Double Pulsar
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability
Microsoft Recall on Copilot+ PC: testing the security and privacy implications
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
No, there isn’t a world ending Apache Camel vulnerability
Use one Virtual Machine to own them all — active exploitation of ESXicape
2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.
Handala attempts a supply chain hack via ReutOne
Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs
Hacker group Handala Hack Team claim battery explosions linked to Israeli battery company.
CrowdStrike trying to use legal threats to suppress criticism and parody of global IT outage
Microsoft need to be transparent about customer impacting DDoS attacks
What I learned from the ‘Microsoft global IT outage’
Snowflake at centre of world’s largest data breach
Recall: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible.
How the new Microsoft Recall feature fundamentally undermines Windows security
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority
Delinea has cloud security incident in Thycotic Secret Server gaff
Cybersecurity from the trenches, written by Kevin Beaumont. Opinions are of the author alone, not their employer. - Medium