Search
Trenchant
Matthias Frielingsdorf on the mysterious Coruna iOS exploit kit discovery
Threat Hunter Greg Linares on the modern ransomware playbook
War in Iran
GitLab doxxes North Korea .gov hackers; fresh Ivanti zero-days; AI addiction and human purpose
Palo Alto and the uncomfortable politics of APT attribution
From Epstein to Notepad++: Redactions
A destructive cyberattack in Poland raises NATO 'red-line' questions
Cheap
Google Pixel 'zero-click' exploit caused by AI
Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts?
A special mailbag episode with book recommendations
Quiet Wins
What's behind US gov push to 'privatize' offensive cyber operations?
Legal corruption
APTs pounce on React2Shell; BRICKSTORM backdoors; .gov surveillance
Shai-Hulud 2.0
Gemini 3 reactions
Anthropic Claude Code automating APT hacks
LIVE from Ring0 COUNTERMEASURE: Google v FFmpeg
OpenAI’s Dave Aitel talks Aardvark
Apple’s iOS forensics freeze
JAGS LABScon 2025 keynote: Steps to an ecology of cyber
Apple Exploit-Chain Bounties
Chris Eng on lessons learned from the NSA
Oracle cl0p ransomware crisis
Cisco firewall zero-days and bootkits in the wild
Live at LABScon: Lindsay Freeman on tracking Wagner Group war crimes
Live at LABScon: Visi Stark shares memories of creating the APT1 report
Live at LABScon: Aurora Johnson and Trevor Hilligoss on China's 'internet toilets'
Can Apple's New Anti-Exploit Tech Stop iPhone Spyware Attacks?
Salt Typhoon IOCs
Zero-day reality check: iOS exploits
On AI’s future
Live from Black Hat: Brandon Dixon parses the AI security hype
Rethinking APT Attribution: Dakota Cary on Chinese Contractors and Espionage-as-a-Service
Microsoft Sharepoint security crisis: Faulty patches
Train brake hack
How did China get Microsoft's zero-day exploits?
Who’s hacking who? Ivanti 0-days in France
Israel-Iran cyberwar: Predatory Sparrow
Cyber flashpoints in Israel-Iran war
Mikko Hypponen talks drone warfare
The dark hole of 'friendlies' and Western APTs
Russia hacks Ukraine war supply lines
A Coinbase breach with bribes
JAGS keynote: The intricacies of wartime cyber threat intelligence
Signalgate redux
Thomas Rid joins the show: AI consciousness
China doxxes NSA
NSA director fired
Signalgate and ID management hiccups
China exposing Taiwan hacks
A half-dozen Microsoft zero-days
Revisiting the Lamberts
Lazarus ByBit $1.4B heist was supply chain attack on developer
North Korea's biggest ever crypto heist: $1.4B stolen from Bybit
An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug
Unpacking the UK government's secret iCloud backdoor demand
Inside the DeepSeek AI existential crisis
Death of the CSRB
Inside the PlugX malware removal operation
Hijacking .gov backdoors
US Treasury hacked via BeyondTrust
Palo Alto network edge device backdoor
US government's VPN advice
Surveillance economics
Inside the Turla Playbook: Hijacking APTs and fourth-party espionage
Volexity’s Steven Adair on Russian Wi-Fi hacks
Sid Trivedi on the RSA Innovation Sandbox $5 million investment gambit
Russian APT weaponized nearby Wi-Fi networks in DC
What happens to CISA now? Is deterrence in cyber possible?
Mysterious rebooting iPhones
The Sophos kernel implant
Fortinet 0days
ESET Israel wiper malware
Typhoons and Blizzards: Cyberespionage and national security on front burner
Careto returns
Exploding beepers
Ep13: The Consolation of Threat Intel (JAG-S LABScon keynote)
Ep12: Security use-cases for AI chain-of-thought reasoning
Ep11: Cyberwarfare takes an ominous turn
Ep10: Volt Typhoon zero-day
Ep9: The blurring lines between nation-state APTs and the ransomware epidemic
Ep8: Microsoft's zero-days and a wormable Windows TCP/IP flaw known to China
Ep7: Crowd2K and the kernel
Ep6: After CrowdStrike chaos
Ep5: CrowdStrike's faulty update shuts down global networks
Ep4: The AT&T mega-breach
Ep3: Dave Aitel joins debate on nation-state hacking responsibilities
Ep2: A deep-dive on disrupting and exposing nation-state malware ops
Ep1: The Microsoft Recall debacle
Cris Neckar on the early days of securing Chrome
Costin Raiu joins the XZ Utils backdoor investigation
Katie Moussouris on building a different cybersecurity businesses
Costin Raiu: The GReAT exit interview
Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackers
Allison Miller talks about CISO life
Rob Ragan on the excitement of AI solving security problems
Seth Spergel on venture capital bets in cybersecurity
Dan Lorenc on fixing the 'crappy' CVE ecosystem
Cisco Talos researcher Nick Biasini on chasing APTs
Allison Nixon on disturbing elements in cybercriminal ecosystem
Dakota Cary on China's weaponization of software vulnerabilities
Abhishek Arya on Google's AI cybersecurity experiments
Dr Sergey Bratus on the 'citizen science' of hacking
DARPA's Perri Adams on CTF hacking
Ryan Hurst on tech innovation and unsolved problems in security
Jason Chan on Microsoft's security problems
GitHub security chief Mike Hanley on secure coding
Jason Shockey
Federico Kirschbaum on a life in the Argentina hacking scene
Kymberlee Price reflects on life at the MSRC
OpenSSF GM Omkhar Arasaratnam on open-source software security
Serial entrepreneur Rishi Bhargava on building another cybersecurity company
Claude Mandy on CISO priorities
Sidra Ahmed Lefort dishes on VC investments and cyber uncertainties
Paul Roberts on wins and losses in the 'right to repair' battle
Katie Moussouris on where bug bounties went wrong
Robinhood CSO Caleb Sima on a career in the security trenches
Charlie Miller on hacking iPhones
JAG-S on big-game malware hunting and a very mysterious APT
Chainguard's Dan Lorenc gets real on software supply chain problems
Vinnie Liu discusses a life in the offensive security trenches
Down memory lane with Snort and Sourcefire creator Marty Roesch
Subbu Rama
Project Zero's Maddie Stone on the surge in zero-day discoveries
Prof. Mohit Tiwari on the future of securing data at scale
Google's Shane Huntley on zero-days and the nation-state threat landscape
Lamont Orange
Haroon Meer on the business of cybersecurity
Tony Pepper
Microsoft's Justin Campbell on offensive security research
Costin Raiu on the .gov mobile exploitation business
Amanda Gorton
Intel's Venky Venkateswaran on hardware-enabled security
Sounil Yu on SBOMs
Algirde Pipikaite
Josh Schwartz on red-teaming and proactive security engineering
Michael Laventure
Google's Heather Adkins on defenders playing the long game
Collin Greene
Alex Matrosov on the state of security at the firmware layer
Charles Nwatu
Doug Madory on the mysterious AS8003 global routing story
Crossbeam CISO Chris Castaldo on securing the start-up
Shubs Shah on finding riches (and lessons) from bug bounty hacking
Fahmida Rashid
Microsoft's David Weston on the surge in firmware attacks
Lena Smart
Patrick Howell O'Neill
Nico Waisman
Ron Brash on the water plant hacks and the state of ICS security
Throwback: Zero-day exploit broker Chaouki Bekrar
Selena Larson
Fredrick Lee
Zack Whittaker
Jason Chan
Andy Greenberg
Matt Honea
Brooke Pearson
Tim MalcomVetter
Matt Suiche
Jaime Blasco
Collin Mulliner
Michael Piacente
Dave Aitel
Sounil Yu
Andy Ellis
Costin Raiu
Josh Lefkowitz
Christine Gadsby
Chad Loder
Chris Castaldo
Wim Remes
Dan Hubbard
David Weston
Rich Seiersen
Andrew Morris
Yoav Leitersdorf
Juan Andrés Guerrero-Saade
Robert M. Lee
Brandon Dixon
Ryan Huber
Ivan Arce
Sinan Eren
Stephen Ridley
Mischel Kwon
Rick Holland
Thomas Ptacek
Zane Lackey
Haroon Meer
David (int eighty)
Dennis Fisher
Tim Maurer
Will Lin
Pete Chronis
Brad Arkin
Aanchal Gupta
Tom Conklin
John Terrill
Christopher Ahlberg
Masha Sedova
Paul Roberts
Dino Dai Zovi
Sharon Anolik
Kim Zetter
Kelly Jackson Higgins
Katie Moussouris
@Stake
0day
Aardvard
Aardvark
active-defense
activists
advisory boards
africa
agentic AI
AI
AI Cyber Challenge
AI models
AI Private Compute
AI tools
airport disruptions
AIVD
AIxCC
Akamai
akira
Amazon
amd
Amnesty International
AMP
android
anonymity
ANSSI
Anthropic
anti-drone
anti-exploitation
anti-virus
antitrust
antivirus
Antiy
Appin
Apple
Apple iOS
appliances
appsec
APT
APT 28
APT 41
APT attribution
APT groups
APT names
APT-naming
APT1
APT15
APT28
APT29
APT29 Cyber Attacks
APT29 tactics
apt31
APT45
APTs
Arctic Wolf
argentina
Artifical Intelligence
artificial intelligence
as8003
ASA
AT&T
AT&T breach
AT&T data breach
Atlantic Council
attack surfaces
attribution
Aurora
automation
autonomous warfare
Azimuth
backdoor
balkanid
Balkanization
Bard
Barracuda
Belarus
Berserk Bear
BeyondCorp
BeyondTrust
BGP
BGP hijacking
Big Sleep
BigSleep
Binarly
binary
bios
bitcoin
Bitcoin attacks
BitLocker
black hat
Black Hat Asia
Black Lambert
Black Lotus Labs
blackberry
blackout
blue screens
blue team
bluetooth
book club
book recommendations
bootkit
bootkits
Bootkitty
breach detection
Brickstorm
browser extensions
browsers
BSOD
bug bounties
bug bounty
bugbounty
Bunnie Huang
business continuity
ByBit
Calisto
Canada
canaries
candiru
Career
career guidance
Careto
Cellebrite
CET
Chainguard
Charming Kitten
ChatGPT
ChatGPT5
Check Point
Chengdu
Chevron deference
China
Chinese APTs
Chinese cyber actors
Chinese surveillance
chip backdoor
Chris Eng
chrome
Chrome Flex OS
CIA
CISA
Cisco
Cisco Talos
CISO
CISO ethics
CISO liability
CISO movements
CISOs
Citizen Lab
Claude
Claude Code
client security
Cloudflare
CN-CERT
code quality
codecov
Codex
Codex Security
coinbase
community building
compliance
condor
Contageous Interview
continuous testing
core security
corellium
corona virus
corporate relationships
corporate responsibility
coruna
covid
credential theft
crisis management
critical infrastructure
crowdstrike
crypto
cryptocurrency
cryptojacking
csam
CSRB
CTI
cURL
CVE
CVE-2025-55182
CVE-2025-59287
CVE-2026-22769
CVE‑2025‑14847
Cyber Command
cyber espionage
cyber norms
cyber offense
cyber operations
Cyber threat indicators
cyber threats
cyber warfare
cyber-insurance
CyberCommand
cybercrime
cyberespionage
Cyberhaven
cybernetics
cybersecurity
cybersecurity business
cybersecurity challenges
Cybersecurity Threats
CyberThreat
cyberwar
Cyberwarcon
Dan Geer
dan kaminsky
Dark Reading
DARPA
Dartmouth
data guard
data privacy
data security
data sharing
Dave Aitel
Davos
deepfake
DeepSeek
DEF CON CTF
DEFCAMP
Defcon
Dell
detection
detection update
Deutsche Bahn
digital escorts
digital security
digital trust
diplomacy
disclosure
disinformation
disrupting nation-state operations
diversity
Doppelganger
doxxing
drone
drone swarms
drone technology
drones
dspm
Duqu
Dutch Intel
Dutch MIVD AIVD
eclypsium
edge devices
EDR
EDR software
ekoparty
El Paso
election interference
elections
email
email security
emulation
encryption
end-of-life devices
Engagement
ENISA
entrepreneurship
Equation
ESET
espionage
Espionage and Cyber Warfare
Estonia
Europe
Exchange
Executive Order
exploit brokers
exploit kit
exploit reuse
exploit sales
exploitability
exploitation techniques
exploits
FAA
facebook
fake IT workers
Fancy Bear
FBI
FBI CISA report
FCC
FFmpeg
Fire ANT
firewall
firewall devices
firewall vulnerabilities
firmware
FirstWap
FOMO Typhoon
Fortinet
Foundation Capital
France
Fraud Prevention
FSB
funding
FWHunt
Gemini
gen-AI
generative ai
Geneva Convention
geopolitics
Germany
Ghost Emperor
gig economy
GitHub
GitHub Actions
GitLab
global conflicts
global routing
Goblin Rat
godaddy
google
Google breakup
google project zero
gov shutdown
government regulations
GrapheneOS
GReAT
greg linares
GreyNoise
Group 78
groups
GRU
GTIG
h2c smuggling
hack-for-hire
hacking
hacking back
HackingTeam
hacktivism
HAFNIUM
Hamas
Hamid Kashfi
hardware
hardware security
hardware trust
Hegseth
HexRays
hiring
Hitcon
hot wallet
Houken
huntress
hybrid war
i-Soon
ICC
iCloud
ics
IDA Pro
Identity and Access
ids
iga
IIS
ImageIO
implants
incident response
India
influence operations
information sharing
infrastructure attacks
innovation
insider threats
insurance
intel
Intellexa
intelligence agencies
International Criminal Court
internet backbone
Internet Explorer
Internet Toilets
Intrusion Logging
Intrusion Truth
investments
investments and exits
IOCs
iOS
iOS 14.5
iOS 18.2
iOS 18.3.2
iOS 18.6.2
iOS 26
ios 26.3
iOS exploitation
iOS malware
ios self-driving cars
iOS vulnerabilities
IOT
IP theft
iphone
ips
ipv4
IPv6
Iran
Iran Israel
Iranian hacking
ISoon leaks
Israel
Ivanti
iVerify
Jackpot Panda
JAGS
Japan
jeep
Jen Easterly
JetBrains TeamCity vulnerability
jiu-jitsu
jobs market
journalism
JP Morgan Chase
Jun OS
Juniper
Kaspersky
key management
keynote
Keywords cybersecurity
Kim Zetter
kinetic
KittenBusters
KnownSec
L3 Harris
L3Harris
Lab Dooktegan
Lab Dooktegen
labscon
Lambert
Landfall
Lapsu$
Laundry Bear
law enforcement
layoffs
Lazarus
leadership
legal considerations
Letters of Marque
LIghtBasin
Linux
LLM
LLMs
LNK
Lockdown Mode
log4j
log4shell
lolbins
LOTL
luckymouse
Luta Security
macbook
machine learning
MacOS
magnet of threats
mailbag
Mali
malware
malware analysis
malware campaigns
malware names
Mandian
Mandiant
MAPP
market solutions
marketing
marty roesch
Material Security
medusa
memory analysis
memory corruption
memory forensics
Memory Safety
mercenaries
mercenary
mercenary hacking
mercenary spyware
Merlin Ventures
messaging
Meta
metador
MEV
microcode
microsoft
Microsoft 365 outage
Microsoft Access
Microsoft Security Copilot
Microsoft Teams exploitation
MIE
Mikko Hypponen
Mirai
MISP
Mistral
MITRE
MIVD
mobile
mobile exploits
mobile stock trading
mobile tracking
mongobleed
mongodb
monoculture
Monokle
msrc
MSS
MSTIC
nation-state
nation-state APTs
nation-state malware
nation-state threats
National security cyber risks
National Security Risks
NATO
NCSC
Netherlands
netography
network appliance
network appliances
network security
network telemetry
network-based attacks
news gathering
NIST
Nobitex
Node.js
Nodex
NoName057(16)
North Korea
notepad++
Novitex
npm
NSA
NSO
NSO Group
NSO lawsuit
NSO Pegasus
nuclear
NullBulge
NVIDIA
Obama
OFAC
offense
offense vs defense
offensive security
Olympics
one-click
ope-source
open source software
open-source
OpenAI
Operation Forum Troll
Operation Zero
Oracle
Orange Tsai
OSINT
Palo Alto
pandemic
Pangu Labs
Pangu Team
Paragon
parsers
PassiveTotal
password-protected phone
patch tuesday
patching shenanigans
Pavel Durov
pay-for-play
PDF
pegasus
pen-testing
penetration testing
Peter Williams
Phantom Taurus
physical conflict
Pink Lambert
PipeMagic
Pixel
PKFail
PlugX
Poland
political interference
Polyfill supply chain
predator spyware
Predatory Sparrow
print spooler
printnightmare
prisoner exchange
privacy
privacy engineering
Private Cloud Computer
pro rata rights
product security
Project Zero
ProPublica
PSOAs
public cloud
Pulse Secure
PuzzleMaker
pwn2own
Q&A
Qihoo 360
qilin
QuaDream
quantum
quantum computing
railroad
ransomhub
ransomware
rapid7
RCE
React
React2Shell
recruiting
Red October
red team
regulations
regulatory failures
remediation
remote monitoring
Replit
research
responsible disclosure
Reuters
risk management
RiskIQ
rmm abuse
robinhood
robotics
Romania
Romania elections
router
routers
RPISEC
rsa conference
RSA Innovation Sandbox
rsac
Russia
Russia cyber espionage
S1
saas
SAFE
SafeDocs
Sahel
Salesforce
Salt Typhoon
Salt Typhoon Hacks
Salt Typhoon vulnerability
Samsung
San Bernardino
sanctions
Sandboxing
sandwich attacks
Sandworm
SANS Institute
satellite
SBOM
SBOMs
scada
Scattered Spider
Sean Heelan
Section 702
secure boot bypass
Secure by Design Pledge
secure coding
secure messaging
security
security assessments
security awareness
security framework
security research
security solutions
security updates
securityawareness
securityresponse
Sekoia
self-driving cars
Sensofusion
Sentinel One
sentinellabs
SentinelOne
Sergey Bratus
serverless
sextortion
Shai-Hulud
sharepoint
shift-left
Sid Trivedi
Signal
simulated hacking attacks
Singapore
skills-shortage
Skripal
slack
snort
Snowflake
SOC
Sofacy
software liability
software quality
software update
Solana
solarwinds
SonicWall
Sophos
Sora
Sora 2
source code
sourcefire
South Korea
spectre
SpyCloud
spyware
stalking
standardization
startup
startups
Static Tundra
stolen data
story-telling
Storytelling
Stuxnet
sunburst
SUO5
supply chain
supply chain attacks
Supply chain cyber attack
surveillance
surveillance capitalism
surveillance industry
surveillance technology
SVR cyber threat
Switzerland
Symantec
Synapse
Taiwan
Tavis Ormandy
teams
teamviewer breach
telcos
Telegram
telemetry
tesla hack
testing
the_com
the-com
thecom
thinkst
third-party risk
threat detection
threat intelligence
threat-hunting
threat-intel
threatintel
ThreatLocker
Tianfu Cup
TikTok
TLP
TOR
Tornado Cash
TP-Link
tpm sniffing
trade negotiations
TraderTraitor
trains
transcript
transparency
Trenchant
Triangulation
Turla
typosquatting
uefi
uefi malware
UK sanctions
ukraine
Ukraine Cyber Alliance
UltraAV
UNC5807
Unit 29155
Unit 42
United Kingdom
Unitree
unpatched.ai
US government
US Sanctions
US-China relations
validation
VC funding
vendor accountability
Venezuela
venture capital
VEP
Veracode
Verizon
Versa Director
Vertex
vibe coding
Vietnam
virtualization
Virus Bulletin
VirusTotal
Visi Stark
visibility
VMware
Void Blizzard
VoidLInk
Volexity
Volt Typhoon
Volt Typoon
vpn
VPNs
vulnerabilities
vulnerability discovery
vupen
Wagner
war crimes
Warp Panda
wartime
web app security
webapp security
WebKit
WhatApp
whatsapp
White House
Wi-Fi hacking
Wi-Fi security
windows
Windows Defender
Windows kernel
windows os
Windows Recall
WinRAR
wiper
wipers
writing
WSUS
XBOW
Xi
Xiaomi
XZ Utils
YARA
Yutong
zero-click
zero-click exploits
zero-day
zero-day vulnerabilities
Zero-days
zero-trust
zeroday
zerodium
Zoom
01.18.2022 | 9'' read
Who are legit targets for NSO Pegasus surveillance malware?
A guest editorial from GReAT's Costin Raiu examines the categories of potential targets for NSO Group's Pegasus surveillance malware and finds few places that justify the multi-million dollar budgets for offensive tools. Plus, the cloud of cyberwar and the Russia/Ukraine conflict...
Read11.23.2021 | 6'' read
That ‘we take security very seriously’ line
Whenever a company drops the "we take security and privacy very seriously," I do a basic smell test by adding "/security" to their domain to see how that page is being used. It's a pretty instructive test of a company's cybersecurity priorities. GoDaddy is under the radar.
Read10.26.2021 | 6'' read
The software supply chain pain intensifies
A lighter than normal edition this week covering malware embedded in a JavaScript library causing some jitters in software supply chain circles. Plus, more Pegasus spyware revelations and an incredible Cyberwarcon agenda.
Read08.03.2021 | 4'' read
Making the case for responsible cyber offense
This week's recap includes a four-bylined op-ed offering suggestions for responsible offensive behavior, including the important of testing hacking tools before use, avoiding indiscriminate targeting, prohibiting certain targets, constraining automation and preventing criminal/third-party access to backdoors.
Read07.27.2021 | 8'' read
On apathy in cybersecurity
As far as we've come, it feels like we're chasing a tail that's disappearing in the distance. Attack surfaces are expanding faster than we can react to securing them and there's still too much friction when users try to adopt the best available security tools.
Read