Both Google's Project Zero and The Zero Day Initiative (ZDI) report rising numbers of discovered zero days. That's probably a good thing.

Last week's Uber hack shows how vulnerable IT systems are, once a user account is compromised.

The EU is introducing the Cyber Resilience Act, a new cybersecurity regulation. Is it already outdated and lagging behind the attackers?

A survey documents the dramatic rise of Zero Trust (ZTNA) architecture's popularity since the pandemics. But what exactly does ZTNA entail?

Microsoft addresses 63 CVEs in its September 2022 Patch Tuesday release. Two deserve special attention.

It seems too many vendors and increased complexity is ultimately damaging risk posture, not only straining budgets.

Cyberattacks on hospitals may already be affecting treatment outcomes and even mortality rates.

Saving passwords for re-use in popular desktop apps is a neglected source of risk - making credential access much easier for adversaries.

A new phishing-as-a-service offering is making it easy to bypass MFA for popular on-line services.