Security Articles

Agent AI is Coming. Are You Ready?

9 views2026-05-20

Hugging Face

Specialization Beats Scale: A Strategic Variable Most AI Procurement Decisions Overlook

7 views2026-05-22

CSS-Tricks

The State of CSS Centering in 2026

6 views2026-05-22

The agentic era: Architecting the blueprint for mission impact across the public sector

6 views2026-05-19

Databricks

How enterprise leaders are scaling AI agents across their organization

5 views2026-05-28

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Email address

51 min read

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

Drift's $285M hack on April 1, 2026 was a six-month DPRK social engineering operation by group UNC4736.

41 min read

April 05, 2026

This post covers Google Cloud release notes from April 5, 2026, highlighting updates across security operations, cloud services, and AI integrations.

21 min read

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

This article covers the discovery of 36 malicious npm packages disguised as Strapi CMS plugins that deployed persistent implants and harvested credentials.

31 min read

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet has released emergency patches for CVE-2026-35616, a critical pre-authentication API access bypass vulnerability in FortiClient EMS actively exploited in the wild.

11 min read

Security•2026-04-04

April 04, 2026

This release note covers updates to Google SecOps and Google SecOps SOAR as of April 4, 2026.

61 min read

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

This article covers TA416, a China-aligned threat actor, resuming targeted campaigns against European government and diplomatic entities since mid-2025 using PlugX malware and OAuth-based phishing techniques.

61 min read

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Microsoft Defender Security Research Team details PHP-based web shells on Linux servers that use HTTP cookies as a stealthy command-and-control channel.

51 min read

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

North Korean threat actors (UNC1069) compromised the Axios npm package via a targeted social engineering attack against its maintainer, Jason Saayman.

51 min read

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

This article argues that third-party risk management (TPRM) has become a critical security challenge and a growth opportunity for MSPs and MSSPs.

41 min read

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new variant of the SparkCat malware has been discovered on both the Apple App Store and Google Play Store, targeting cryptocurrency wallet recovery phrases via OCR.

61 min read

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift, a Solana-based decentralized exchange, lost $285 million in a sophisticated attack using durable nonces and social engineering, with evidence linking it to North Korean threat actors.

011 min read