On November 28, 2025, someone uploaded a PDF to VirusTotal. The filename was Invoice540.pdf. Thirteen of sixty-four antivirus engines flagged it. The other fifty-one saw a document.

Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.

The U.K. government confirmed on Thursday that anonymized health data from UK Biobank had been found listed for sale on Xianyu, a Chinese e-commerce platform owned by Alibaba. Three separate listin...

Pure-LLM CTFs are unreliable because model alignment training fights your characters. Pure-deterministic CTFs teach pattern matching, not attack patterns. Here's the hybrid approach the Wraith Academy uses, and why it took a few iterations to get there.

Introduction: Why This Exists

How nono records every action an AI agent makes in an append-only Merkle tree the agent itself cannot reach, and lets anyone verify after the fact — with cryptographic proof — that the record was not forged, edited, or truncated.

ShinyHunters claims sale of Anthropic Claude Mythos AI model data, including internal documents and alleged system access.

Cohere Terrarium (CVE-2026-5752) and OpenAI Codex CLI (CVE-2025-59532) are two instances of the same industry-wide failure: sandboxes built to contain LLM-generated code that can't actually contain it. A cross-CVE breakdown, the Pyodide architecture problem…

Bitwarden CLI v2026.4.0 compromesso in attacco supply chain: rubate credenziali e token. Primo caso documentato di violazione di npm Trusted Publishing: ecco c…

CISA aggiorna l'Emergency Directive 25-03 dopo il ritrovamento del malware FIRESTARTER su dispositivi Cisco. Violazione persistita da settembre 2025 a marzo 20…

Il cluster UNC6692 usa email bombing e impersonazione helpdesk su Teams per distribuire la suite malware SNOW. Il 77% dei target sono dipendenti senior. Ecco c…

L'app europea per la verifica dell'età online, presentata come soluzione definitiva, è stata hackerata in 2 minuti. Ecco le vulnerabilità emerse e i rischi per…

Rilevato exploit su LMDeploy CVE-2026-33626 a soli 12 ore e 31 minuti dal disclosure. L'attacco da IP 103.116.72.119 ha sfruttato una SSRF nella funzione load_…

A headless Arch server, a kernel update gone wrong, no physical access, and the most creative use of a Jellyfin plugin I’ve ever seen.

Patrick Fisher — SRE, DevOps, and Systems Engineer.

Explore STIX 2.1 threat intelligence bundles as interactive relationship graphs. Visualise threat actors, malware, campaigns, and attack patterns linked by relationships. Powered by CyberNetSec.io.

1,766 apps scanned. 457 CRITs. 7% of Lovable/Bolt apps have wide-open databases. YC companies: 0%.

This is ransomware — malware that encrypts your files and demands payment to unlock them. Hospitals, schools, businesses, and regular people lose billions annually to these attacks. The worst part? Paying doesn't guarantee you'll get your files back. Here's…

AI penetration testing agent that conducts professional-level security assessments. Autonomous exploitation, reconnaissance, and reporting with the expertise of experienced pentesters.