Stories by Kevin Beaumont on Medium

Discussed on Hacker News

DoublePulsar·

Microsoft’s stance on zero day exploits is a dumpster fire of their own making

Discussed on Hacker News

DoublePulsar·

Microsoft Vibing — capturing screenshots and voice samples without governance

Discussed on Hacker News

DoublePulsar·

Merry Christmas Day! Have a MongoDB security incident.

Discussed on Hacker News and Hacker News

DoublePulsar·

Cybersecurity industry overreacts to React vulnerability, starts panic, burns own house down again

DoublePulsar·

What organisations can learn from the record breaking fine over Capita’s ransomware incident

Discussed on Hacker News

DoublePulsar·

CyberSlop — meet the new threat actor, MIT and Safe Security

Discussed on Hacker News and Hacker News

DoublePulsar·

Microsoft builds on Recall with Gaming Copilot — fails basic privacy tests

Discussed on Hacker News

DoublePulsar·

Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail

DoublePulsar·

The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic…

Discussed on Hacker News

DoublePulsar·

Citrix Netscaler backdoors — Part One — May 2025 activity against governments

DoublePulsar·

Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025

Discussed on Hacker News

DoublePulsar·

Colt Technical Services gets ransomware’d via SharePoint initial access— some learning points

DoublePulsar·

CitrixBleed 2 situation update — everybody already got owned

DoublePulsar·

CitrixBleed 2 exploitation started mid-June — how to spot it

DoublePulsar·

CitrixBleed 2: Electric Boogaloo — CVE-2025–5777

DoublePulsar·

Big Game Ransomware: the myths experts tell board members

DoublePulsar·

DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door

DoublePulsar·

MS's patch for symlink vulnerability introduces another symlink vulnerability

Discussed on Hacker News

An update on FortiBleed — what’s happening with victim orgs

FortiBleed — 75k Fortinet firewalls have admin passwords cracked

Microsoft’s stance on zero day exploits is a dumpster fire of their own making

Microsoft Vibing — capturing screenshots and voice samples without governance

Merry Christmas Day! Have a MongoDB security incident.

Cybersecurity industry overreacts to React vulnerability, starts panic, burns own house down again

What organisations can learn from the record breaking fine over Capita’s ransomware incident

CyberSlop — meet the new threat actor, MIT and Safe Security

Microsoft builds on Recall with Gaming Copilot — fails basic privacy tests

Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail

The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic…

Citrix Netscaler backdoors — Part One — May 2025 activity against governments

Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025

Colt Technical Services gets ransomware’d via SharePoint initial access— some learning points

CitrixBleed 2 situation update — everybody already got owned

CitrixBleed 2 exploitation started mid-June — how to spot it

CitrixBleed 2: Electric Boogaloo — CVE-2025–5777

Big Game Ransomware: the myths experts tell board members

DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door

MS's patch for symlink vulnerability introduces another symlink vulnerability