-
Apr 11, 2026
A few days ago, 404 Media published a detailed report that made a lot of people uncomfortable: the FBI managed to recover Signal messages from a suspect's iPhone, even though the app.… read more »
-
Apr 10, 2026
The question is simple: what software is actually running in your systems? Not what you think is running, not what the deployment manifest says, but what is really there, compiled, linked, packaged,.… read more »
-
Apr 6, 2026
Why CVSS-first patching often fails in real incidents, and how exposure- and attack-path-based prioritization can reduce exploitable risk more effectively than severity-only workflows.… read more »
-
Apr 4, 2026
In early 2026, the cyberattack on the Uffizi Galleries became one of the most discussed security incidents in the Italian public sector. The controversy was not only about the intrusion itself, but.… read more »
-
Apr 2, 2026
In late March 2026, around 200 people in Italy received an unusual warning from WhatsApp. Their devices, according to the company, had been compromised through a fake client that looked like the.… read more »
-
Apr 2, 2026
Legacy software is not automatically the problem. More often, the real danger is the transition: rushed rewrites, brittle migrations, and AI-generated code that looks correct until production says otherwise.… read more »
-
Mar 29, 2026
Apple introduced Lockdown Mode in iOS 16 as a hardened protection layer targeted at a narrow group of users exposed to targeted attacks and mercenary spyware.… read more »
-
Mar 26, 2026
In 1966, Joseph Weizenbaum created a program called ELIZA. It was, by any technical measure, trivial: a pattern-matching engine that reflected the user's words back as open-ended questions, mimicking the style of.… read more »
-
Mar 21, 2026
There is a quiet assumption most of us carry around about the devices that fill our cities. Traffic cameras sit on their poles to catch speeding drivers. Smart sensors monitor air quality.… read more »
-
Mar 19, 2026
Digital forensics often rewards people who look in places nobody else is checking yet. This article provides practical context, implications, and actions for security teams.… read more »
-
Mar 17, 2026
A new collection of browser-based DFIR tools designed for fast triage, zero setup, and local analysis only: IOC Extractor, Timestamp Converter, Hash Calculator, and Email Header Analyzer.… read more »
-
Mar 9, 2026
"The cloud is just someone else's computer." The old sysadmin joke has held up better than many forecasts from the last decade. After years of cloud-first mandates, digital transformation roadmaps, and hyperscaler.… read more »
-
Mar 4, 2026
If you have been following my open-source work, you probably know MalHunt, the memory forensics tool I built to automate malware hunting on top of Volatility. Yesterday I pushed a significant batch.… read more »
-
Mar 1, 2026
After years of daily use in incident response and forensic investigations, This article provides practical context, implications, and actions for security teams.… read more »
-
Feb 28, 2026
Apple built Face ID around dedicated hardware that most competitors have never replicated at scale. The TrueDepth camera system, introduced with the iPhone X in 2017 and refined across every subsequent generation,.… read more »
-
Feb 27, 2026
How to build an audit-proof NIS2 training plan with governance ownership, role-based content, assessment metrics, and evidence packages regulators can verify.… read more »
-
Feb 26, 2026
In any enterprise environment, privileged accounts represent the highest-value target for attackers. These are not just administrator credentials; they encompass service accounts, DevOps pipelines.… read more »
-
Feb 23, 2026
On February 13, 2026, CERT-EU (the Computer Emergency Response Team for the EU Institutions, Bodies and Agencies) released its Cyber Threat Intelligence Framework, a document that formalizes how.… read more »
-
Feb 22, 2026
When Anthropic launched Claude Code Security in February 2026, cybersecurity stocks dropped sharply. But the real disruption is not in the market — it is in the model itself.… read more »
-
Feb 20, 2026
A new generation of ClickFix attacks abuses DNS lookups and Google-sponsored ads to deliver malware, bypassing traditional defenses and exploiting user trust in legitimate platforms.… read more »