State-sponsored actors, better known as the friends you don’t want

State-sponsored actors don't break in. They log in, and they use your own tools to stay invisible for months. Responding to a state-sponsored threat is nothing like responding to ransomware, and the differences can make or break the outcome. From logging and baselines to OT segmentation and suppl...

ACIArena: Toward Unified Evaluation for Agent Cascading Injection

Collaboration and information sharing empower Multi-Agent Systems MAS but also introduce a critical security risk known as Agent Cascading Injection ACI. In such attacks, a compromised agent exploits inter-agent trust to propagate malicious instructions, causing cascading failures across the...

CTF for Education

In this paper, we take a close look at how CTF can be used in cybersecurity education. We divide the CTF competitions into four different categories, which are attack-based CTFs, defense-based CTFs, jeopardy CTFs and gamified and wargames CTFs. We start our analysis by summarizing the main...

EUVD-2025-18310

Malicious code in bioql PyPI...

UniAud: a Unified Auditing Framework for High Auditing Power and Utility with One Training Run

Differentially private DP optimization has been widely adopted as a standard approach to provide rigorous privacy guarantees for training datasets. DP auditing verifies whether a model trained with DP optimization satisfies its claimed privacy level by estimating empirical privacy lower bounds...

New Russia-affiliated actor Void Blizzard targets critical sectors for espionage

Executive summary: Void Blizzard is a new threat actor Microsoft Threat Intelligence has observed conducting espionage operations primarily targeting organizations that are important to Russian government objectives. These include organizations in government, defense, transportation, media, NGOs,...

CISA: Dams Sector Personnel Screening Guide

The Dams Sector Personnel Screening Guide 2025 provides information to assist Dams Sector owners and operators in developing and implementing personnel screening protocols appropriate for their facilities. An effective screening protocol for potential employees and contractor support can contribu...

North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

Threat actors with ties to the Democratic People's Republic of Korea DPRK are impersonating U.S.-based software and technology consulting businesses in order to further their financial objectives as part of a broader information technology IT worker scheme. "Front companies, often based in China,...

How Wiz Meets CISA “Secure by Design” Objectives

An update on our commitments to customer security...

Key Takeaways From The Take Command Summit: Enhancing Cybersecurity Culture

Building a resilient cybersecurity culture is crucial in today's digital landscape. The recent Rapid7 Take Command Summit session titled "Commander in Chief: Enhancing Cybersecurity Culture" offered valuable insights into fostering a strong security mindset within organizations. Here are three ke...

Takeaways From The Take Command Summit: Unlocking ROI in Security

Rapid7 CMO Cindy Stanton hosted a discussions with Cindy Stanton, Byron Anderson, Principal InfoSec Engineer, KinderCare Learning Companies and Gaël Frouin Director IT Security, AAA Northeast to talk strategies for measuring team performance and demonstrating ROI in cybersecurity at Rapid7’s rece...

UBUNTU-CVE-2024-4011

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives...

Malicious code in down_load_ebook_30_minuten_okr_objectives_key_results_by_erno_marius_obogeanu_hempel_andre_daiyu_steiner_qz80m (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2117 Malicious code in down_load_ebook_30_minuten_okr_objectives_key_results_by_erno_marius_obogeanu_hempel_andre_daiyu_steiner_qz80m (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2024-6746 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.1 through 16.11.5 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: The issue is related to inadequate access control in GitLab, a collaborative coding platform. It allow...

Unifying Security Tech Beyond the Stack: Integrating SecOps with Managed Risk and Strategy

Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, "only 59% of organizations say their cybersecurity strategy has changed over the past two years." This stagnation in strategy adaptation can be traced back to several key...

CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

Cap Dev. Better red teaming with continuous Capability Development

TL;DR What Capability Development Cap Dev is in this context The big Cap Dev benefits for red teaming Operations and Development, sharing and improving Improvements to TTPs, hardware, and developing strategies Benefits of using a DevSecOps model for offensive security The essence of Cap Dev Cap D...

What is the MITRE ATT&CK Framework?

The Unfolding Complexity of the MITRE ATT&CK System The domain of cybersecurity is akin to an ever-evolving ocean filled with intricacies. In these stormy waters, the MITRE ATT&CK System stands as a beacon of light. It brings some order, serving as a universally available repository storing vario...

Analysis of Storm-0558 techniques for unauthorized email access

Executive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that weve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation...