Double Pulsar
Cybersecurity industry overreacts to React vulnerability, starts panic, burns own house down again
Small numbers of Notepad++ users reporting security woes
What organisations can learn from the record breaking fine over Capita’s ransomware incident
CyberSlop — meet the new threat actor, MIT and Safe Security
Microsoft builds on Recall with Gaming Copilot — fails basic privacy tests
Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail
The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic…
Citrix Netscaler backdoors — Part One — May 2025 activity against governments
Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025
Colt Technology Services gets ransomware’d via SharePoint initial access— some learning points
CitrixBleed 2 situation update — everybody already got owned
CitrixBleed 2 exploitation started mid-June — how to spot it
CitrixBleed 2: Electric Boogaloo — CVE-2025–5777
Big Game Ransomware: the myths experts tell board members
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability
Microsoft Recall on Copilot+ PC: testing the security and privacy implications
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
No, there isn’t a world ending Apache Camel vulnerability
Cybersecurity from the trenches, written by Kevin Beaumont. Opinions are of the author alone, not their employer. - Medium