Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager on March 21, 2026 Posted by The Hacker News
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026 on March 21, 2026 Posted by The Hacker News
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages on March 21, 2026March 21, 2026 Posted by The Hacker News
Friday Squid Blogging: Jumbo Flying Squid in the South Pacific on March 20, 2026 Posted by Bruce Schneier
Posted in ATT&CK Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations on December 15, 2025 Matt Wixey
Posted in AI Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job on August 7, 2025 Matt Wixey
Posted in featured Small world: The revitalization of small AI models for cybersecurity on July 23, 2025 Matt Wixey
Posted in featured SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild on July 21, 2025 Matt Wixey
Posted in anomaly detection SophosAI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job on July 14, 2025 Matt Wixey
Posted in asyncrat The strange tale of ischhfd83: When cybercriminals eat their own on June 4, 2025 Matt Wixey
Posted in beyond the kill chain Beyond the kill chain: What cybercriminals do with their money (Part 5) on May 15, 2025 Matt Wixey
Posted in beyond the kill chain Beyond the kill chain: What cybercriminals do with their money (Part 4) on May 15, 2025 Matt Wixey
Posted in beyond the kill chain Beyond the kill chain: What cybercriminals do with their money (Part 3) on May 15, 2025 Matt Wixey
