ProbablyPwned Editorial Team

GitHub announces breaking changes for npm 12 releasing next month. Install scripts, Git dependencies, and remote URLs now require explicit approval to combat malicious packages.

European Commission announces Chips Act 2.0 and Cloud and AI Development Act to reduce reliance on US cloud giants and Chinese telecom vendors. Four-tier trust framework for cloud services incoming.

The 2026 State of Browser Security Report reveals AI-integrated browsers and agentic copilots face systemic prompt injection risks that may never be fully solved. Here's what enterprises need to know.

NIST's updated password guidelines eliminate forced expiration and complexity rules. Here's how to enforce strong Active Directory passwords without driving users to workarounds.

Varonis joins 27 other security vendors integrating Anthropic's Claude Compliance API, enabling enterprises to monitor AI conversations, detect data leaks, and enforce governance policies in real time.

A toggle for claude-mythos-1-preview briefly surfaced in Claude Code before removal. The restricted model found 10,000+ zero-days in its first month through Project Glasswing.

International law enforcement seizes 33 servers and shuts down First VPN, a criminal service used by at least 25 ransomware groups since 2014. 15 nations participated.

Canadian authorities arrest 23-year-old Jacob Butler for operating the KimWolf IoT botnet. The DDoS-for-hire operation enslaved nearly 2 million devices and set volumetric attack records.

Microsoft unveils four-pillar Driver Quality Initiative at WinHEC 2026, enforcing stricter power, thermal, and security standards for Windows 11 drivers starting this year.

OpenAI's Daybreak initiative brings GPT-5.5 variants to defensive security. Partners include Cisco, CrowdStrike, and Fortinet. Red team model available for authorized testing.

Microsoft unveiled MDASH, a multi-agent AI system that discovered 16 Windows vulnerabilities including 4 critical RCEs in networking and auth stacks. Now available in limited preview.

A new proof-of-concept tool abuses Windows CreateFileW API to block file access across SMB shares. The technique evades all tested EDR products and requires no elevated privileges.

Matthew Knoot and Erick Prince sentenced for operating laptop farms that helped North Korean IT workers infiltrate 70 US companies, generating over $1.2 million for Pyongyang.

Let's Encrypt suspended certificate operations for 2.5 hours on May 8 after discovering a cross-signed certificate linking Generation X and Y roots incorrectly.

The FTC settled with data broker Kochava, barring the sale of geolocation data that tracked visits to reproductive health clinics, addiction facilities, and domestic violence shelters.

Operation First Light 2026 dismantles nine scam centers across Asia, arrests 276 suspects, and seizes $701M in assets. FBI identifies 9,000 victims.

A faulty signature update caused Windows Defender to detect trusted DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha. Microsoft has released a fix, but some users already reinstalled Windows.

Former Sygnia and DigitalMint employees Ryan Goldberg and Kevin Martin sentenced for deploying ALPHV BlackCat ransomware while working as incident responders.

NIST will only enrich CVEs in CISA KEV, federal software, or critical infrastructure. Pre-March 2026 backlog moved to 'Not Scheduled.' Here's what security teams need to know.

Google's DBSC ties authentication cookies to hardware TPM chips, making stolen sessions worthless. Chrome 146 for Windows now protects against infostealer attacks.

Project Glasswing partners Amazon, Microsoft, Cisco to hunt zero-days with an AI model too dangerous for public release. Thousands of flaws already found.

All new overseas-manufactured routers prohibited from U.S. market after Volt Typhoon and Salt Typhoon exploited compromised devices. Existing routers unaffected.

Armenian national Hambardzum Minasyan extradited to face charges for developing RedLine malware infrastructure. Follows 2024 international takedown operation.

Britain becomes the first country to sanction Xinbi, a Telegram-based crypto marketplace that processed $19.9 billion for pig butchering scams and North Korean hackers.

Aleksei Volkov sentenced to nearly 7 years for selling network access to ransomware gangs. Facilitated dozens of attacks causing over $9 million in losses to US organizations.

Classic Outlook users can finally sync Gmail again after Microsoft resolves OAuth token issue that blocked email synchronization since February 26. Here's what happened and how to restore access.

Global coalition seizes 330 domains powering Tycoon 2FA, a phishing-as-a-service platform that bypassed MFA to compromise 96,000 victims across 500,000 organizations.

International operation seizes C2 infrastructure for AISURU, Kimwolf, JackSkid, and Mossad botnets. Peak attacks hit 31.4 Tbps, targeting DOD systems and critical infrastructure.

The EU sanctioned Integrity Technology Group, Anxun Information Technology, and Emennet Pasargad for cyberattacks against member states including the Paris Olympics.

Zach Rice, creator of Gitleaks, releases Betterleaks with BPE tokenization achieving 98.6% recall vs entropy's 70.4%. Drop-in replacement now available.

Global law enforcement operation spanning 72 countries arrests 94 cybercriminals and dismantles 45,000 malicious IPs tied to phishing, ransomware, and fraud networks.

Windows Autopatch will deliver rebootless security updates automatically for eligible devices starting May 2026. IT admins can opt out beginning April 1.

Autonomous AI agents expand attack surfaces faster than defenders can adapt. The economics make adoption inevitable—here's how security teams are responding.

New National Cybersecurity Strategy emphasizes offensive operations, deregulation, and emerging tech superiority. Six pillars outline federal cyber priorities through 2029.

Ryan Goldberg and Kevin Martin pleaded guilty to deploying ALPHV BlackCat ransomware while working in incident response and negotiation roles. Sentencing set for March 12.

Link11's European Cyber Report 2026 reveals DDoS attacks increased 75% with systems under fire 88% of the year. Follow-up attacks surged 80% as attackers adopt persistence tactics.

Texas AG Ken Paxton secures settlement forcing Samsung to stop ACR surveillance of Texans' viewing habits without express consent. Four other TV makers still facing lawsuits.

Cloudflare's February 20 outage withdrew 25% of BYOIP customer prefixes after API query misinterpretation. 1,100 prefixes went offline for over six hours.

Cisco 360 Partner Program offers new AI specializations and certifications tied to NVIDIA partnership, with $267B in projected partner-delivered AI services by 2030.

Cisco's State of AI Security 2026 report reveals a dangerous gap between agentic AI adoption ambitions and enterprise security readiness. Here's what the threat landscape looks like.

New catalog at developer.cisco.com/codeexchange/ai centralizes AI agents and MCP servers for network automation, with built-in testing tools.

Public CAs will stop issuing TLS certificates with clientAuth EKU by June 2026. Cisco outlines the impact on CUBE, Expressway, and mTLS deployments.

OpenAI's State of Enterprise AI shows 8x adoption growth and 320x reasoning usage. Cisco explains why your network architecture probably can't keep up.

How to become a cybersecurity analyst in 2026. Learn the skills, certifications, education paths, and salary expectations for breaking into this high-demand field.

What is MFA? Learn how multi-factor authentication works, the three authentication factors, and why FIDO2 passkeys are the future of phishing-resistant security.

Learn how to detect deepfakes with visual clues, audio patterns, and authentication methods. Covers detection signs, AI tools, and practical defense strategies.

Cisco IT unified fragmented monitoring tools into a centralized observability platform, achieving zero network incidents and 45% faster detection using Splunk, ThousandEyes, and AI automation.

Cisco XDR showcased production-ready integrations with Corelight NDR and Palo Alto Networks firewalls at Black Hat Europe, processing 25 log bundles per minute.

Cisco deployed Secure Access to process 66 million DNS queries at Black Hat Europe 2025, tracking ApateWeb domains and a surge in GenAI apps across the conference network.

Endpoint detection and response (EDR) monitors devices to catch threats antivirus misses. Learn how EDR works, key features, and how it compares to EPP and XDR.

Open-source Tirith tool hooks into bash, zsh, fish, and PowerShell to catch Unicode imposter commands, ANSI injection, and pipe-to-shell tricks in real time.

Binding Operational Directive 26-02 gives federal agencies 12-18 months to remove unsupported routers, firewalls, and switches from networks.

Red teaming tests your defenses by simulating real attacks. Learn how red team engagements work, the key phases, tools used, and how they differ from pen testing.

Cisco helps build AIUC-1, the first AI agent security standard, mapping its AI Security Framework to testable controls for prompt injection, jailbreaks, and more.

Inside the cyber command center protecting Super Bowl LX at Levi's Stadium, where Cisco deployed 1,500 Wi-Fi 7 access points and blocked 400,000+ threats before kickoff.

NetOp AI's network assessment tool helps Cisco partners identify infrastructure gaps blocking AI deployments. Here's how it works and why it matters.

Cisco's second AI Summit unveiled AI Defense, AgenticOps, and Silicon One P200. Here's what security teams need to know about agentic AI governance.

Learn what access control means in cybersecurity, the four main models (DAC, MAC, RBAC, ABAC), and how to implement effective access control policies.

Cisco Talos sounds the alarm on AI tools that demand root access and store credentials in plaintext, calling the current adoption frenzy a security crisis.

Cisco Live EMEA 2026 features a fireside chat on AI governance, digital sovereignty, and infrastructure readiness for government and enterprise leaders.

Cisco details its post-quantum cryptography approach targeting harvest-now-decrypt-later threats and quantum-resistant product foundations.

Independent testing confirms 99.3% IPS effectiveness and 99.8% malware detection for Cisco's unified routing and firewall platform.

From AI-driven network automation to Meraki's OAuth 2.0 rollout, here's what developers should target at Cisco Live Amsterdam.

New taxonomy from Cisco's CISO and security leadership defines five AI security domains and the organizational functions needed to secure enterprise AI systems.

Analytics Context Engineering addresses three failure modes when LLMs process machine data, delivering dramatic token savings and accuracy gains.

With 4.8 million cybersecurity jobs unfilled globally, STEM programs from K-12 through career training are racing to close the gap.

SANS ISC highlights openclaw-detect and openclaw-telemetry tools as security teams scramble to monitor the viral AI assistant amid ongoing vulnerability disclosures.

Learn what phishing is, the different types of phishing attacks (email, SMS, voice), red flags to watch for, and how to protect yourself from scams.

The best threat intelligence APIs for enriching IOCs, detecting malware, and integrating threat data into your SIEM and security workflows.

January's Month of Partner Innovation showcases PagerDuty alerting, Meraki backup tools, and cloud migration capabilities built on Cisco APIs.

The NCA's annual campaign runs January 26-30 with daily sessions on AI chatbots, dynamic pricing, and the right to be forgotten.

The ubiquitous command-line tool will stop accepting HackerOne submissions January 31. After $86K paid across 78 vulnerabilities, AI-generated noise made the program unsustainable.

Essential hardware security tools every pentester and security professional needs. From YubiKeys to WiFi adapters, these Amazon picks protect your digital life.

AI company will begin testing advertisements in ChatGPT for US users in coming weeks, projecting $1 billion in ad revenue by end of 2026.

From VS Code extensions to automation platforms, attackers are targeting the tools developers trust. Here's what security teams need to know.

Ransomware attacks on healthcare surged 30% in 2025. Here's why medical organizations remain prime targets and what defenders can do about it.

Malicious extensions have compromised over 15 million users in the past year. Here's how attackers exploit the extension ecosystem and what organizations can do.

From Fortinet to SonicWall, authentication bypass vulnerabilities share common traits. Understanding these patterns helps security teams prioritize patching.

Tenants using default settings will get automatic protection against weaponizable file types and malicious URLs. Administrators who want to opt out must act before the rollout.

AI workflow giant expands into connected device security. Deal expected to close in late 2026 pending regulatory review.

David Stern, the sole employee running CISA's ransomware early warning initiative, resigned December 19 after being ordered to relocate. The program had sent 2,100+ alerts in 2024.