Thousands of Essex NHS patient records stolen in cyber attack - BBC - HEAL Security Inc. - Cyber Threat Intelligence for the Healthcare Sector

Critical UniFi OS RCE Chain Grants Root Access Without Credentials

Security Advisory Bulletin 064 describing a critical chain of vulnerabilities in UniFi OS Server that allows unauthenticated remote code execution and full root takeover. The

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically

DockSec: Open-source AI-powered Docker security scanner

DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the

EDRChoker Tool Abuses Windows QoS Policies to Disrupt Endpoint Security Tools

A newly disclosed red-team tool dubbed “EDRChoker” is drawing attention across the cybersecurity community for its novel approach to disrupting Endpoint Detection and Response (EDR)

News and Analysis