NPM ecosystem hit with two new supply chain compromises
Attacks targeting developer ecosystems are increasing in frequency and sophistication, with Node.js developers firmly in this […]
New Windows Bind Link techniques let attackers evade EDR, security controls
Attackers who already have administrator privileges on a Windows machine have newer ways to slip past […]
White House launches AI-driven vulnerability clearinghouse to speed cyber remediation
The White House is expanding the use of AI beyond cyber threat detection into vulnerability management, […]
New bugs in Claude for Chrome allow extensions to abuse AI privileges
Two vulnerabilities found in Anthropic’s Claude for Chrome extension remain exploitable months after they were reported […]
When 80,000 fans log on at once: The 2026 World Cup’s unique cybersecurity issues
With the World Cup in full swing, stadiums across North America are currently accommodating thousands of […]
Cybersecurity needs more prevention and less reliance on cure
Ask any medical doctor, and they’ll tell you that prevention is better than cure. It’s more […]
7 skills and traits of elite security engineers
Security engineers play a pivotal role in enterprise cybersecurity, because they are the professionals who design, […]
Microsoft is forcing an enterprise transition to passkeys
Passkeys have been around for some time, but enterprise-wide adoption to this point has been slow […]
Patch Tuesday roundup: Microsoft fixes a monthly record 569 holes; SAP patches a critical memory corruption bug
Earlier this month Microsoft warned that, because the latest AI models can now help discover vulnerabilities, […]
China’s Claude Code Backdoor Warning Deepens Enterprise AI Security Divide
China’s warning about alleged Claude Code backdoors is widening the divide between U.S. and Chinese AI […]