Double Pulsar
CitrixBleed 2 exploitation started mid-June — how to spot it
CitrixBleed 2: Electric Boogaloo — CVE-2025–5777
Big Game Ransomware: the myths experts tell board members
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability
Microsoft Recall on Copilot+ PC: testing the security and privacy implications
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
No, there isn’t a world ending Apache Camel vulnerability
Use one Virtual Machine to own them all — active exploitation of ESXicape
2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.
Handala attempts a supply chain hack via ReutOne
Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs
Hacker group Handala Hack Team claim battery explosions linked to Israeli battery company.
CrowdStrike trying to use legal threats to suppress criticism and parody of global IT outage
Microsoft need to be transparent about customer impacting DDoS attacks
What I learned from the ‘Microsoft global IT outage’
Snowflake at centre of world’s largest data breach
Recall: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible.
Cybersecurity from the trenches, written by Kevin Beaumont. Opinions are of the author alone, not their employer. - Medium