers

Schneier on Security

Chinese Surveillance and AI

Trail of Bits

Use GWP-ASan to detect exploits in production environments

Malwarebytes

Photo booth flaw exposes people’s private pictures online

Malwarebytes

Google is discontinuing its dark web report: why it matters

NVISO Labs

The Detection & Response Chronicles: Exploring Telegram Abuse

Synacktiv

Exploiting Anno 1404

Snyk

Old AI Security vs Evo: Watch Agentic Security Replace Weeks of Manual Work

TrustedSec

Top 10 Blogs of 2025

ISC SANS

ISC Stormcast For Tuesday, December 16th, 2025 https://isc.sans.edu/podcastdetail/9740, (Tue, Dec 16th)

Teleport Blog

Secure AI Agent Infrastructure with Zero-Code MCP

Fastly

Smarter Data Migration: Move Less, Save More with Fastly

Auth0

FAPI for Developers: Here Is Your Guide

Datadog HQ

Troubleshooting Cilium network policies: Four common pitfalls

Eclypsium

BTS #65 - Exploring AI in Firmware Analysis

Dark Reading

How Cyber Insurance MGAs Shape Policies for Evolving Cyber-Risks

Dark Reading

Apple Patches More Zero-Days Used in 'Sophisticated' Attack

Ars Technica Security

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

Amazon Security

What AWS Security learned from responding to recent npm supply chain threat campaigns

Dark Reading

Think Like an Attacker: Cybersecurity Tips From a CISO

Microsoft Security

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

Amazon Security

Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure

Microsoft Security

Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense

Eclypsium

How to Operationalize NSA Guidance on UEFI Secure Boot at Scale

Meta Security

How AI Is Transforming the Adoption of Secure-by-Default Mobile Frameworks

Malwarebytes

Pig butchering is the next “humanitarian global crisis” (Lock and Code S06E25)

Dark Reading

Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files

Cloudflare

ChatGPT's rivals, Kwai's quiet rise: the top Internet services of 2025

Cloudflare

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Malwarebytes

PayPal closes loophole that let scammers send real emails with fake purchase notices

ISC SANS

More React2Shell Exploits CVE-2025-55182, (Mon, Dec 15th)

Schneier on Security

Against the Federal Moratorium on State-Level Regulation of AI

Auth0

An Accessible Guide to WCAG 3.3.9: Going for Gold

Rapid7

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Malwarebytes

A week in security (December 8 – December 14)

Eye Security

Microsoft 365 AitM Phishing Protection: Free Browser Extension

Eye Security Research

AitM Block: Preventing Modern M365 Phishing Attacks

ISC SANS

ISC Stormcast For Monday, December 15th, 2025 https://isc.sans.edu/podcastdetail/9738, (Mon, Dec 15th)

Fastly

An Indispensable Pillar of Resilience - The Human

Datadog HQ

From performance to impact: Bridging frontend teams through shared context

Datadog HQ

Monitor your Kubernetes operators to keep applications running smoothly

Datadog HQ

2025 cloud security roundup: How attackers abused identities, supply chains, and AI

Sansec Threat Research

Critical backdoor found in MGT Varnish extension

Teleport Blog

OWASP Top 10 for Agentic Applications 2026: Key Takeaways & How to Take Action

Schneier on Security

Upcoming Speaking Engagements

ISC SANS

Wireshark 4.6.2 Released, (Sun, Dec 14th)

MaskRay's Blog

Weak AVL Tree

ISC SANS

ClickFix Attacks Still Using the Finger, (Sat, Dec 13th)

Schneier on Security

Friday Squid Blogging: Giant Squid Eating a Diamondback Squid

Amazon Security

Implementing HTTP Strict Transport Security (HSTS) across AWS services

Troy Hunt

Processing 630 Million More Pwned Passwords, Courtesy of the FBI

Dark Reading

The CISO-COO Partnership: Protecting Operational Excellence

Rapid7

Metasploit Wrap-Up 12/12/2025

Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

Dark Reading

Vibe Coding: Innovation Demands Vigilance

Dark Reading

Microsoft Will Bundle Security Copilot With M365 Enterprise Licenses

Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

Malwarebytes

The US digital doxxing of H-1B applicants is a massive privacy misstep

Atredis Partners

Designing a Passive LiDAR Detector Device - Firmware

Amazon Security

Meet digital sovereignty needs with AWS Dedicated Local Zones expanded services

Malwarebytes

Google ads funnel Mac users to poisoned AI chats that spread the AMOS infostealer

Arch Cloud Labs

Chatting with Chippies: Modifying TP-Link AX 1800 Firmware

SentinelOne

The Good, the Bad and the Ugly in Cybersecurity – Week 50

SpiderLabs

A Rising Tide of Threats: The Offshore Energy Industry’s Threat Landscape

SpiderLabs

Threat Intelligence News from LevelBlue SpiderLabs December 2025

Dark Reading

Are Trade Concerns Trumping US Cybersecurity?

Schneier on Security

Building Trustworthy AI Agents

Trail of Bits

Catching malicious package releases using a transparency log

Malwarebytes

How private is your VPN?

Synacktiv

ActivID administrator account takeover : the story behind HID-PSA-2025-002

Dark Reading

Hamas-Linked Hackers Probe Middle Eastern Diplomats

ISC SANS

Abusing DLLs EntryPoint for the Fun, (Fri, Dec 12th)

Moonlock

Apple security bounties are down, even though Mac malware is up

Moonlock

Apple and Google are warning users about new Predator spyware

Fastly

4 Recommendations to Maximize Savings and Performance with Fastly’s CDN

Fastly

Essential Checklist: Get Ready for Peak Traffic Season with Fastly

Dark Reading

Money Mules Require Banks to Switch From Defense to Offense

Dark Reading

Encouraging Industry Voices to Write for the Commentary Section

Amazon Security

Exploring the new AWS European Sovereign Cloud: Sovereign Reference Framework

Palo Alto Networks

Redefining Workspace: Prisma Browser Secures Leadership in Frost Radar

Dark Reading

Attackers Exploited Gogs Zero-Day Flaw for Months

Talos Intelligence

One newsletter to rule them all