Data Safety and Information Security

Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.

Learn how Russian hackers exploit vulnerabilities in cloud environments, challenging traditional security assumptions.

Decentralized Identifiers (DIDs) are transforming digital identity by giving users full control, better privacy, and secure authentication without central authorities.

How we discovered that bits aren't wax, trust doesn't scale, and humans will always route around friction like water around stone.

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it's time for a broader awareness of the threat. The…

Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain…

The Amazon threat intelligence team has confirmed a prolonged Russian hack attack targeting AWS customers. Here’s what you need to know.

Doppler's secrets management platform helps teams secure, sync, and automate their secrets across environments and infrastructure. Experience enhanced security, agility, and automation with our cloud platform.

Firstyear's blog

Manage cookie consent across your web properties by uncovering hidden trackers, maximizing opt-ins, and ensuring you meet data privacy regulatory standards.

Hugely disruptive ransomware attacks can be thwarted by distributed lateral security embedded at the private cloud level, using macro- and micro segmentation and integrated threat detection and prevention.

Ethical hacker Betta Lyon Delsordo is challenging outdated stereotypes, mentoring the next generation of girls in tech, and showing that cybersecurity can be smart, collaborative – and seriously fun

The Amazon threat intelligence team has confirmed a prolonged Russian hack attack targeting AWS customers. Here’s what you need to know.

Learn how advanced prompt injection attacks breach multi-agent AI workflows – and how hardened system prompts and security patterns stop them.

They're not who you think they are.

A barely perceptible keystroke delay was the smoking gun that led to the uncovering of a malign imposter.

An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet's top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform temporarily so that visitors could still access their websites. But security experts…

I've detected 16 CAs issuing certificates which rely on CT logs that are not recognized by all browsers

In this article I cover what is considered to be the safest programming language developed.

A new malware-as-a-service (MaaS) platform named Atroposia provides cybercriminals a remote access trojan that combines capabilities for persistent access, evasion, data theft, and local vulnerability scanning.

The Making of Digital Identity - The Cryptographic Solution

A report describing an a highly sophisticated AI-led cyberattack

public-key authentication standard

If you see this message, it’s an attack.

Amidst the glossy marketing for VPN services, it can be tempting to believe that the moment you flick on the VPN connection you can browse the internet with full privacy. Unfortunately this is quit…

Some thoughts on security after ten years of qmail 1.0 Bernstein, 2007 I find security much more important than speed. We need invulnerable software systems, and we need them today, even if they ar…

Update, 7:11 p.m. ET: A Meta representative reached out to 9to5Mac and provided the following statement: “We are grateful to...

Persona