Attackers compromised the Bitwarden CLI (v2026.4.0) via a GitHub Actions supply-chain attack, injecting malware that steals developer credentials. Affected organization must assume exposure, rotate secrets immediately, and audit CI/CD pipelines for compromise.
Adrian Sanabria built "Destroyed By Breach" to cut through cybersecurity myth-making, and what he found is more uncomfortable than the fear-driven narrative the industry often sells.
This week's newsletter is about the helpers in cybersecurity, the chaos they're responding to and what we must do to prepare helpers of the future.
Vercel confirmed unauthorized access to internal systems and is investigating with incident response support, and despite limited details, security teams should assume credential exposure and act immediately.
The hype over Anthropic Mythos and AI in general has been super-heated. The cybersecurity voices who calmly unpack the details are the ones to follow. Here are some examples.
There's a lot going on in cybersecurity. Too much to cram into a bi-weekly newsletter. So we're raising the frequency.
Fergus Hay argues that cybersecurity isn’t facing a talent shortage: it’s failing to recognize that the next generation of hackers is already here, hiding in plain sight inside gaming culture.
From Minecraft servers to cryptographic puzzles, Fergus Hay explains why gaming is one of the most powerful—and misunderstood—training grounds for the next generation of cybersecurity talent.
Phil Wylie and Michael Farnum talk with Fergus Hay about how the cybersecurity industry is missing a huge opportunity by overlooking gamers and young, neurodiverse problem-solvers who already have the mindset to become the next generation of ethical hackers.
The AI-driven “vulnerability storm” isn’t just a technical problem—it’s a human breaking point, and the Mythos report’s authors are right to elevate burnout from a side issue to a frontline risk.
A coalition of cybersecurity heavyweights has issued an emergency playbook for surviving the AI-driven “vulnerability storm” — and it makes clear that speed, automation, and collective defense are now existential requirements.
As AI-driven threats collapse the time to exploit, this infographic distills a rapid-response playbook from leading cybersecurity experts on how defenders must adapt fast.
Five people worth following – not just because they’re speaking at CYBR.HAK.CON, but because they represent what this community is supposed to be.
As supply chains fracture, hacktivists hammer critical infrastructure, and vendor noise drowns out clarity, it’s the steady voices of the security community that are helping defenders navigate the chaos.
In CYBR.SEC.CAST Episode 66, Wendy Nather explains why cybersecurity’s biggest lessons aren’t coming from breaches, but from the near-misses no one talks about.
In CYBR.SEC.CAST Episode 66, Wendy Nather explains why cybersecurity’s biggest lessons aren’t coming from breaches, but from the near-misses no one talks about.
