Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Threat actors are abusing the special-use ".arpa" domain and IPv6 reverse DNS in phishing campaigns that more easily evade ...

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days ...
Hosted on MSN

BeyondTrust RCE flaw lets hackers run code without logging in

BeyondTrust warns of critical RCE flaw CVE-2026-1731 in RS and PRA Vulnerability allows unauthenticated OS command execution, risking compromise and data exfiltration Patch released February 2, 2026; ...
news.bloomberglaw

Data Scraping Firm SerpApi Accuses Ex-Contractor of Copying Code

Data scraping firm SerpApi LLC sued a former contractor in federal court, accusing him of pillaging its source code and founding a copycat company. Zilvinas Kucinskas accessed SerpApi’s servers 29 ...
GitHub

GHAS Audit Log Impact Guide

business_dependabot_alerts.disable Critical: Disabling alerts enterprise-wide blinds the organization to dependency vulnerabilities. org.codeql_disabled Critical: Disabling SAST removes the primary ...
JD Supra

F5 Security Incident: BIG‑IP Source Code Theft Spurs Urgent Actions

On October 15, application security vendor F5, Inc. disclosed that a highly sophisticated nation-state threat actor maintained long-term, persistent access to certain F5 systems. The attackers ...