eastbaycyber
Threat digests
Category

Threat digests

Daily and weekly roundups of cybersecurity news, breaches, and emerging threats.

148 entries

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily July 11, 2026 digest covering U-Boot firmware risks, ShareFile emergency guidance, active exploitation, and critical CVEs to patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily July 11, 2026 digest covering U-Boot firmware risks, ShareFile emergency guidance, active exploitation, and critical CVEs to patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering ransomware, supply chain risks, AI-enabled phishing, and critical CVEs defenders should patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering ransomware, supply chain risks, AI-enabled phishing, and critical CVEs defenders should patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity digest for July 9, 2026 covering major breaches, active exploitation, supply chain risks, and critical vulnerabilities.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity digest for July 9, 2026 covering major breaches, active exploitation, supply chain risks, and critical vulnerabilities.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering ColdFusion patch orders, Accenture breach, router risks, CI/CD exposure, and critical CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering ColdFusion patch orders, Accenture breach, router risks, CI/CD exposure, and critical CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering critical patches, active exploitation, phishing, Teams malware delivery, and high-risk CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering critical patches, active exploitation, phishing, Teams malware delivery, and high-risk CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering critical CVEs, a public-sector cyber incident, and key security developments defenders should track today.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering critical CVEs, a public-sector cyber incident, and key security developments defenders should track today.

Threat digests

What is STRIDE? A Practitioner's Definition

STRIDE is a threat modeling method that helps teams identify six common attack types and turn design reviews into concrete security actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threat digest for July 5, 2026 covering Palo Alto concerns, AI-driven ransomware, malicious packages, and critical CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threat digest for July 5, 2026 covering Palo Alto concerns, AI-driven ransomware, malicious packages, and critical CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily digest for July 4, 2026 covering major cyber threats, critical Gitea flaws, Microsoft 365 phishing risks, and defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily digest for July 4, 2026 covering major cyber threats, critical Gitea flaws, Microsoft 365 phishing risks, and defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering active exploitation, M365 token theft, proxy takedowns, breach fallout, and critical July 3 CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering active exploitation, M365 token theft, proxy takedowns, breach fallout, and critical July 3 CVEs.

Threat digests

What is CI/CD Pipeline Security? A Practitioner's Definition

Learn how to integrate security into a CI/CD pipeline with practical controls, examples, and guidance for developers and IT teams.

Threat digests

What is pass-the-hash? A Practitioner's Definition

Pass-the-hash is a lateral movement technique that abuses stolen password hashes for authentication. Learn how it works and how to defend.

Threat digests

What is the secure software development lifecycle (SSDLC)? A Practitioner's Definition

Learn what the secure software development lifecycle is, how it works, when it applies, and which related security terms matter most.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for July 2, 2026 covering active attacks, major breaches, exposed enterprise apps, and urgent patch priorities.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for July 2, 2026 covering active attacks, major breaches, exposed enterprise apps, and urgent patch priorities.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

July 1 cybersecurity threats: Adobe ColdFusion CVEs, Azure password spraying, malicious PyPI packages, browser risks, and defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

July 1 cybersecurity threats: Adobe ColdFusion CVEs, Azure password spraying, malicious PyPI packages, browser risks, and defender actions.

Threat digests

What is an identity provider? A Practitioner's Definition

An identity provider verifies user identity and issues login assertions so people can securely access apps with single sign-on.

Threat digests

What is Kerberoasting? A Practitioner's Definition

Kerberoasting is an Active Directory attack that abuses service tickets to crack service account passwords offline. Learn how it works and how to prevent it.

Threat digests

What is securing service accounts in Active Directory? A Practitioner's Definition

Learn how to secure service accounts in Active Directory, why they matter, where they create risk, and the controls admins should apply first.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity digest for June 30, 2026 covering active exploitation, Oracle-linked breaches, AWS WAF flaws, and urgent patch actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity digest for June 30, 2026 covering active exploitation, Oracle-linked breaches, AWS WAF flaws, and urgent patch actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 29, 2026 covering a major ISP credential breach, critical CVEs, and practical defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 29, 2026 covering a major ISP credential breach, critical CVEs, and practical defender actions.

Threat digests

What is just-enough-access? A Practitioner's Definition

Just-enough-access gives users only the minimum access needed for a specific task and time, reducing attack surface and limiting blast radius.

Threat digests

What is privileged access management (PAM)? A Practitioner's Definition

Privileged access management (PAM) secures admin accounts, limits access, and records sensitive sessions to reduce breach risk.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering AI repo malware risks and critical flaws in Gitea, Zephyr, FFmpeg, and a WordPress plugin.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering AI repo malware risks and critical flaws in Gitea, Zephyr, FFmpeg, and a WordPress plugin.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering exploited enterprise flaws, phishing campaigns, supply-chain abuse, and critical CVEs defenders should patch.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering exploited enterprise flaws, phishing campaigns, supply-chain abuse, and critical CVEs defenders should patch.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threat digest covering major security news, critical CVEs, and practical defender actions for June 26, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threat digest covering major security news, critical CVEs, and practical defender actions for June 26, 2026.

Threat digests

What is a privileged access workstation? A Practitioner's Definition

A privileged access workstation is a locked-down admin device used only for sensitive tasks to reduce credential theft and limit attack paths.

Threat digests

What is microsegmentation? A Practitioner's Definition

Microsegmentation limits east-west movement by applying granular network and workload policies, reducing breach impact in modern environments.

Threat digests

What is Zero Trust architecture? A Practitioner's Definition

Zero Trust architecture verifies every user, device, and request continuously to reduce lateral movement and limit breach impact.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering exploited network flaws, browser risk, critical CVEs, and priority actions for defenders today.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering exploited network flaws, browser risk, critical CVEs, and priority actions for defenders today.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 24, 2026 covering active exploitation, major breaches, macOS malware, and critical AI app flaws.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 24, 2026 covering active exploitation, major breaches, macOS malware, and critical AI app flaws.

Threat digests

What is Kubernetes Secret Rotation? A Practitioner's Definition

Learn how to rotate Kubernetes secrets safely, reduce outage risk, and update apps, clusters, and credentials with controlled rollout steps.

Threat digests

What is securing inter-pod communication with network policies? A Practitioner's Definition

Learn how Kubernetes NetworkPolicies restrict inter-pod traffic, reduce lateral movement, and help enforce least privilege in clusters.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily threat digest for June 23, 2026 covering active exploitation, major phishing and firewall threats, and critical CVEs defenders should patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily threat digest for June 23, 2026 covering active exploitation, major phishing and firewall threats, and critical CVEs defenders should patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering router botnets, Fortinet credential exposure warnings, and critical CVEs defenders should patch now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering router botnets, Fortinet credential exposure warnings, and critical CVEs defenders should patch now.

Threat digests

What is container image vulnerability scanning? A Practitioner's Definition

Container image vulnerability scanning finds known flaws in image packages and layers so teams can fix risk before deployment.

Threat digests

What is pod security admission? A Practitioner's Definition

Pod Security Admission is Kubernetes built-in policy enforcement for pod security standards at the namespace level.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering major incidents, critical CVEs, ransomware activity, and practical defense actions for June 21, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering major incidents, critical CVEs, ransomware activity, and practical defense actions for June 21, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering active exploitation, critical CVEs, SaaS token risk, and immediate defender actions for June 20, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering active exploitation, critical CVEs, SaaS token risk, and immediate defender actions for June 20, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

June 10, 2026 threat digest covering Ivanti Sentry bugs, Microsoft zero-days, CISA KEV additions, SAP fixes, and defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

June 10, 2026 threat digest covering Ivanti Sentry bugs, Microsoft zero-days, CISA KEV additions, SAP fixes, and defender actions.

Threat digests

What is Docker container hardening? A Practitioner's Definition

Docker container hardening reduces attack surface with safer images, tighter runtime controls, and least privilege settings.

Threat digests

What is Kubernetes cluster security? A Practitioner's Definition

Kubernetes cluster security is the practice of hardening nodes, workloads, and access controls to reduce breach risk and limit impact.

Threat digests

What is Kubernetes RBAC? A Practitioner's Definition

Kubernetes RBAC controls who can do what in a cluster using roles and bindings. Learn how it works and how to configure it safely.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

June 9 threat digest covering exploited VPN and browser flaws, critical CVEs, and the immediate patching and monitoring steps defenders should take.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

June 9 threat digest covering exploited VPN and browser flaws, critical CVEs, and the immediate patching and monitoring steps defenders should take.

Threat digests

What is Endpoint Detection and Response? A Practitioner's Definition

Endpoint Detection and Response is a security capability that detects, investigates, and helps contain threats on laptops, servers, and other endpoints.

Threat digests

What is Extended Detection and Response? A Practitioner's Definition

Extended Detection and Response, or XDR, unifies telemetry, detection, and response across security tools to improve visibility and speed up triage.

Threat digests

What is Identity and Access Management? A Practitioner's Definition

Identity and Access Management controls who can access systems, what they can do, and how organizations enforce secure authentication.

Threat digests

What is Network Detection and Response? A Practitioner's Definition

Network Detection and Response is a security capability that analyzes network activity to find threats, investigate incidents, and guide response.

Threat digests

What is Security Information and Event Management? A Practitioner's Definition

Security Information and Event Management centralizes logs, correlates alerts, and helps teams detect, investigate, and respond faster.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering account hijacks, router botnets, vishing extortion, and critical WordPress and Tenda flaws.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest covering account hijacks, router botnets, vishing extortion, and critical WordPress and Tenda flaws.

Threat digests

What are the OWASP LLM Top 10 risks? A Practitioner's Definition

A concise practitioner guide to the OWASP LLM Top 10 risks, how they work, where they appear, and what defenders should do first.

Threat digests

What is LLM Output Security Auditing? A Practitioner's Definition

Learn what LLM output security auditing is, how it works, when to use it, and which checks help catch leaks, unsafe code, and risky responses.

Threat digests

What is shadow AI? A Practitioner's Definition

Shadow AI is the unapproved use of AI tools at work, creating security, privacy, and compliance risks that IT and security teams must manage.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Threat digest for June 7, 2026 covering active WordPress exploitation and critical CVEs defenders should assess and remediate now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Threat digest for June 7, 2026 covering active WordPress exploitation and critical CVEs defenders should assess and remediate now.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Critical CVEs

Cybersecurity threats digest covering active exploitation, critical CVEs, and urgent defender actions for June 6, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Critical CVEs

Cybersecurity threats digest covering active exploitation, critical CVEs, and urgent defender actions for June 6, 2026.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 5, 2026 covering Cisco SD-WAN zero-day exploitation, supply chain attacks, breaches, and critical CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 5, 2026 covering Cisco SD-WAN zero-day exploitation, supply chain attacks, breaches, and critical CVEs.

Threat digests

What is model extraction? A Practitioner's Definition

Model extraction is the theft or reconstruction of a machine learning model through queries, outputs, or exposed artifacts.

Threat digests

What is securing an AI API endpoint? A Practitioner's Definition

Learn how to secure an AI API endpoint with practical controls for authentication, input validation, data protection, logging, and abuse prevention.

Threat digests

What is training data poisoning? A Practitioner's Definition

Training data poisoning is the deliberate manipulation of AI training data to alter model behavior, accuracy, or outputs in ways that help an attacker.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 4, 2026 covering active attacks, critical CVEs, infrastructure risks, and immediate defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity threats digest for June 4, 2026 covering active attacks, critical CVEs, infrastructure risks, and immediate defender actions.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Threat Digest for June 3, 2026 covering major cyber incidents, critical CVEs, and the actions defenders should prioritize today.

Threat digests

How to Prevent Prompt Injection in LLM Applications

Learn how to reduce prompt injection risk in LLM apps using isolation, tool controls, validation, and monitoring practices.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Threat Digest for June 3, 2026 covering major cyber incidents, critical CVEs, and the actions defenders should prioritize today.

Threat digests

What Is Indirect Prompt Injection?

Indirect prompt injection is when hidden instructions in external content manipulate an AI assistant. Learn how it works and why it matters.

Threat digests

What Is Prompt Injection and How Does It Work?

Prompt injection is a way to manipulate AI assistants with malicious instructions, causing unsafe, misleading, or unauthorized behavior.

Threat digests

Attack Surface Management: Definition, How It Works, and When You’ll Use It

Attack surface management helps organizations find, monitor, and reduce exposed internet-facing assets before attackers can exploit them.

Threat digests

Cyber Threat Intelligence (CTI): Definition, Uses, and Why It Matters

Cyber Threat Intelligence (CTI) is evidence-based information about threats that helps teams prioritize risk, detect attacks, and respond faster.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity digest for June 2, 2026 covering active web campaigns, supply-chain risks, account takeover abuse, and critical CVEs.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Daily cybersecurity digest for June 2, 2026 covering active web campaigns, supply-chain risks, account takeover abuse, and critical CVEs.

Threat digests

Security Orchestration (SOAR): Definition, How It Works, and When You Will Encounter It

SOAR helps security teams automate workflows, connect tools, and respond faster to alerts. Learn what it is, how it works, and where it fits.

Threat digests

Threat Intelligence Platform: Definition and How It Works

A threat intelligence platform collects, enriches, and operationalizes threat data so security teams can prioritize risks and act faster.

Threat digests

Zero Trust Network Access (ZTNA): Definition, How It Works, and When You’ll Use It

Zero Trust Network Access is a secure access model that verifies users and devices before granting least-privilege access to apps.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

June 1 cybersecurity digest covering Windows update fixes, WordPress exploitation, and critical CVEs affecting Teamwork Cloud, OTRS, and routers.

Threat digests

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

June 1 cybersecurity digest covering Windows update fixes, WordPress exploitation, and critical CVEs affecting Teamwork Cloud, OTRS, and routers.

Threat digests

Palo Alto Exploited, Linux CIFSwitch Root Flaw, and Critical CVEs to Triage

Daily cybersecurity threats digest for May 31, 2026: Palo Alto exploitation, Linux CIFSwitch root flaw, and critical CVEs defenders should triage.

Threat digests

Malware Lures, Data Breach Fallout, Botnet Disruption, and Chrome Defenses

Daily cybersecurity threats digest for May 30, 2026: malware lures, data breach fallout, botnet disruption, Chrome defenses, and critical CVEs.

Threat digests

CISA Iran Guidance, PowerSchool Fallout, Patch Tuesday Prep, and Key CVEs

Daily cybersecurity threat digest for May 29, 2026: CISA Iran guidance, PowerSchool fallout, Patch Tuesday prep, and key CVEs.

Threat digests

Interlock Ransomware, PrintSteal, Scattered Spider, and npm Supply-Chain Risks

Daily cybersecurity threat digest covering Interlock ransomware, PrintSteal, Scattered Spider activity, npm supply-chain risks, and key CVEs.

Threat digests

Chrome and Edge Patching, CISA KEV Activity, Android Zero-Day, and Notable CVEs

Daily threat digest for May 27, 2026: Chrome and Edge patching, CISA KEV activity, Android zero-day reporting, and notable new CVEs.

Threat digests

ServiceStack RCE, VirtualBox Vulns, NAKIVO Flaw, and Infostealer Crackdown

Daily cybersecurity threats digest for May 26, 2026: top stories, critical CVEs, and practical defender actions.

Threat digests

Securing the Transition to IPv6

Threat digests

Supply Chain Dependencies in the Cloud

Threat digests

Weekend Briefing: Communicating Cyber Risk

Threat digests

Threat Intel on FinTech Ransomware Campaigns

Threat digests

DNSSEC and the Resiliency of Core Services

Threat digests

Evaluating MITRE ATT&CK Updates for LLMs

Threat digests

Mitigating Risks in Enterprise AI Factories

Threat digests

Identity Governance in a Zero Trust Architecture

Threat digests

Fake AI Malware Lures, Low-Cost Password Cracking, and Critical CVEs

Daily cybersecurity digest for May 17, 2026: fake AI malware lures, low-cost password cracking, and critical CVEs defenders should review.

Threat digests

Nucor Breach, ClickFix, EDRKillShifter, SAP NetWeaver Exposure, and Critical CVEs

Threat digest for 2026-05-15: Nucor, ClickFix, EDRKillShifter, SAP NetWeaver exposure, BreachForums, and critical CVEs.

Threat digests

Ransomware This Week: Patterns, Pressure Points, and What Defenders Should Notice

This week in ransomware: identity abuse, double extortion, backup gaps, and the practical defense priorities security teams should address now.

Threat digests

Supply Chain Compromise Patterns Security Teams Should Note

This week's supply chain security lessons: dependency abuse, build pipeline tampering, identity risk, and practical defenses.

Threat digests

Cloud Misconfiguration Breaches: Weekly Lessons

Cloud misconfiguration breaches still start with exposed storage, overbroad IAM, and logging gaps. Here’s what defenders should tighten now.

Threat digests

Looking Back: Identity Attacks and MFA Bypass

A weekly look at identity-based attacks, MFA bypass patterns, and practical defenses for security teams.

Threat digests

Phishing Kit Innovations: This Week’s Tradecraft Shifts

A practical look at phishing kit innovations this week, including MFA bypass trends, evasion tactics, and defender response steps.

Threat digests

Critical Vulnerability Roundup: This Week’s Security Lessons

Critical vulnerability roundup with this week’s key security lessons on patching, identity risk, exposure, and faster response.

Threat digests

Looking Back at This Week in Nation-State APT Activity

A weekly look at nation-state APT activity, recurring tradecraft, and practical defensive actions for security teams.

Threat digests

Browser Zero-Day Exploitation: This Week’s Lessons

A practical look at browser zero-day exploitation, exploit chains, and the defensive steps security teams should take now.

Threat digests

Microsoft Patch Tuesday highlights: looking back at this week

A look back at this week’s Microsoft Patch Tuesday, with practical patching priorities for Windows defenders and security teams.

Threat digests

Looking Back at This Week in Linux Kernel CVEs and Exploitation

A weekly look at Linux kernel CVEs, exploitation trends, and practical defensive steps for patching, hardening, and reducing exposure.

Threat digests

macOS Malware Developments: Looking Back at This Week

A weekly look at macOS malware trends, attacker tactics, and practical defender priorities for security teams and IT admins.

Threat digests

Android Malware Developments: Looking Back at This Week

A weekly look at Android malware trends, banking trojans, smishing, and the practical mobile security controls defenders should review now.

Threat digests

Looking Back This Week: What iOS Spyware Means

A practical look at this week’s iOS spyware developments and what defenders should do now to reduce mobile and identity risk.

Threat digests

VPN Appliance Vulnerabilities: Looking Back at This Week’s Lessons

A look back at VPN appliance vulnerabilities this week, why edge devices keep failing, and what defenders should do next.

Threat digests

Looking Back at This Week in Firewall and Edge Device CVEs

A practical look back at this week's firewall CVEs, edge device risks, and the defensive actions security teams should prioritize now.

Threat digests

Kubernetes attack techniques in the wild this week

Kubernetes attack techniques seen in the wild this week, with practical lessons on exposed APIs, RBAC abuse, token theft, and persistence.

Threat digests

Container Escape Vulnerabilities: This Week’s Lessons

Container escape lessons from this week: attack patterns, misconfigurations, and practical steps to improve container and Kubernetes security.

Threat digests

Looking Back: OAuth and Token Theft Techniques

A weekly look at OAuth security, token theft, refresh token abuse, and practical steps defenders can take to reduce identity risk.

Threat digests

Looking Back: Session Hijacking and Cookie Theft

A weekly look at session hijacking and cookie theft, why stolen sessions still bypass controls, and what defenders should change now.

Threat digests

Ransomware-as-a-Service Leaks: Lessons for Defenders

What this week’s ransomware-as-a-service leaks reveal about affiliate operations, extortion tactics, and practical steps defenders should take.

Threat digests

Data Broker and Infostealer Ecosystem: Key Lessons

A practical review of the data broker ecosystem and infostealer malware, with risks, patterns, and defense steps for security teams.

Threat digests

AI-Assisted Phishing and Deepfake Fraud: Looking Back at This Week

This week in security: AI-assisted phishing and deepfake fraud are scaling social engineering. Here’s what changed and how defenders should respond.

Threat digests

Open Source Package Poisoning Lessons for Defenders

This week in open source package poisoning: recurring attacker patterns, defender blind spots, and practical software supply chain defenses.

Threat digests

CI/CD Pipeline Compromises: Lessons for Defenders

A look back at this week’s CI/CD pipeline security lessons, attacker patterns, and the practical defenses security teams should prioritize.

Threat digests

Edge Router Exploitation: Weekly Lessons

A practical look back at edge router exploitation this week, with key risks, recurring patterns, and concrete defensive actions.

Threat digests

Smart Home Device Vulnerabilities This Week

This week in smart home device vulnerabilities: weak auth, exposed services, stale firmware, and practical defenses for IoT security.

Threat digests

Automotive Cybersecurity Incidents This Week

A weekly look at automotive cybersecurity incidents, recurring attack patterns, and practical defenses for connected vehicles and fleets.

Threat digests

ICS/OT Attack Activity: Looking Back at the Week

A weekly look at ICS/OT attack activity, recurring intrusion patterns, and practical steps defenders can take now.

Threat digests

Healthcare Sector Cyber Incidents This Week

A weekly look at healthcare cyber incidents, recurring attack patterns, and the defense priorities security teams should act on now.

Threat digests

Education Sector Cyber Incidents: Looking Back at This Week

A weekly look at education sector cyber incidents, recurring attack patterns, and practical defenses for schools, colleges, and universities.