2+ hour, 54+ min ago  (303+ words) Going back to the city analogy, it's as if someone walked past every guard using a legitimate employee badge. No guard was wrong to let them through. The failure was that nobody maintained a map showing which doors the badge…...

2+ hour, 52+ min ago  (1234+ words) When Matt Schlicht built Moltbook, the social network where AI agents talk to one another, he didn't write the code himself. He "just had a vision," and vibe-coded it. The social network launched on Jan. 28, 2026, and within days, security researchers…...

2+ day, 14+ hour ago  (808+ words) A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root cause of the compromise was an expired domain name that attackers managed to register in order to hijack a…...

2+ day, 15+ hour ago  (767+ words) A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. "Because it's already being exploited in the wild, this isn't a "patch next…...

3+ day, 11+ min ago  (514+ words) Cisco has disclosed a max-severity authentication bypass vulnerability affecting its Catalyst SD-WAN Controller and Catalyst SD-WAN Manager platforms, warning that the flaw has already been found to be exploited in the wild. The disclosure follows an earlier authentication bypass vulnerability…...

3+ day, 1+ hour ago  (591+ words) This is not an article about autonomous cars. Security is approaching the same transition. For the last decade, the security industry has focused on detection. The emphasis has been on generating more alerts, improving signal quality and expanding coverage. These…...

3+ day, 2+ hour ago  (886+ words) Even for organizations already using software bills of materials (SBOMs), following new CRA obligations to report an actively exploited vulnerability in a product within 24 hours, and having to deliver a full report within three days may prove hard to meet....

3+ day, 2+ hour ago  (742+ words) There is a moment in almost every ransomware negotiation " usually around 36 hours, when legal, IT and the CFO are all in the same room " when someone says it out loud: "Let's just see what the insurance covers." That instinct, understandable…...

3+ day, 12+ hour ago  (371+ words) Researchers have found a critical vulnerability in the widely used Nginx web server that can potentially lead to remote code execution under certain conditions. The flaw is a heap buffer overflow that has gone undetected in the program's code for…...

3+ day, 15+ hour ago  (303+ words) Linux admins reeling from handling last month's Copy Fail and last week's Dirty Frag kernel vulnerabilities have a new headache to deal with: Fragnesia. "This is a significant vulnerability," Robert Beggs, head of incident response firm Digital Defence, told CSO....