Content Paint
Search
Sign in
Membership

Security

vulnerabilities  | Dec 28, 2025
MongoBleed exploitation: Community rallies to deliver detection logic, tools
MongoBleed exploitation: Community rallies to deliver detection logic, tools

Detection "requires somewhat complex logic which could be tricky to port into most SIEM detection engines..."

 |  Security  | Dec 22, 2025
Cloudflare calls "code orange" to fix systems after big outages
A string of orange lights. Cloudflare implemented code orange procedures to fix its systems after two outages

CTO shares lessons in configuration management following two big outages.

Security  | Dec 18, 2025
Amazon says GRU seen targeting AWS-hosted edge appliances
Amazon says GRU seen targeting AWS-hosted edge appliances

"A clear evolution in tactics"

Security  | Dec 18, 2025
Critical Cisco vulnerability exploited. No patch yet. Attackers gain persistence
Critical Cisco vulnerability exploited. No patch yet. Attackers gain persistence

A technical support case revealed a remote exploit of web-exposed spam quarantine management to gain root.

 |  Security  | Dec 15, 2025
NCSC tests national-scale tripwires and honeypots in the UK
NCSC tests national-scale tripwires and honeypots in the UK

Underused honeypot, tripwire tools a "missed opportunity" says UK centre.

 |  Security  | Dec 12, 2025
Microsoft expands bug bounties to third-party, open source code
A fisherman throws a large net into the ocean. Microsoft's new bug bounty scheme will cover all online services

The "In Scope by Default" initiative casts a wide net covering bugs in all its online services.

 |  Security  | Dec 09, 2025
Remember Jeep? Porsches got remote-bricked too, in Russia
Remember Jeep? Porsches got remote-bricked too, in Russia

GPS-linked security systems are probably panicking due to jamming, but sanctions mean there is no post mortem coming.

 |  Security  | Dec 05, 2025
45-day certificates from May, says Let's Encrypt after dismantling OCSP
45-day certificates from May, says Let's Encrypt after dismantling OCSP

With 700 million websites affected, a TLS certificate monitoring service is a really good idea, Let's Encrypt tells us.

 |  Security  | Dec 04, 2025
We'll protect security researchers against ancient cyber laws, UK minister says
We'll protect security researchers against ancient cyber laws, UK minister says

Statutory defence – previously rejected as a loophole – is coming for 35-year-old law that chills vulnerability disclosure, says Dan Jarvis.

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.