2026-03-19
2026-02-20
Schneier on Security
Friday Squid Blogging: Squid Cartoon
Amazon Security
AI-augmented threat actor accesses FortiGate devices at scale
Krebs on Security
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
Dark Reading
Latin America's Cyber Maturity Lags Threat Landscape
Schneier on Security
Ring Cancels Its Partnership with Flock
Elastic Security Labs
The Immutable Illusion: Pwning Your Kernel with Cloud Files
Teleport Blog
How to Secure Microservices with SPIFFE and Istio
Sansec Threat Research
Digital skimmer hits global supermarket chain
Elastic Security Labs
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
2026-02-19
Eclypsium
Eclypsium @ RSAC 2026
Dark Reading
Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA
Zero Day Initiative
CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad
Dark Reading
Abu Dhabi Finance Week Exposed VIP Passport Details
Talos Intelligence
Using AI to defeat AI
The Citizen Lab
Submissions to the Committee on Enforced Disappearances: And the UN Working Group on Enforced and Involuntary Disappearances
Praetorian
Praetorian Guard finds critical flaws in OpenClaw – And What It Means for Your Software Supply Chain
Auth0
How Advanced Customizations for Universal Login (ACUL) Helps You Build Seamless Auth Experiences
Google Security Blog
Keeping Google Play & Android app ecosystems safe in 2025
Microsoft Security
New e-book: Establishing a proactive defense with Microsoft Security Exposure Management
Google Safety & Security
We’re sharing how we kept the Google Play and Android app ecosystems safe in 2025.
Microsoft Security
Running OpenClaw safely: identity, isolation, and runtime risk
Malwarebytes
AI-generated passwords are a security risk
Bishop Fox Security
AI & Security Risks: Reviewing Governance and Guardrails
Schneier on Security
Malicious AI
Malwarebytes
Intimate products maker Tenga spilled customer data
Dark Reading
More Than 40% of South Africans Were Scammed in 2025
TrustedSec
Notepad++ Plugins: Plug and Payload
2026-02-18
Dark Reading
Threat Intelligence Has a Human-Shaped Blind Spot
Dark Reading
Dell's Hard-Coded Flaw: A Nation-State Goldmine
Searchlight Cyber
February 18th – This Week’s Top Cybersecurity and Dark Web Stories
Black Hills Info Sec
OSINT: How to Find, Use, and Control Open-Source Intelligence
Schneier on Security
AI Found Twelve New Vulnerabilities in OpenSSL
Trail of Bits
Carelessness versus craftsmanship in cryptography
Talos Intelligence
“Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities
Sansec Threat Research
Building a faster YARA engine in pure Go
Elastic Security Labs
Speeding APT Attack Confirmation with Attack Discovery, Workflows, and Agent Builder
2026-02-17
Dark Reading
RMM Abuse Explodes as Hackers Ditch Malware
Ars Technica Security
Password managers' promise that they can't see your vaults isn't always true
Malwr Analysis
Kraken Darknet Access via Clearnet Gateways
Google Safety & Security
Resilience in the AI era: Google at MSC 2026
Malwarebytes
Chrome “preloading” could be leaking your data and causing problems in Browser Guard
Offensive Security
Building an AI-Ready Cybersecurity Team
Microsoft Security
Unify now or pay later: New research exposes the operational cost of a fragmented SOC
Searchlight Cyber
‘Supergroups’ to Shadow Exposure: Insights from Ransomware’s Record Year
Palo Alto Networks
Securing the Agentic Endpoint
Schneier on Security
Side-Channel Attacks Against LLMs
Palo Alto Networks
Introducing Unit 42 Managed XSIAM 2.0
Palo Alto Networks
2026 Unit 42 Global Incident Response Report — Attacks Now 4x Faster
Malwarebytes
Hobby coder accidentally creates vacuum robot army
Eye Security
Log poisoning in AI agents: The OpenClaw case
Eye Security Research
Log Poisoning in OpenClaw
Troy Hunt
Weekly Update 491
Infernux Blog
Defender XDR - Custom Detection Rules PowerShell Module
2026-02-16
Amazon Security
Building an AI-powered defense-in-depth security architecture for serverless microservices
Schneier on Security
The Promptware Kill Chain
Malwarebytes
A week in security (February 9 – February 15)
MaskRay's Blog
Call relocation types