In-depth red team research, blue team strategy — and privacy-first security tools that run entirely in your browser. No accounts. No telemetry. No data leaves your machine.
Gitea 1.26.3 and 1.26.4 addressed a dense security release window, including a 9.8 CRITICAL auth bypass exploitable with a single HTTP header. Here's what broke and how to fix it.
Frontier cyber AI is becoming controlled infrastructure. The security risk is not only that attackers get stronger models, but that defenders become dependent on capabilities a vendor or government can withdraw.
Novee's Cordyceps research is a reminder that GitHub Actions workflows are executable attack surface, not harmless YAML. Here is how to audit the trust boundary before an outside pull request borrows maintainer authority.
A reported FortiGate credential-harvesting campaign is a reminder that patched edge appliances can still be compromised. Here is how to verify exposure, contain access, and hunt for follow-on activity.
Operation Endgame's June 2026 action against SocGholish shows why fake browser updates, compromised WordPress sites, and criminal loader infrastructure still matter to defenders.
A new Go-based ransomware family prioritizes recently modified files, uses RDP and legitimate remote-management tooling, and leaves no ransom note on disk. Here's what to hunt and harden.
The CA/Browser Forum is cutting TLS certificate lifespans from 398 to 47 days by 2029 to reduce the value of stolen certificates. The fix creates a bigger target: the automation that now issues every certificate on the internet.