❌

Reading view

Russia-linked APT28 attackers already abusing new Microsoft Office zero-day

Ukraine’s CERT says the bug went from disclosure to active exploitation in days

Russia-linked attackers are already exploiting Microsoft's latest Office zero-day, with Ukraine's national cyber defense team warning that the same bug is being used to target government agencies inside the country and organizations across the EU.…

  •  

McDonald's is not lovin' your bigmac, happymeal, and mcnuggets passwords

Your favorite menu item might be easy to remember but it will not secure your account

Change Your Password Day took place over the weekend, and in case you doubt the need to improve this most basic element of cybersecurity hygiene, even McDonald's – yes, the fast food chain – is urging people to get more creative when it comes to passwords. …

  •  

Infrastructure cyberattacks are suddenly in fashion. We can buck the trend

Don't be scared of the digital dark – learn how to keep the lights on

OpinionΒ  Barely a month into 2026, electrical power infrastructure on two continents has tested positive for cyberattacks. One fell flat as attempts to infiltrate and disrupt the Polish distribution grid were rebuffed and reported. The other, earlier attack was part of Operation Absolute Resolve, the US abduction of Venezuela's President Maduro from Caracas on January 3.…

  •  

Why native cloud security falls short

Your cloud security must stand alone

Partner ContentΒ  As cloud adoption accelerates, many organizations are increasingly relying on the native security features offered by cloud service providers (CSPs). The ability to manage web application firewalls (WAF), data encryption, and key management (KMS) within a single provider ecosystem appears efficient and convenient. However, when security and reliability are viewed through the lens of enterprise risk management, this convenience may come at a significant cost.…

  •  

Open-source AI is a global security nightmare waiting to happen, say researchers

Also, South Korea gets a pentesting F, US Treasury says bye bye to BAH, North Korean hackers evolve, and more

Infosec in BriefΒ  As if AI weren't enough of a security concern, now researchers have discovered that open-source AI deployments may be an even bigger problem than those from commercial providers. …

  •  
❌