CyberFirst Girls Competition: a proud milestone and exciting future
The future of the CyberFirst Girls Competition and reflecting on brilliant progress. Source:: NCSC Guidance
news
news
World Backup Day is heading our way
Are you ready? World Backup Day is March 31 – a day that has been recognized every year since it
news
VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
A ransomware-as-a-service (RaaS) operation called VanHelsing has already claimed three victims since it launched on March 7, 2025. “The RaaS
news
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks
Acronis Threat Research found 2M+ malicious URLs & 5,000+ malware instances in Microsoft 365 backup data—demonstrating how built-in security isn’t
news
Security Week 2025: in review
Thank you for following along with another Security Week at Cloudflare. We’re extremely proud of the work our team does
news
New URLPattern API brings improved pattern matching to Node.js and Cloudflare Workers
Today, we are excited to announce that we have contributed an implementation of the URLPattern API to Node.js, and it
news
Privileged access workstations: introducing our new set of principles
Principles-based guidance for organisations setting up a PAW solution. Source:: NCSC Guidance
news
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted
news
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware
news
How to Balance Password Security Against User Experience
If given the choice, most users are likely to favor a seamless experience over complex security measures, as they don’t
news
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization
news
DNA testing site 23andMe files for bankruptcy protection
The company said that it will now attempt to sell itself under the supervision of a court. Source:: BBC News
news
Google Gemini’s Astra (screen sharing) rolls out on Android for some users
At MWC 2025, Google confirmed it was working on screen and video share capabilities for Gemini Live, codenamed “Project Astra”.
news
FBI warnings are true—fake file converters do push malware
The FBI is warning that fake online document converters are being used to steal people’s information and, in worst-case scenarios,
news
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects,
news
The man with a mind-reading chip in his brain – thanks to Elon Musk
Noland Arbaugh tells the BBC how being the first Neuralink patient has changed his life. Source:: BBC News – Technology
news
Cloudflare now blocks all unencrypted traffic to its API endpoints
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. […]
news
Microsoft Trusted Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft’s Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. […] Source:: BleepingComputer
news
Microsoft Trust Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft’s Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. […] Source:: BleepingComputer
news
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
The U.S. Treasury Department has announced that it’s removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been