Latest

01
Jan
Feature image for the article: the word "ClickFix" beside a stylised cursor selecting a dotted-outline UI element, representing the click-driven nature of the attack technique.

ClickFix in 2026: Trust-Flow Patterns, Named Variants, and What Stops Them

Updated April 2026 - The trust-flow patterns behind ClickFix, the variants and vectors carrying it, and the defences that work
31 min read
01
Jan
Vibe coding

When AI Writes the Code, Who Catches the Bugs?

In December 2025, Boris Cherny, creator of Anthropic's Claude Code, revealed he hadn't opened an IDE
7 min read
28
Dec
Hacktivist DDoS Attacks: A Defender's Guide

Hacktivist DDoS Attacks: A Defender's Guide

NoName057(16) has targeted 3,700+ hosts in thirteen months. Their playbook is predictable: strike during elections, holidays, and geopolitical flashpoints. Here's what the La Poste attack reveals about defending against hacktivist DDoS.
8 min read
27
Dec
14 Crypto Scams to Watch For in 2026

14 Crypto Scams to Watch For in 2026

Cryptocurrency scam losses reached $9.3 billion in the United States alone in 2024, a 66% increase from the previous
20 min read
27
Dec
MongoBleed Exploit CVE-2025-14847

MongoBleed Exploit: The MongoDB Memory Leak Hitting 87,000 Servers

Updated January 10, 2026: CISA's remediation deadline for federal agencies is January 19. Ubuntu has retracted its claim
10 min read
22
Dec
Prompt Injection Attacks

Prompt Injection Attacks: Examples, Techniques, and Defence

Updated July 2026: Added Unit 42 and Google telemetry on web-based injection observed in the wild, plus a prompt
25 min read
21
Dec
Building a Second Brain for Cybersecurity Work

Building a Second Brain for Cybersecurity Work

Sixty-five percent of security professionals report their job has become harder in the past two years (ISSA/ESG, 2024)
6 min read
16
Dec
Network diagram showing an attack path moving through connected systems toward a central target node.

What is CTEM? Why Vulnerability Management Misses the Attack Surface

Most breaches do not start with a vulnerability. CTEM helps answer the question patching alone cannot: what can an attacker still reach in your environment right now?
15 min read
15
Dec
Close-up of JavaScript code on a screen representing npm dependencies and supply chain security risks in modern software development

npm Security Risks: Most Vulnerable Packages in 2026

Updated April 2026 In 2025, attackers published 454,648 malicious npm packages. That’s nearly half a million in a
20 min read
14
Dec
Navigating your path in cybersecurity, one way street sign at a cross roads.

Cybersecurity Career Paths: How to Choose Your Specialisation and Advance in 2026

Updated April 2026 59% of organisations report critical or significant cybersecurity skills gaps (ISC2, 2025). The constraint is not headcount:
15 min read