This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
Application Programming Interfaces (APIs) are foundational to a modern digital ecosystem. These standards govern how APIs are to be developed across the Government of Canada (GC) to better support ...
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 ...
With Explicit Forward Proxy, you can use the secure web and AI gateway capabilities of Microsoft Entra Internet Access without installing the Global Secure Access client. Explicit Forward Proxy works ...
CI jobs, AI coding agents, and sandboxed containers can make arbitrary outbound requests. A compromised dependency, a prompt injection, or a malicious build step can exfiltrate secrets, phone home, or ...
Another year passes. I was hoping to write more articles instead of just these end-of-the-year screeds, but I almost died in the spring semester, and it sucked up my time. Nevertheless, I will go ...
We believe the artificial intelligence center of gravity for enterprise value creation is shifting from large language models to small language models, where the S not only stands for small but ...
ESET researchers have documented and analyzed TA410 activity going back to 2019. TA410 is a cyberespionage umbrella group loosely linked to APT10, known mostly for targeting US-based organizations in ...
ESET researchers have recently discovered a new undocumented modular backdoor, SideWalk, being used by an APT group we've named SparklingGoblin; this backdoor was used during one of SparklingGoblin's ...