12 articles
OpenAI's Daybreak initiative brings GPT-5.5 variants to defensive security. Partners include Cisco, CrowdStrike, and Fortinet. Red team model available for authorized testing.
Microsoft unveiled MDASH, a multi-agent AI system that discovered 16 Windows vulnerabilities including 4 critical RCEs in networking and auth stacks. Now available in limited preview.
A new proof-of-concept tool abuses Windows CreateFileW API to block file access across SMB shares. The technique evades all tested EDR products and requires no elevated privileges.
NIST will only enrich CVEs in CISA KEV, federal software, or critical infrastructure. Pre-March 2026 backlog moved to 'Not Scheduled.' Here's what security teams need to know.
Google's DBSC ties authentication cookies to hardware TPM chips, making stolen sessions worthless. Chrome 146 for Windows now protects against infostealer attacks.
Zach Rice, creator of Gitleaks, releases Betterleaks with BPE tokenization achieving 98.6% recall vs entropy's 70.4%. Drop-in replacement now available.
Endpoint detection and response (EDR) monitors devices to catch threats antivirus misses. Learn how EDR works, key features, and how it compares to EPP and XDR.
Open-source Tirith tool hooks into bash, zsh, fish, and PowerShell to catch Unicode imposter commands, ANSI injection, and pipe-to-shell tricks in real time.
Analytics Context Engineering addresses three failure modes when LLMs process machine data, delivering dramatic token savings and accuracy gains.
SANS ISC highlights openclaw-detect and openclaw-telemetry tools as security teams scramble to monitor the viral AI assistant amid ongoing vulnerability disclosures.
The best threat intelligence APIs for enriching IOCs, detecting malware, and integrating threat data into your SIEM and security workflows.
Essential hardware security tools every pentester and security professional needs. From YubiKeys to WiFi adapters, these Amazon picks protect your digital life.