Security Bulletin

Ehsaan Mavani talks about Alternate Data Streams (ADS) in diary entry " Alternate Data Streams ? Adversary Defense Evasion and Detection [Guest Diary]".

At this week's re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.

Cato Networks’ prompt injection exploit highlights the risks of external input to internal AI services.

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.

Relying solely on AI for identity security overlooks essential human capabilities such as adaptability, creativity, and nuanced judgment.

Aflac incident comes four days after Google warned that Scattered Spider was attacking the U.S. insurance industry.

The communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly disclose other than that there seems to be no impact on customers.

As geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showing the new face of cyber-augmented war.

Securing the no-code supply chain isn't just about mitigating risks — it's about enabling the business to innovate with confidence.

Meta has revealed plans to roll out passkeys for Facebook on Android and iOS soon, as well as for Messenger in the coming months, in a bid to bolster user account security, The Hacker News reports.