The blog.

MuddyWater's False-Flag Playbook: Iranian APT Hides Espionage Behind Chaos Ransomware

19 May 2026

ShinyHunters' 2026 Breach Spree: How One Group Compromised Billions of Records Across Six Sectors

19 May 2026

First AI-Generated Zero-Day Exploit Caught in the Wild: What Saudi Financial CISOs Must Know

19 May 2026

NCA NCNICC-1:2025: Every Saudi Private Company Now Faces Mandatory Cybersecurity Controls

19 May 2026

Windows MiniPlasma Zero-Day Grants SYSTEM Access on Fully Patched Systems — PoC Is Public

19 May 2026

CVE-2026-41103: Microsoft SSO Plugin Flaw Gives Attackers Admin Access to Your Jira and Confluence

19 May 2026

CVE-2026-42897: Exchange OWA Zero-Day Turns a Single Email into Full Browser Hijack

19 May 2026

Tycoon2FA Rebounds: Device-Code Phishing Bypasses MFA to Hijack Microsoft 365 Accounts

19 May 2026

Grafana GitHub Token Breach: How a CI/CD Misconfiguration Exposed the Codebase Behind Your SOC Dashboards

19 May 2026

Mini Shai-Hulud Worm: How One npm Install Compromised 160+ Packages and Stole CI/CD Secrets

19 May 2026

Pwn2Own Berlin 2026: 47 Zero-Days in Enterprise Tech Expose What Scanners Miss

19 May 2026

Microsoft May 2026 Patch Tuesday: Azure DevOps CVSS 10.0 and Netlogon RCE Demand Immediate Action

19 May 2026