A Supply Chain Attack in Notepad++
Executive Summary: The Notepad++ update process was compromised by a supply chain attack, and users are strongly advised to upgrade to version 8.8.9 or later to ensure their security.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
What is a security patch?
A security patch is a software update that fixes a vulnerability (like an exploitable bug or design flaw) in software to protect it from cyberattacks. Applying security patches is an essential practice for bolstering cybersecurity, reducing risk, and ensuring compliance.
IDE extensions: a new persistent risk to your organization
User-installable extensions for Visual Studio Code, Cursor, and other Integrated Development Environments are an increasingly exploited attack vector, with new malicious extensions discovered almost weekly. Do you have visibility and control?
Tanium Named a Leader in the 2026 Gartner® Magic Quadrant for Endpoint Management Tools
Autonomous IT innovator positioned furthest on Completeness of Vision.
What is hardware inventory management?
Hardware inventory management is the systematic practice of identifying, tracking, and maintaining an accurate record of all physical IT assets, such as laptops, servers, printers, and network devices, throughout their entire lifecycle, from acquisition to retirement.
CTI roundup: SantaStealer, BlackForce, Ink Dragon
SantaStealer spreads via Telegram and underground forums, the BlackForce phishing kit targets major brands, and Ink Dragon launches new attacks.
Two is one, one is none: the art of resilient operations
On a cold and windy day in March 1996, a group of 25 Marine Corps second lieutenants, accompanied by their instructors, participated in a communications field exercise at Fort A.P. Hill, Virginia. The objective was to provide training on installing, operating, and maintaining a tactical communications architecture while continuously relocating. The terrain at Fort A.P.
CTI roundup: Shanya, GrayBravo, Storm-0249
Shanya PaaS spreads among ransomware groups, GrayBravo expands its footprint, and Storm-0249 exploits EDR processes to hide malicious activity.
CTI roundup: Hybrid 2FA phishing, RomCom, MuddyWater
Hybrid 2FA phishing threatens enterprises, RomCom uses SocGholish to deploy Mythic Agent malware, and MuddyWater targets critical infrastructure with evolving tactics.
What is Windows patch management?
Windows patch management is the practice of deploying and managing feature updates, bug fixes, and security patches at scale for Windows operating systems and applications. These updates go beyond adding new features, acting as critical safeguards that address vulnerabilities attackers commonly target.