BlogRead More

In late January 2026 an advisory covering two remote code execution vulnerabilities (CVE-2026-1281 & CVE-2026-1340) in Ivanti Endpoint Manager Mobile

Learn how Cloudflare and CDW de-risk SASE migrations with a blueprint that treats legacy debt as an application modernization project.The

LAB52, the intelligence team at S2 Group, has identified a new campaign targeting Ukrainian entities, attributed to actors linked to

Ransomware negotiator charged with aiding BlackCat, actors exploit FortiGate firewalls to breach networks, and Iran hacktivists wipe Stryker systems.SentinelOneRead More

The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention.

Legacy security wasn’t built for autonomous AI. See how Akamai partners are stepping into the ring to build trust and

An espionage operation demonstrated strategic operational patience against targets in Southeast Asia, deploying custom backdoors. The post Suspected China-Based Espionage

We are observing an increase of wiper attacks by the Iran-linked Handala Hack group (aka Void Manticore) through phishing and

Threat actors are advertising pages featuring malicious instructions for installing AI agents like Claude Code, Doubao, and OpenClaw.Kaspersky official blogRead

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were

Key Findings Introduction Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025,

The latest Microsoft benchmarking data reveals how Microsoft Defender mitigates modern email threats compared to SEG and ICES vendors. The

BlogRead More

Hidden instructions in content can subtly bias AI, and our scenario shows how prompt injection works, highlighting the need for

Blocking bots isn’t enough anymore. Cloudflare’s new fraud prevention capabilities — now available in Early Access — help stop account

How to use the open source Assemblyline tool to track browser extension updates and detect malicious codeRed CanaryRead More

Security teams depend on early signals to spot and contain new threats. But what happens when a fully capable infostealer

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies

BlogRead More

How to protect yourself from the BeatBanker Android trojan, which steals cryptocurrency, hijacks your hardware for crypto mining, and swipes

BlogRead More

Cloudflare AI Security for Apps is now generally available, providing a security layer to discover and protect AI-powered applications, regardless

Cloudflare now returns RFC 9457-compliant structured Markdown and JSON error payloads to AI agents, replacing heavyweight HTML pages with machine-readable

Analyst note: Proofpoint uses the UNK_ designator to define clusters of activity that are still developing and have not been observed

In busy SOC environments, every minute spent waiting for threat validation slows containment and impacts response metrics. The ANY.RUN integration with Tines

Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access —

A new study has uncovered hundreds of vulnerabilities in popular mental health apps, including leaks of diagnoses, therapy notes, and

Key Points Iran-linked actors are increasingly engaging with the cyber crime ecosystem. Their activity suggests a growing reliance on criminal

On February 4th, 2026, we received a submission for an SQL Injection vulnerability in Ally, a WordPress plugin estimated to

BlogRead More

In this guest post, the team at SIDN Labs introduce a new dashboard built on RIPE Atlas data that lets

Cloudflare’s new Security Overview dashboard transforms overwhelming security data into prioritized, actionable insights, empowering defenders with contextual intelligence on vulnerabilities.The

Cloudflare will be integrating Mastercard’s RiskRecon attack surface intelligence capabilities to help you eliminate Internet-facing blind spots while continuously monitoring

Log Explorer customers can now identify and investigate multi-vector attacks. Log Explorer supports 14 additional Cloudflare datasets, enabling users to

Threat modeling for AI supply chain risks, disrupting infostealers, and dumb ways to die: We combed through 600+ RSAC 2026

FortiGate SSO flaws allows attackers to steal configs, abuse AD creds, deploy RMM tools, and exfiltrate NTDS files.SentinelOneRead More

The RIPE Chair Team reports on preparations for RIPE 92, including programme planning and opportunities for community participation, as well

ANY.RUN’s analysts are observing a sharp increase in phishing activity abusing Microsoft’s OAuth Device Code flow, with more than 180 phishing URLs

Unit 42 research reveals AI judges are vulnerable to stealthy prompt injection. Benign formatting symbols can bypass security controls. The

Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and

February 2026 brought a surge of sophisticated cyber threats targeting businesses across industries. ANY.RUN’s analysts exposed and explored several major

February brought another round of major detection improvements across ANY.RUN’s threat intelligence and sandbox coverage. Alongside new Threat Intelligence reports, our analysts expanded behavioral visibility

Learn about OpenClaw (a sovereign agent) and how this can be viable for enterprises.Trend Micro Research, News and PerspectivesRead More

BlogRead More

For the latest discoveries in cyber research for the week of 9th March, please download our Threat Intelligence Bulletin. TOP

On December 30th, 2025, we received a submission for an Authentication Bypass vulnerability in Tutor LMS Pro, a WordPress plugin

Discover how Cloudflare partners TachTech and Adapture are shattering the 18-month migration myth, deploying agile SASE for global enterprises in

Cloudflare’s new Web and API Vulnerability Scanner helps teams proactively find logic flaws. By using AI to build API call

Learn how Microsoft Agent 365 and Microsoft 365 E7 can help secure your Frontier Transformation. The post Secure agentic AI

Today we’re disclosing request smuggling vulnerabilities when our open source Pingora service is deployed as an ingress proxy and how

At [un]prompted 2026, TrendAI™ demonstrated how documents can be used to exploit AI-driven KYC pipelines and introduced FENRIR, an automated

Splunk will help TPG Telecom accelerate its transition to an AIOps-driven Service Operations Centre — boosting service reliability, strengthening security,

If you want to bring something into the light, a cinema projector is an effective tool. Too often, the work

When Jothi Dugar isn’t battling cybercriminals, she’s helping people be their best, most authentic selves in the workplace.More RSS Feeds:

Palo Alto Networks applauds the new National Cyber Strategy. We detail our support for key aspects of its six pillars,

Cloudflare One unifies data security from endpoint to prompt: RDP clipboard controls, operation-mapped logs, on-device DLP, and Microsoft 365 Copilot

Authorities seize Tycoon2FA & LeakBase, researchers expose Coruna iOS exploits, and hacktivists launch DDoS attacks after U.S.-Israel strikes.SentinelOneRead More

VMRay UniqueSignal Last year VMRay announced UniqueSignal, a threat intelligence feed that includes: Indicators of Compromise (IOCs) such as IPs, URLs and

In-depth analysis of threat activity we call CL-UNK-1068. We discuss their toolset, including tunneling, reconnaissance and credential theft. The post

This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were

This Women’s History Month, we explore ways to support the next generation of female defenders at every career stage. The

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly

By transitioning the Cloudflare One Client to use QUIC streams for Proxy Mode, we eliminated the overhead of user-space TCP

Automatic Return Routing (ARR) solves the common enterprise challenge of overlapping private IP addresses by using stateful flow tracking instead

The BoryptGrab campaign uses fake SEO‑optimized GitHub repositories and deceptive download pages to distribute a data‑stealing malware family that delivers

The Cloudflare One Client now features the ability to actively probe and adjust packet sizes. This update eliminates the problems

Find out how Harmonic achieved high-performance AI inference on Akamai Cloud with NVIDIA Blackwell GPUs, optimizing for speed and efficiency.BlogRead

We deconstruct a threat hunt for malicious OpenClaw AI agents, outlining how we identify and migitate risks posed by unauthorized

We’ve been looking at how members navigate between RIPE NCC services and where friction appears. This article shares the research

You just sold a stack of old books for $100 on Facebook Marketplace. The buyer seemed eager, messaged instantly, and

Detailed instructions for disabling intrusive AI features in popular services and operating systems.Kaspersky official blogRead More

Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes

Cloudflare is introducing Attack Signature Detection and Full-Transaction Detection to provide continuous, high-fidelity security insights without the manual tuning of

Key findings  Tycoon 2FA is one of the most popular phishing-as-a-service (PhaaS) platforms currently used by threat actors, and highest

Cloudflare One is partnering with Nametag to combat laptop farms and AI-enhanced identity fraud by requiring identity verification during employee

Cloudflare One now incorporates dynamic User Risk Scores into Access policies to enable automated, adaptive security responses. This update allows

Cloudflare’s Gateway Authorization Proxy adds support for identity-aware policies for clientless devices, securing virtual desktops, and guest networks without a

Cloudflare’s mandatory authentication and independent MFA protect organizations by ensuring continuous enforcement, from the moment a machine boots until sensitive

Explaining how the browser-in-the-browser phishing technique works, why fake login windows look just like the real thing, and the red

How to detect and respond to OAuth consent attacks in Google WorkspaceRed CanaryRead More

Statistics on Android malware and the most notable mobile threats of 2025: preinstalled backdoors Keenadu and Triada, spyware Trojans, the

Key Findings Introduction As highlighted in the Cyber Security Report 2026, cyber operations have increasingly become an additional tool in interstate

BlogRead More

BlogRead More

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise environments. Organizations

Stay ahead with NVIDIA RTX PRO™ 6000 Blackwell Server Edition GPUs in the Akamai Inference Cloud. Discover the right GPU

Silver Dragon Targets Organizations in Southeast Asia and Europe Key Findings Introduction In recent months, Check Point Research (CPR) has

The Kaspersky Container Security solution (part of the Kaspersky Cloud Workload Security offering) now has an OpenAI API interface for

Email security is a constant arms race. Like WWII engineers reinforcing only the planes that returned, survivorship bias hides real

Cloudflare CASB Remediation lets security teams go beyond visibility to fix risky file sharing in Microsoft 365 and Google Workspace

Cloudy is our LLM-powered explanation layer built directly into Cloudflare One. Its explanations, now part of Phishnet and API CASB,

Stop managing ETL pipelines and start threat hunting. Introducing new visualization, automation, and enrichment tools in the Cloudflare Threat Intelligence

There has been a fundamental shift toward industrialized cyber threats, highlighted by a record 31.4 Tbps DDoS attack and sophisticated

Uncover real-world indirect prompt injection attacks and learn how adversaries weaponize hidden web content to exploit LLMs for high-impact fraud.

On any given day, RIPE Atlas generates billions of measurement results, offering a comprehensive view of connectivity and reachability worldwide.

Learn how Claude Code Security set Cybersecurity stocks on fire.Trend Micro Research, News and PerspectivesRead More