Content Paint
Search
Sign in
Membership

Security

Security  | Jun 17, 2025
MongoDB open-sources “Kingfisher” secrets scanner
MongoDB open-sources “Kingfisher” secrets scanner

Built on forked and updated “Nosey Parker” and faster than TruffleHog or Gitleaks says security engineer

 |  Security  | Jun 10, 2025
Patch Tuesday: Another MSHTML zero day exploited
Patch Tuesday: Another MSHTML zero day exploited

Attackers are going after high-profile targets in the government and defense sectors, with phishing campaigns that use WebDAV and LOLBins to deploy malware

Security  | Jun 09, 2025
"Absurd" 12-step malware dropper spotted in malicious npm packages
"Absurd" 12-step malware dropper spotted in malicious npm packages

Supply chain attack effort used steganography, a "dizzying wall of Unicode characters" and more.

 |  Security  | Jun 06, 2025
CVSS 9.9. Static credentials. In your cloud. Cisco WTF, again?
CVSS 9.9. Static credentials. In your cloud. Cisco WTF, again?

Cisco’s “zero trust” security software just hurt your cloud security, because it can’t stop shipping products with static credentials

 |  Security  | Jun 06, 2025
Google slams Meta for "blatant" violation of security principles via "Localmess"
An illustration showing how the Meta Pixel used SDP Munging to insert the _fbp cookie information into to the SDP "ice-ufrag" field.

"Current privacy controls (e.g., sandboxing approaches, mobile platform and browser permissions, web consent models, incognito modes, resetting mobile advertising IDs, or clearing cookies) are insufficient to control and mitigate it."

Security  | Jun 05, 2025
Vicious vishers villainise ventures via… Salesforce?
Vicious vishers villainise ventures via… Salesforce?

Little sh*ts use social engineering techniques to get Salesforce extension "Data Loader" installed then plunder material from targets.

 |  mícrosoft  | Jun 04, 2025
Microsoft, Crowdstrike sync up on 'confusing' threat naming system
Two arms with different watches on them showing a similar time. Microsoft and Crowdstrike will improve alignment of their threat actor naming systems.

No more, 'where have I seen this before?'

 |  Security  | Jun 02, 2025
US bankers to SEC: Stop making us report cyber incidents
US bankers to SEC: Stop making us report cyber incidents

Let us choose when and what to disclose...

mícrosoft  | May 28, 2025
New Russian threat actor seen plundering NATO member email accounts
New Russian threat actor seen plundering NATO member email accounts

Microsoft Graph API abuse, again...

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.