Get the May 2026 update on Frontier AI-driven exploits. Learn the 4 immediate steps for agentic defense, vulnerability finding and

We’ve enabled higher usage limits, faster performance, better reliability, and increased shipping velocity for our Browser Run product by rebuilding

Used primarily for resource management, cgroups unlock valuable telemetry for investigating malicious processes on LinuxRed CanaryRead More

Code War author Allie Mellen explains how nations hack, why attribution fails, and what AI changes in cyberwarfare. Learn why

Key Points Introduction The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. Its operators advertise

Successful SOC operations require more than accurate detections. Instant access to context, clear conclusions, and operationally relevant insights allow incidents to move across workflows without delays:  Making ANY.RUN’s Interactive Sandbox a part

Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH).

What if you could generate realistic attack telemetry on demand? Explore research methods that translate attacker behaviors (TTPs) into synthetic

Anthropic said that Claude Mythos was too dangerous to release to the public. That claim has reopened an old debate

An analysis of attacks on Ollama, LM Studio, AutoGPT, and LangServe servers, and recommendations on protecting your organization from the

On March 21st, 2026, we received a submission for an Arbitrary File Read and an SQL Injection vulnerability in Avada

Read how to protect consumer websites and defend against modern DDoS attacks with layered security, resilient architecture, and graceful service

Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and

BlogRead More

Introducing Idira: The AI-Driven Identity security platform. Extend Zero Standing Privilege to every human, machine, and AI agent identity in

We investigated a bug where CUBIC’s congestion window became pinned at its minimum floor, causing a performance to plummet. The

Security teams don’t lack data. They lack timely, usable intelligence. Analysts spend too much time validating indicators, switching between tools, and figuring out what actually matters.

A 2026 operational review of Public ENUM under e164.arpa found that half of the current delegations show some form of

We open-sourced Foundry Security Spec: a model-agnostic blueprint for agentic security evaluation. Turn noisy alerts into actionable, verifiable findings.More RSS

Kaspersky researchers are sharing insights into the main ransomware trends for 2026: EDR killers on the rise, switching from data

Palo Alto Networks introduces Frontier AI Defense to counter autonomous AI cyber threats. Get continuous protection and autonomous remediation against

TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and

Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders. The

BlogRead More

The RIPE Chair Team reports on what to expect at RIPE 92, including the main programme and parallel events, WG

For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP

Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70

Background “EtherHiding” is a technique that we keep seeing with increased popularity in the threat landscape. Threat actors store data

The Instructure Canvas breach affects universities, K–12 school districts, and teaching hospitals globally. This blog entry intends to provide context

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and memory-fragment handling components including esp4,

The evolution of correlation rules in the Kaspersky Unified Monitoring and analysis SIEM system.Kaspersky official blogRead More

Using just a powerful graphics card, hackers can crack 60% of real user passwords in less than an hour. Even

A sovereign cloud is more than a regional cloud deployment. It is a cloud environment designed to keep data, operations,

Read the technical details of a security vulnerability (CVE-2026-34354) in Akamai Guardicore Platform Agent for Windows — and get clear

Karakurt and DPRK facilitators sentenced, PCPJack worm steals cloud credentials while evicting rivals, and attackers exploit an unpatched PAN-OS zero-day.SentinelOneRead

There is a wonderful little web based alert and event front-end called EveBox, which renders Eve JSON formatted data to

During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project

Secure your AI models. The Nutanix and Palo Alto Networks Prisma AIRS integration provides advanced AI Model Security and AI

This afternoon, we sent the following email to our global team. One of our core values at Cloudflare is transparency,

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these vulnerabilities

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were

This World Passkey Day, read how Microsoft is advancing passkey adoption to replace passwords, cut phishing risk, and deliver simpler,

When a critical Linux kernel privilege escalation was publicly disclosed, Cloudflare’s security and engineering teams detected, investigated, and mitigated the

Clean up your browser by removing unneeded extensions, clearing cached data, scanning for info-stealing malware, and more.Red CanaryRead More

The VoidStealer malware employs a new technique to circumvent Chrome’s App-Bound Encryption mechanism, gaining access to session cookies and other

This report provides statistical data on published vulnerabilities and exploits we researched during Q1 2026. It also includes summary data

Unit 42 details CVE-2026-0300, a buffer overflow vulnerability in the PAN-OS User-ID Authentication Portal. Read now for details. The post

BlogRead More

A deeper look at the first three pillars and outlining how our capabilities directly support government agencies working to bring

The Akamai State of AI Inference report captures real data from the field that describes how AI inference is being

Read why Akamai was named the only Customers’ Choice in the 2026 Gartner Peer Insights Voice of the Customer for

On May 5, 2026, DENIC published broken DNSSEC signatures for the .de TLD, making millions of domains unreachable. Here’s what

Microsoft is excited to be named an Overall Leader, and the Market Leader in the Kuppinger Cole Analyst’s 2026 Emerging

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands. This campaign

On April 18th, 2026, we received a submission for an Authenticated Arbitrary File Upload vulnerability in Slider Revolution, a WordPress

Speed is the new cyber perimeter. Wendi Whitmore, CISO at Palo Alto Networks, explains how to fight machine-speed attacks and

Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware

We explain what suspicious websites are and how to distinguish a safe site from a fraudulent one. A new category

Nowadays CISOs face escalating threats that outpace traditional defenses. The strategy is evolving from compliance-driven checklists to a threat-informed approach. MITRE ATT&CK

During 2019, as part of the results of S2 Grupo’s incident management service, LAB52 gained access to a set of

PeeringDB is a widely used resource for interconnection data, and in these regular updates, we help users keep track of

Copy Fail (CVE-2026-31431) is a critical Linux kernel LPE that allows stealthy root access. This flaw impacts millions of systems.

Targeting multiple industries worldwide, the InstallFix campaign uses fake Claude AI installer pages to trick users into running malware that

Learn how attackers weaponize SaaS auto-download links and rotating phishing lures to deliver RMM malware. See how Cortex Email Security

BlogRead More

On April 22nd, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Breeze Cache, a WordPress plugin with

A new large-scale phishing campaign is targeting U.S. organizations with fake event invitations that lead to credential theft, OTP interception,

BlogRead More

Kaspersky experts have detected a supply chain attack using the popular DAEMON Tools software.Kaspersky official blogRead More

The IPv8 proposal brings together routing, identity, and network management into a single design, but does it leave too many

TrendAI™ Research breaks down Quasar Linux (QLNX), a previously undocumented sophisticated Linux RAT with low detection rates. In this blog,

BlogRead More

BlogRead More

Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of conduct-themed lures, a multi-step

Red Canary’s monthly roundup of upcoming security conferences and call for papers (CFP) submission deadlines May 2026Red CanaryRead More

Cisco’s latest paper details the evolving AI threat landscape and provides actionable recommendations to help customers secure their environments.More RSS

I am thrilled to announce the release of a brand new tool called FlowCarp! FlowCarp is a simple command line

For the latest discoveries in cyber research for the week of 4th May, please download our Threat Intelligence Bulletin. TOP

How and why droids from “Star Wars: Skeleton Crew” and “Andor” switch their allegiances.Kaspersky official blogRead More

Kaspersky expert breaks down a new phishing scheme that uses the Amazon SES cloud email service. Let’s look at some

Unit 42 and Armadin partner to expand Frontier AI Defense. Get autonomous, AI-driven offensive security assessments and decision-grade proof of

Palo Alto Networks acquires Portkey, integrating its AI Gateway into Prisma AIRS. Get the unified control plane to securely govern

Palo Alto Networks enhances AI-Driven Defense using Anthropic’s Claude Opus 4.7. Outpace automated threats and rapidly find and fix vulnerabilities

A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud environments and Kubernetes workloads. With a working

Unit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore the full details here.

We have completed a massive engineering effort to make our infrastructure more resilient. Through new tools like Snapstone and the

​Today we’re announcing the general availability of Agent 365, plus previews of new capabilities to discover and manage shadow AI

Dynamic Workflows is a library that lets you route durable execution to tenant-provided code on the fly. Built on Dynamic

Authorities dismantle cybercrime rings, scammers extract billions using social media, and threat actors poison SAP-related npm packages.SentinelOneRead More

Unit 42 uncovers high-risk AI browser extensions. Disguised as productivity tools, they steal data, intercept prompts, and exfiltrate passwords. Protect

BlogRead More

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were

Stay ahead of emerging threats with Microsoft’s newest security innovations and updates, delivered through the In the Loop series. The

For the first time, Proofpoint is publishing the AI and Human Risk Landscape report, a global study that examines how

In early 2026, email threats increased with a rise in credential phishing, QR code phishing, and CAPTCHA-gated campaigns, highlighted by

Cloudflare IPsec now has generally available support for post-quantum encryption via hybrid ML-KEM. We’ve confirmed interoperability with Cisco and Fortinet.The

April brought several updates across ANY.RUN’s Threat Intelligence and detection coverage.  The biggest change is expanded access to Threat Intelligence:

Cisco has brought networking and security skills to more than one million Brazilians. With its vast untapped wealth of talent,

Proposed at RIPE 91 in the Address Policy Working Group and then further discussed in the Database Working Group, the

The Silver Fox group is targeting companies in Russia and India by impersonating tax authorities to distribute ValleyRAT and the