176 Security Blogs

Last Updated: 29 Mar 26 02:24 UTC

Blog List | Github | OPML

2026-03-28

watchTowr Labs
The Sequels Are Never As Good, But We're Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread)

ISC SANS
TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)


2026-03-27

Google Safety & Security
How Google Does It: An inside look at cybersecurity

Rapid7
Metasploit Wrap-Up 03/27/2026

Schneier on Security
Friday Squid Blogging: Bioluminescent Bacteria in Squid

Microsoft Security
How Microsoft Defender protects high-value assets in real-world attack scenarios

Dark Reading
China Upgrades the Backdoor It Uses to Spy on Telcos Globally

Dark Reading
Wartime Usage of Compromised IP Cameras Highlight Their Danger

Auth0
Unifying the Retail Customer Journey from Web to AI Agent with Auth0

ISC SANS
TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

Rapid7
Why CVSS is No Longer Enough for Exposure Management

Malwarebytes
Criminals are renting virtual phones to bypass bank security

Mend
Famous Telnyx Pypi Package compromised by TeamPCP

Dark Reading
Infrastructure Attacks With Physical Consequences Down 25%

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 13

Dark Reading
Google Sets 2029 Deadline for Quantum-Safe Cryptography

Cloudflare
How we use Abstract Syntax Trees (ASTs) to turn Workflows code into visual diagrams

Praetorian
Your API Has Authorization Bugs. Hadrian Finds Them.

Malwarebytes
Bogus Avast website fakes virus scan, installs Venom Stealer instead

NVISO Labs
Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism

Aikido
Popular telnyx package compromised on PyPI by TeamPCP

Moonlock
A new infostealer is targeting iPhones, evading built-in defenses

Moonlock
This malicious browser extension can infect a Mac via a PNG file

Moonlock
Apple brings Background Security Improvements to Mac and iPhone

Praetorian
Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem

ISC SANS
ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)

Moonlock
How to quickly get rid of adware on your Mac

Elastic Security Labs
Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER

Datadog HQ
Configuring JavaScript caches for better performance

Datadog HQ
Analyzing round trip query latency


2026-03-26

Amazon Security
Preparing for agentic AI: A financial services approach

Ars Technica Security
Internet Yiff Machine: We hacked 93GB of "anonymous" crime tips

Black Lantern Security
Amelia Booking Pro ≤ 9.1.2: Authenticated Customer-to-Admin Password Reset via IDOR

Dark Reading
Coruna, DarkSword & Democratizing Nation-State Exploit Kits

Dark Reading
Is the FCC's Router Ban the Wrong Fix?

Dark Reading
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles

Dark Reading
Critical Flaw in Langflow AI Platform Under Attack

Talos Intelligence
TP-Link, Canva, HikVision vulnerabilities

Talos Intelligence
A puppet made me cry and all I got was this t-shirt

ISC SANS
TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

Malwarebytes
Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka

Github Security Blog
A year of open source vulnerability trends: CVEs, advisories, and malware

Dark Reading
How Organizations Can Use Mistakes to Level Up Their Security Programs

Dark Reading
AI-Powered Dependency Decisions Introduce, Ignore Security Bugs

Synacktiv
Kubernetes forensics 1/3 : what the container ?

Malwarebytes
GlassWorm attack installs fake browser extension for surveillance

Rapid7
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

Bishop Fox Security
strongSwan CVE-2026-25075: Integer Underflow in VPN Authentication

Cloudflare
A one-line Kubernetes fix that saved 600 hours a year

Talos Intelligence
Talos Takes: 2025 insights from Talos and Splunk

Dark Reading
Intermediaries Driving Global Spyware Market Expansion

Moonlock
Can an iPhone get a virus or malware, and what are the signs?

Schneier on Security
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters

Malwarebytes
Landmark verdicts put Meta’s “addiction machine” platforms on trial

Searchlight Cyber
The Warning Signs Were There: How Credential Leaks and Dark Web Activity Foreshadowed the Stryker Breach

TrustedSec
Policy as Code: Stop Writing Policies and Start Compiling Them

Snyk
The 5 Principles of Snyk’s Developer Experience

ISC SANS
ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)

Elastic Security Labs
Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework

Datadog HQ
Monitor Nutanix clusters, hosts, and VMs with Datadog

Datadog HQ
Datadog achieves ISO 42001 certification for responsible AI

Datadog HQ
Introducing Bits AI Dev Agent for Code Security

Auth0
Breaking the "Identity Wall" with Tenancy-as-a-Service


2026-03-25

Dark Reading
At RSAC, the EU Leads While US Officials Are Sidelined

ISC SANS
Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)

Eclypsium
BTS #70 - How Cheap KVMs Could Be Your Network's Weak Link

ISC SANS
SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)

Malwarebytes
Hackers claim to have accessed data tied to millions of crime tipsters

Dark Reading
Blame Game: Why Public Cyber Attribution Carries Risks

Microsoft Security
Identity security is the new pressure point for modern cyberattacks

Ars Technica Security
Google bumps up Q Day deadline to 2029, far sooner than previously thought

Dark Reading
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam

Dark Reading
AI Dominates RSAC Innovation Sandbox

The Citizen Lab
Netanyahu Posts ‘Proof of Life’ Video: AI Sows Doubts About What’s Real

Dark Reading
SANS: Top 5 Most Dangerous New Attack Techniques to Watch

Malwarebytes
New FCC router ban could leave home networks less secure

Dark Reading
Why a 'Near-Miss' Database Is Key to Improving Information Sharing

Black Hills Info Sec
Lessons From A Chatbot Incident

Rapid7
From Vectors to Verdicts: Web App Testing with Vector Command

Varonis
Varonis Discovers Local File Inclusion in AWS Remote MCP Server via CLI Shorthand Syntax

Google Security Blog
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android

Google Safety & Security
Quantum frontiers may be closer than they appear

Dark Reading
AI-Native Security Is a Must to Counter AI-Based Attacks

Dark Reading
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks

Schneier on Security
Sen. Wyden Warns of Another Section 702 Abuse

Trail of Bits
Try our new dimensional analysis Claude plugin

Searchlight Cyber
You Don’t Have to Be Attacked to Be a Ransomware Victim

Malwarebytes
Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw

RME-DisCo Research Group
Uncovering Threats In The Wwindow NT Heap With Volatility 3

Dark Reading
Iran Hacktivists Make Noise but Have Little Impact on War

Snyk
From Discovery to Defense: Why AI Red Teaming Is the Next Step After AI-SPM

Praetorian
Which Came First: The System Prompt, or the RCE?

ISC SANS
ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)

Praetorian
Julius v0.2.0: From 33 to 63 Probes — Now Detecting Cloud AI, Enterprise Inference, and RAG Pipelines

Microsoft Security
Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Datadog HQ
Monitor Juniper Mist in Datadog

Datadog HQ
A new Host Map for modern infrastructure

Greynoise
Ghost Fleet: Half of All New Scanning IPs Last Week Geolocated to Hong Kong — Nearly None Completed a Connection


2026-03-24

Dark Reading
CSA Launches CSAI Foundation for AI Security

Dark Reading
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

Dark Reading
How AI Coding Tools Crushed the Endpoint Security Fortress

Rapid7
New Whitepaper: Exploiting Cellular-based IoT Devices

Mend
TeamPCP Supply Chain Attack Part 2: LiteLLM PyPI Credential Stealer

Microsoft Security
Governing AI agent behavior: Aligning user, developer, role, and organizational intent

Aikido
Aikido × Lovable: Vibe, Fix, Ship

Rapid7
Rapid7 Completes BSI C5 Type 2 Examination: Stronger Cloud Security for DACH Organizations

Praetorian
Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet

Searchlight Cyber
March 24th – This Week’s Top Cybersecurity and Dark Web Stories

Dark Reading
GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead

ISC SANS
Detecting IP KVMs, (Tue, Mar 24th)

Malwarebytes
FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts

Dark Reading
How a Large Bank Uses AI Digital Twins for Threat Hunting

Varonis
Applying Zero Trust to MCP in AI Systems

Eclypsium
Eclypsium Expands Its Supply Chain Security Platform Coverage to Enterprise-wide Hardware Infrastructure

Cloudflare
Sandboxing AI agents, 100x faster

Ars Technica Security
Self-propagating malware poisons open source software and wipes Iran-based machines

Dark Reading
Microsoft Proposes Better Identity, Guardrails for AI Agents

Malwarebytes
Scam compounds hiring “AI models” to seal the deal in deepfake video calls

Schneier on Security
Team Mirai and Democracy

Trail of Bits
Spotting issues in DeFi with dimensional analysis

Compass Security Blog
Common Entra ID Security Assessment Findings – Part 1: Foreign Enterprise Applications With Privileged API Permissions

Troy Hunt
Weekly Update 496

Moonlock
Beware of fake AI tools: How GhostClaw hijacks macOS

TrustedSec
Building a Detection Foundation: Part 4 - Sysmon

Moonlock
Atomic macOS stealer is mimicking an AI agent tool for Mac

Moonlock
Contagious Interview: How a job offer could infect your Mac

Moonlock
ClickFix scams evolve to infect Macs with infostealers

ISC SANS
ISC Stormcast For Tuesday, March 24th, 2026 https://isc.sans.edu/podcastdetail/9862, (Tue, Mar 24th)

Elastic Security Labs
Supercharge Your SOC

Elastic Security Labs
Streamlining the Security Analyst Experience

Elastic Security Labs
Security Automation with Elastic Workflows: From Alert to Response

Sansec Threat Research
Novel WebRTC skimmer bypasses security controls at $100+ billion car maker

Elastic Security Labs
Investigating from the Endpoint Across Your Environment with Elastic Security XDR


2026-03-23

Dark Reading
AI in the SOC: What Could Go Wrong?

Dark Reading
Trivy Supply Chain Attack Targets CI/CD Secrets

Dark Reading
Ransomware's New Era: Moving at AI Speed

Palo Alto Networks
Securing the Era of Agentic AI with Prisma SASE

Palo Alto Networks
The Cryptographic Reset Has Begun

Palo Alto Networks
Securing the AI Enterprise — Introducing Prisma AIRS 3.0

Ars Technica Security
After hackers hit an Iowa company, cars around the country failed to start

Dark Reading
CISOs Debate Human Role in AI-Powered Security

Amazon Security
IAM policy types: How and when to use them

Rapid7
CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read

Github Security Blog
GitHub expands application security coverage with AI‑powered detections

Microsoft Security
Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

Krebs on Security
‘CanisterWorm’ Springs Wiper Attack Targeting Iran

Malwarebytes
FriendlyDealer mimics official app stores to push unvetted gambling apps

Malwarebytes
The March Madness scam playbook

Dark Reading
Attackers Hide Infostealer in Copyright Infringement Notices

PT Swarm
Business, logic, and chains: unauthenticated RCE in Dell Wyse Management Suite

PT SWARM
Business, logic, and chains: unauthenticated RCE in Dell Wyse Management Suite

Cloudflare
Launching Cloudflare’s Gen 13 servers: trading cache for cores for 2x edge compute performance

Cloudflare
Inside Gen 13: how we built our most powerful server yet

Talos Intelligence
Beers with Talos breaks down the 2025 Talos Year in Review

Palo Alto Networks
Prisma Browser for Business — A Secure Workspace for Small Business

Malwarebytes
Advanced Flow will make Android sideloading safer

Talos Intelligence
2025 Talos Year in Review: Speed, scale, and staying power

The Citizen Lab
Canadians Will Face ‘Tsunami’ of Transnational Repression in Coming Years

Schneier on Security
Microsoft Xbox One Hacked

Synacktiv
Exploring cross-domain & cross-forest RBCD

Malwarebytes
A week in security (March 16 – March 22)

Snyk
Introducing Agent Security

Rosecurify
Seclog - #170

Datadog HQ
Explore Kubernetes with native OpenTelemetry data

Datadog HQ
What's new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations

Datadog HQ
Annotate traces to improve LLM quality with Datadog LLM Observability

Datadog HQ
Monitor Oracle Fusion Cloud Applications with Datadog

GMO Flatt Security Research
Remote Command Execution in Google Cloud with Single Directory Deletion

Flatt Security Research
Remote Command Execution in Google Cloud with Single Directory Deletion


2026-03-22

Malwarebytes
This is all it takes to stop a train (Lock and Code S07E06)

Aikido
CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran