IETF: Security Operations Fundamentals and Guidance

Tracking DPRK operator IPs over time

ResidentBat: Belarusian KGB Android Spyware at Internet Scale - Censys

New Dohdoor malware campaign targets education and health care

Abusing .arpa: The TLD That Isn’t Supposed to Host Anything

Abusing Cortex XDR Live Terminal as a C2

OCRFix: Botnet Trojan delivered through ClickFix and EtherHiding

Blocking Some On-Demand Issuance Caused by Internet Scanning

Disrupting the GRIDTIDE Global Cyber Espionage Campaign | Google Cloud Blog

Scattered Lapsus$ Hunters Recruiting Women for Operations

Diesel Vortex: Inside the Russian cybercrime group targeting US & EU freight

AutoPiff: Semantic analysis engine for detecting vulnerability fixes in Windows kernel driver patches — 58 YAML rules, Ghidra decompilation, reachability tracing, and scoring

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 - correlated it with an observed in-the-wild exploit attributed to the Russian state-sponsored threat actor APT28.

Chronology of MuddyWater APT Attacks Targeting the Middle East

Exploitation of Cisco Catalyst SD-WAN

Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack

Deputising UK Counter-Cybercrime Operations

North Korean Lazarus Group Now Working With Medusa Ransomware

Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools

Attacks on telecommunications companies in Kyrgyzstan and Tajikistan have been detected - Attacks on telecommunications companies in Kyrgyzstan and Tajikistan have been detected.