Ryan Naraine

The CISA public clarification follows news the Trump administration is temporarily pausing offensive cyber operations against Moscow.

Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite’s mobile forensic tools to spy on a Serbian student activist.

Dreadnode is building “offensive machine learning” tools to safely simulate how AI models might be exploited in the wild.

Seattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors.

Apple says it can no longer offer end-to-end encrypted cloud backups in the UK and insists it will never build a backdoor or master...

Cisco Talos observed Chinese hackers pivoting from a compromised device operated by one telecom to target a device in another telecom.

China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers.

Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations.

San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks.

Former RNC official Sean Cairncross has been nominated for the post of National Cyber Director to streamline the US cybersecurity strategy.

Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.

CyberArk acquires early stage Boston startup Zilla Security for $165M, expanding its identity security and IGA capabilities.

QuSecure is pitching a software-based security architecture that overlays onto current networks to help businesses with PQC migration.

The Microsoft Patch Tuesday machine hummed loudly this month with urgent fixes for a pair of already-exploited Windows zero-days.

Patch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.

Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.” 

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this...

Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product.

VMware calls attention to patches for multiple 'high-risk' security defects in its Aria Operations and Aria Operations for Logs products.

Seraphic Security banks $29 million investment as VCs remain bullish on startups with security-themed browsers for corporate defenders.