Technology explained clearly, with a little brawta.

YouTubeGitHub

Topic

Caribbean Cybersecurity

Cybersecurity policy, incidents, resilience, skills, and institutions across the Caribbean.

Latest stories

News and analysis

Reporting, release notes, research, and technical guidance from across the industry.

Regional reporting

From the Caribbean

News and developments from across the region.

Operational watch

Global advisories for Caribbean defenders

A wider view of threats and defensive guidance that matter to organisations across the region.

SecurityWeekGlobal advisory ·

ClickLock stealer bypasses macOS protections

Attackers pair social engineering with process termination to get around safeguards that users normally rely on.

Read the article at SecurityWeek
BleepingComputerGlobal advisory ·

Zoom fixes a critical account-takeover flaw

Administrators should confirm their tenants are protected and review the conditions that made the vulnerability exploitable.

Read the article at BleepingComputer
ProofpointGlobal advisory ·

Why fake OAuth client IDs are gaining traction

Proofpoint explains how client-ID spoofing makes malicious authorisation requests look more trustworthy than they are.

Read the article at Proofpoint
ComputerworldGlobal advisory ·

CISA urges immediate SharePoint hardening

Defenders are being told to apply mitigations and hunt for compromise as exploitation activity increases.

Read the article at Computerworld
Google CloudGlobal advisory ·

A GKE blueprint for securing AI at enterprise scale

Google Cloud lays out identity, isolation, policy, and observability controls for AI workloads on Kubernetes.

Read the article at Google Cloud
Microsoft SecurityGlobal advisory ·

Defending SaaS applications from ShinyHunters OAuth abuse

Microsoft maps the attack path and gives defenders concrete controls for consent, tokens, applications, and logging.

Read the article at Microsoft Security
BleepingComputerGlobal advisory ·

CrashStealer poses as an Apple crash-reporting tool

The malware borrows a familiar system prompt to trick macOS users into handing over access.

Read the article at BleepingComputer
BleepingComputerGlobal advisory ·

GhostCommit hides prompt injection inside images

Researchers demonstrate how poisoned visual assets can manipulate coding agents and expose repository secrets.

Read the article at BleepingComputer
Microsoft SecurityGlobal advisory ·

Passkeys become the default in Microsoft Entra ID

Microsoft details the rollout, policy implications, and migration work administrators should complete.

Read the article at Microsoft Security
TigeraGlobal advisory ·

OpenShell secures the agent that governs a fleet

Tigera looks at containment and network policy for agents with broad infrastructure privileges.

Read the article at Tigera
European UnionGlobal advisory ·

EU expands sanctions against a malicious cyber ecosystem

The package names operators and enablers, giving Caribbean defenders useful context on state-aligned infrastructure and tactics.

Read the article at European Union