Security List - 2026 2025 2024 2023 2021 2020 2019 2018
DATE | NAME |
Info | CATEG. |
WEB |
| 14.5.26 | [GUEST DIARY] Tearing apart website fraud to see how it works. | One day at work, a friend messaged me, “How do you check a website to see if it’s legit?” | Security | SANS |
| 13.5.26 | Proxying the Unproxyable? Sending EXE traffic to a Proxy | I had a recent engagement where I had to look at the network traffic generated by a Windows executable. Unfortunately, it was all TLS, and all TLS1.3 to boot. | Security | SANS |
| 12.5.26 | YARA-X 1.16.0 Release | YARA-X's 1.16.0 release brings 4 improvements and 4 bugfixes. | Security | SANS |
| 10.5.26 | Why More Analysts Won’t Solve Your SOC’s Alert Problem | Attackers move faster than overwhelmed SOC teams can realistically investigate alerts. Prophet Security breaks down how AI can help analysts investigate alerts faster and focus on real threats. | Security | BleepingComputer |
| 10.5.26 | The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls | Your security controls aren't failing, they're missing where most of today's work actually happens. Keep Aware shows how browser activity like copy/paste and AI prompts bypass traditional protections. | Security | BleepingComputer |
| 9.5.26 | The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss | Critical vulnerabilities can exist in open source software your scanners don't check. HeroDevs reveals how EOL software creates blind spots in CVE feeds and SCA tools, and how you can receive a free end-of-life scan for your projects. | Security | BleepingComputer |
| 5.5.26 | SSL.com rotates their root certificate today | I just got an email from SSL.com last night, they are rotating out their root certificate today (May 5,2026). This is normal, business as usual stuff for a CA, but certificates get used for all kinds of things, and sometimes they aren't used like they should be, so sometimes hiccups happen. | Security | SANS |
| 5.5.26 |
For me, this started with a post in X at hxxps://x.com/intcyberdigest/status/2051406295828250963?s=61 , which highlighted research by @L1v1ng0ffTh3L4N that found exactly this issue. |
Security | SANS | |
| 5.5.26 |
This week, I will release a few updates to our DShield honeypot. The update should happen automatically if you have "automatic updates" enabled on your system. There will be two major changes: Compatibility with Ubuntu 26.04 / new versions of Raspberry Pi OS |
Security | SANS | |
| 5.5.26 |
Wireshark release 4.6.5 fixes 43 vulnerabilities (38 CVEs) and 35 bugs. |
Security | SANS | |
| 3.5.26 | Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations | Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and speeding up investigations. | Security | BleepingComputer |
| 3.5.26 | What Happens in the First 24 Hours After a New Asset Goes Live | When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from discovery to compromise in under 24 hours. | Security | |
| 26.4.26 | DORA and operational resilience: Credential management as a financial risk control | Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missing. | Security | BleepingComputer |
| 26.4.26 | Regular Password Resets Aren’t as Safe as You Think | Password resets are one of the easiest ways for attackers to bypass security controls. Specops Software shows how helpdesk social engineering turns a seemingly legitimate reset request into full account compromise. | Security | |
| 23.4.26 | The backup myth that is putting businesses at risk | Backups protect data, but don't keep your business running during downtime. Datto shows why BCDR is essential to keep operations running during ransomware and outages. | Security | BleepingComputer |
| 19.4.26 | Signed software abused to deploy antivirus-killing scripts | A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and healthcare sectors. | Security | BleepingComputer |
| 19.4.26 | Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest | Microsoft has awarded $2.3 million to security researchers after receiving nearly 700 submissions during this year's Zero Day Quest hacking contest. | Security | |
| 19.4.26 | Rolling Networks: Securing the Transportation Sector | Modern trucks are rolling networks packed with sensors, connectivity, and attack surfaces, creating new cyber risks. NMFTA's Cybersecurity Conference brings industry leaders together to tackle emerging threats in transportation. | Security | |
| 14.4.26 | Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security | Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up | Security | The Hacker News |
| 11.4.26 | Number Usage in Passwords: Take Two | In a previous diary, we looked to see how numbers were used within passwords submitted to honeypots. One of the items of interest was how dates, and more specifically years, were represented within the data and how that changed over time. It is often seen that years and seasons are used in passwords, especially | Security | SANS |
| 6.4.26 | Residential proxies evaded IP reputation checks in 78% of 4B sessions | Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users. | Security | |
| 4.4.26 | Proton launches new "Meet" privacy-focused conferencing platform | Proton has announced a new video conferencing service named Meet and positioned it as a privacy-focused alternative to mainstream services like Google Meet, Zoom, and Microsoft Teams. | Security | |
| 28.3.26 | Firefox now has a free built-in VPN with 50GB monthly data limit | Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic. | Security | |
| 28.3.26 | Microsoft fixes bug causing Classic Outlook sync issues with Gmail | Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization and connection problems for classic Outlook users. | Security | |
| 28.3.26 | Zero Trust: Bridging the Gap Between Authentication and Trust | Passing MFA doesn't mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains why Zero Trust must verify both user identity and device health. | Security | |
| 22.3.26 | Google adds ‘Advanced Flow’ for safe APK sideloading on Android | Google has announced a new mechanism in Android called Advanced Flow that will allow sideloading APKs from unverified developers for power users in a more secure way. | Security | |
| 22.3.26 | 7 Ways to Prevent Privilege Escalation via Password Resets | Password resets are often weaker than login security, making them a prime target for privilege escalation. Specops Software explains how attackers abuse reset workflows and how to secure them. | Security | |
| 19.3.26 | Betterleaks, a new open-source secrets scanner to replace Gitleaks | A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. | Security | |
| 15.3.26 | From VMware to what’s next: Protecting data during hypervisor migration | Hypervisor migrations can introduce hidden risks that threaten data availability and recovery. Acronis explains why verified backups and cross-platform recovery are essential during VMware transitions. | Security | |
| 12.3.26 | Why Password Audits Miss the Accounts Attackers Actually Want | Password audits often focus on complexity rules but miss the accounts attackers actually target. Specops Software explains how breached passwords, orphaned users, and service accounts can leave organizations exposed. | Security | |
| 8.3.26 | Microsoft 365 Backup to add file-level restore for faster recovery | Microsoft will soon begin rolling out a significant upgrade to Microsoft 365 Backup to speed up recovery by allowing administrators to restore individual files and folders. | Security | |
| 7.3.26 | Fake LastPass support email threads try to steal vault passwords | Password management software provider LastPass is warning users of a phishing campaign targeting its users with fake unauthorized account access alerts. | Security | |
| 5.3.26 | Google Chrome shifts to two-week release cycle for increased stability | Google Chrome will shift from a four-week to a two-week release cycle to roll out new features, bug fixes, and performance improvements more frequently. | Security | |
| 28.2.26 | When identity isn’t the weak link, access still is | Stolen tokens and compromised devices let attackers reuse trust without breaking authentication. Specops Software explains why identity alone isn't enough and how continuous device verification strengthens Zero Trust. | Security | |
| 22.2.26 | Why the shift left dream has become a nightmare for security and developers | The "shift left" approach has increased pressure on developers, as speed demands override security checks in modern CI pipelines. Qualys explains how analyzing 34,000 public container images revealed 7.3% were malicious and why security must be enforced at the infrastructure layer by default. | Security | |
| 21.2.26 | Spain orders NordVPN, ProtonVPN to block LaLiga piracy sites | A Spanish court has granted precautionary measures against NordVPN and ProtonVPN, ordering the two popular VPN providers to block 16 websites that facilitate piracy of football matches. | Security | |
| 21.2.26 | Notepad++ boosts update security with ‘double-lock’ mechanism | Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that resulted in a supply-chain compromise. | Security | |
| 21.2.26 | What 5 Million Apps Revealed About Secrets in JavaScript | Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 million applications specifically looking for secrets hidden in JavaScript bundles. Here's what we learned. | Security | |
| 18.2.26 | Notepad++ v8.9.2 release - Double‑Lock Update Security | “the XML returned by the update server is now signed (XMLDSig), and the certificate & signature verification will be enforced starting with upcoming v8.9.2, expected in about one month.“ | Security | NOTEPAD |
| 15.2.26 | Bitwarden introduces ‘Cupid Vault’ for secure password sharing | Bitwarden has launched a new system called 'Cupid Vault' that allows users to safely share passwords with trusted email addresses. | Security | |
| 8.2.26 | OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills | OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to | Security | The Hacker News |
| 8.2.26 | When cloud logs fall short, the network tells the truth | Cloud logs can be inconsistent or incomplete, creating blind spots as environments scale and change. Corelight shows how network-level telemetry provides reliable visibility when cloud logs fall short. | Security | |
| 4.2.26 | Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions | The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio | Security | The Hacker News |
| 3.2.26 | 6 Okta security settings you might have overlooked | Okta misconfigurations can quietly weaken identity security as SaaS environments evolve. Nudge Security shows six Okta security settings teams often overlook and how to fix them. | Security | |
| 25.1.26 | Why Active Directory password resets are surging in hybrid work | Hybrid work has driven a surge in Active Directory password resets, turning minor lockouts into major productivity drains. Specops shows why remote access, cached credentials, and security policies are fueling the spike. | Security | |
| 25.1.26 | Make Identity Threat Detection your security strategy for 2026 | Identity-based attacks are one of the primary paths attackers use to breach corporate networks. Tenfold shows how Identity Threat Detection helps spot suspicious account activity before real damage occurs. | Security | |
| 17.1.26 | Target employees confirm leaked source code is authentic | Multiple current and former Target employees confirmed that leaked source code samples posted by a threat actor match real internal systems. The company also rolled out an "accelerated" lockdown of its Git server, requiring VPN access, a day after being contacted by BleepingComputer. | Security | |
| 17.1.26 | 'Bad actor' hijacks Apex Legends characters in live matches | Apex Legends players over the weekend experienced disruptions during live matches as threat actors hijacked their characters, disconnected them, and changed their nicknames. | Security | |
| 11.1.26 | Email security needs more seatbelts: Why click rate is the wrong metric | Click rate misses the real email security risk: what attackers can do after they access a mailbox. Material Security explains why containment and post-compromise impact matter more than phishing metrics. | Security | |
| 10.1.26 | Texas court blocks Samsung from tracking TV viewing, then vacates order | The State of Texas obtained a short-lived, temporary restraining order (TRO) against Samsung that prohibited the South Korean company from collecting audio and visual data about what Texas consumers are watching on their TVs. | Security | |
| 10.1.26 | ownCloud urges users to enable MFA after credential theft reports | File-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using compromised credentials from stealing their data. | Security | |
| 10.1.26 | Microsoft cancels plans to rate limit Exchange Online bulk emails | Microsoft announced today that it has canceled plans to impose a daily limit of 2,000 external recipients on Exchange Online bulk email senders. | Security | |
| 3.1.26 | NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices | NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices | Security |