More results...
Novee Security reveals Cordyceps, a CI/CD vulnerability in GitHub Actions workflows that let anonymous users poison builds and expose tokens across major projects today.
KnowBe4, the human risk management platform, today announced it has been awarded ‘2026 Global Customer Value Leadership’ in the email security industry as part of Frost & Sullivan’s Best Practices recognition. Best Practices awards companies for their superior leadership and innovation. Frost & Sullivan recognised KnowBe4 for: Its continued protection of the human element of […]
The post KnowBe4 awarded in the email security industry appeared first on IT Security Guru.
Microsoft researchers warn of a new dual-action cryptocurrency clipper (CryptoBandits Malware) spreading through USB devices to alter wallet addresses and steal crypto assets.
Over-the-counter CGMs are making glucose data easier to access, but not every user benefits equally. Here’s where the evidence is strongest — and what to know about app privacy.
The post OTC Glucose Monitors Make Wellness Tracking More Personal — and M…
Learn how AI, deepfakes, synthetic identities and fraud-as-a-service may reshape iGaming risk, and what security teams can do to detect future threats in 2027.
Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a data breach impacting nearly 1.4 million individuals. The Tennessee-based firm provides utilization management and revenue cycle solutions for healthcare providers. The company became aware of an […]
Two teenagers face sentencing after admitting to a massive Scattered Spider cyberattack that hit Transport for London (TfL) and US healthcare networks.
Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a ShapedPlugin Pro plugin between April and June 2026 and kept it updated, your site may be compromised. Not because you did something wrong, but because the vendor’s own build and distribution pipeline was breached. […]
I was watching a report about the Tesla murder of a woman in Texas, and this chart popped up. This is Tesla’s Vehicle Safety Report rebroadcast without a single control applied. CBS intentionally, openly, runs a fraudulent “safety” gr…
Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users’ HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memory leak vulnerability in Squid Proxy that was introduced in 1997 and has remained undetected through nearly three decades of releases, audits, and rewrites. They named it […]