Krebs on Security In-depth security news and investigation

  • Microsoft Patches a Record 570 Security Flaws
    by BrianKrebs on July 14, 2026 at 7:22 pm

    Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence.

  • Lessons Learned from CISA’s Recent GitHub Leak
    by BrianKrebs on July 13, 2026 at 3:03 pm

    The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys -- in a public GitHub repository for almost six months before being notified by KrebsOnSecurity. Experts say the gaps identified in the agency's initial response provide important lessons that all security teams should absorb.

  • Felons, Fraudsters Flog Offensive Cybersecurity Startup
    by BrianKrebs on July 8, 2026 at 12:31 pm

    A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platform they operated under assumed names.

  • FBI Seizes NetNut Proxy Platform, Popa Botnet
    by BrianKrebs on July 2, 2026 at 7:27 pm

    The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.

  • Scattered Spider Hackers Plead Guilty on Day 1 of Trial
    by BrianKrebs on June 23, 2026 at 4:12 pm

    Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.



BleepingComputer BleepingComputer - All Stories



The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.com