Latest cybersecurity news from CISA, Krebs on Security, and other trusted sources
Based on the sensors reporting to ISC, this activity started on the 13 Jan 2026. My own sensor started seeing the first scan on the 21 Jan 2026 with limited probes. So far, this activity has been limited to a few scans based on the reports available in ISC [5] (select Match Partial URL and Draw):
The title of this diary is perhaps a bit catchy but the question is important. I don't consider myself as a good developer. That's not my day job and I'm writing code to improve my daily tasks. I like to say “I'm writing sh*ty code! It works for me, no warranty that it will for for you”. Today, most of my code (the skeleton of the program) is generated by AI, probably like most of you.
Visual Studio Code is a popular open-source code editor[1]. But it's much more than a simple editor, it's a complete development platform that supports many languages and it is available on multiple platforms. Used by developers worldwide, it's a juicy target for threat actors because it can be extended with extensions.
IDNs or “International Domain Names” have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between:
I&#;x26;#;39;ve seen many API requests for different LLMs in the honeypot logs.
Wireshark release 4.6.3 fixes 4 vulnerabilities and 9 bugs.
[This is a Guest Diary by Matthew Presnal, an ISC intern as part of the SANS.edu BACS program]
Introduction
Today, Microsoft released patches for 113 vulnerabilities. One of these vulnerabilities affected the Edge browser and was patched upstream by Chromium.
YARA-X&#;x26;#;39;s 1.11.0 release brings a new feature: hash function warnings.
This feed aggregates the latest cybersecurity news from trusted sources to help you stay informed about emerging threats, vulnerabilities, and security trends.