​Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular “@react-native-community/cli” npm package. Cybersecurity company VulnCheck said it first observed exploitation of… Read More »Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

​Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs,… Read More »[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

​Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites… Read More »When Cloud Outages Ripple Across the Internet

​The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed… Read More »APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

​Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence (GenAI) features. “It provides a single… Read More »Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

​A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking… Read More »Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

​A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.… Read More »Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

​A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link. The issue,… Read More »OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

​Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development comes… Read More »Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

​For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play… Read More »Securing the Mid-Market Across the Complete Threat Lifecycle