Ryan Naraine

San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks.

Former RNC official Sean Cairncross has been nominated for the post of National Cyber Director to streamline the US cybersecurity strategy.

Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.

CyberArk acquires early stage Boston startup Zilla Security for $165M, expanding its identity security and IGA capabilities.

QuSecure is pitching a software-based security architecture that overlays onto current networks to help businesses with PQC migration.

The Microsoft Patch Tuesday machine hummed loudly this month with urgent fixes for a pair of already-exploited Windows zero-days.

Patch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.

Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.” 

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this...

Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product.

VMware calls attention to patches for multiple 'high-risk' security defects in its Aria Operations and Aria Operations for Logs products.

Seraphic Security banks $29 million investment as VCs remain bullish on startups with security-themed browsers for corporate defenders.

GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available.

VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access.

The US government shared exploit chains, IOCs and post-incident forensics data to help network defenders hunt for signs of Chinese hacking gangs.

The Trump administration has disbanded the Cyber Safety Review Board (CSRB), ending one of the few bright spots at CISA.

Part entrepreneurial adventure, part security history, Bernardo Quintero's 'Infected' documents how the VirusTotal side project became a threat-intel cornerstone.

Microsoft researchers catches Russia's Star Blizzard hackers spear-phishing with QR codes and WhatsApp group chats.

Law enforcement turns the PlugX malware’s own self-delete mechanism against it, nuking the China-linked trojan from thousands of US machines.

Patch Tuesday: Adobe ships patches for more than a dozen security defects in a wide range of software products.