Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A photoreal editorial scene shot in a dark server room: rows of black rack-mounted servers glow with faint blue and gree
Threats
4 min read
15 Jun 2026

Velvet Ant Hid Inside Linux Auth for Nearly a Decade by Backdooring PAM and OpenSSH

A China-nexus threat actor planted rogue authentication modules on victim networks and stayed undetected for close to ten years — by targeting the one layer most incident-response playbooks quietly trust.

A photoreal editorial scene showing a tangled mass of glowing fiber-optic cables being severed by a pair of heavy-duty b
Threats
5 min read
14 Jun 2026

Outsider Enterprise Dismantled: What the 'AI-Powered' Phishing Takedown Actually Tells Defenders

The FBI, Google, and Lumen's Black Lotus Labs jointly knocked a Chinese phishing-as-a-service operation offline after it registered nearly one million malicious domains. The AI angle is real — but narrower than headlines suggest.

A photoreal editorial scene inside a modern government operations center at night: rows of monitors casting blue light o
Regulation
5 min read
14 Jun 2026

Washington Orders Anthropic to Block Foreign Nationals From Fable 5 and Mythos 5 — So Anthropic Pulled Both Models Entirely

Faced with an export-control-style directive it disputes, Anthropic suspended two frontier AI models worldwide rather than build nationality-gated access infrastructure. The standoff raises hard questions about who controls frontier AI and how.

A high-tech conference room with IT professionals discussing cybersecurity vulnerabilities, a digital screen displaying
Vulnerabilities
2 min read
14 Jun 2026

Critical Vulnerability in Splunk Enterprise Exposes Systems to Remote Code Execution

Splunk addresses a severe flaw in its Enterprise software that could allow unauthenticated users to execute arbitrary code.

Photoreal editorial scene: an empty school district IT server room at night, fluorescent lights flickering, a lone works
Threats
4 min read
13 Jun 2026

Former Iowa School IT Admin Sentenced to 21 Months for Post-Termination Network Intrusions

No malware, no nation-state tradecraft — just valid credentials that nobody revoked. A disgruntled ex-employee deleted accounts and disrupted classrooms for months before federal charges ended it.

A photoreal editorial scene showing a large server room with rows of illuminated rack servers, half of the racks display
Regulation
5 min read
13 Jun 2026

Anthropic Takes Fable 5 and Mythos 5 Offline Under White House Export Control Directive

The Trump administration's push to treat frontier AI as dual-use technology forced Anthropic to pull two models entirely — a compliance signal that reshapes how AI labs think about regulatory risk.

A dimly lit developer workstation at night showing a terminal screen with cascading green text and package build output,
Threats
5 min read
12 Jun 2026

400+ Arch Linux AUR Packages Backdoored With Rust Credential Stealer and eBPF Rootkit

Attackers hijacked more than 400 community-maintained Arch User Repository packages this week, silently modifying build scripts to drop a Rust-based credential harvester — and, when the build ran as root, an eBPF rootkit capable of hiding itself from every standard Linux detection tool.

A close-up photoreal editorial shot of a laptop sitting open and unattended on a hotel room desk at night, soft lamp lig
Vulnerabilities
5 min read
12 Jun 2026

GreatXML: How a Researcher Cracked BitLocker in Four Hours Using Windows' Own Recovery Partition

A hobbyist find targeting XML configuration files in the Windows Recovery Environment exposes a fundamental gap in full-disk encryption's trust model — and no Microsoft patch exists yet.

A photoreal editorial scene of a glowing blue server rack inside a dimly lit data center, with cascading green terminal
Vulnerabilities
5 min read
12 Jun 2026

CVE-2026-5027: Unauthenticated Path Traversal in Langflow Is Being Exploited Right Now

A write-anywhere bug in the popular open-source AI workflow builder carries a CVSS 8.8 score and is already seeing opportunistic mass exploitation — patch immediately or assume compromise.

A close-up photoreal editorial scene of a developer's hands at a mechanical keyboard in a dimly lit office, a terminal w
Vulnerabilities
5 min read
11 Jun 2026

npm 12 Kills Install Scripts by Default — and That Changes the Supply Chain Math

GitHub's decision to disable lifecycle hooks in npm 12 removes the single most-abused primitive in JavaScript supply chain attacks. Here is what defenders, DevOps teams, and security engineers need to know before the cutover.

A federal government cybersecurity operations center at night, analysts seated at curved workstations covered in multi-m
Regulation
6 min read
10 Jun 2026

CISA's BOD 26-04 Kills CVSS-First Patching — and Gives Agencies Three Days on the Worst Flaws

A new binding directive replaces severity-score timelines with a four-factor risk model. Federal agencies must remediate the highest-risk vulnerabilities within 72 hours. The rest of the industry should be paying close attention.

A photorealistic scene of a cybersecurity analyst examining a computer screen with lines of code, depicting a race condi
Vulnerabilities
2 min read
10 Jun 2026

RoguePlanet Exploit Unveiled: Microsoft Defender's Latest Vulnerability Challenge

An exploit named RoguePlanet has surfaced, targeting Microsoft Defender with a local privilege escalation vulnerability, raising security concerns.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress