Subscribe below for free to get these delivered straight to your inbox
Stryker confirmed a global cyberattack disrupted its Microsoft environment, with no ransomware indication and no current U.S. hospital impact.
Two security incidents have rattled the AI industry, with reported exposure of customer data at Mercor and source code in another breach.
Qilin ransomware claimed an April 20, 2026 cyberattack on U.S. retail company B&e Juice and threatened to leak sensitive data.
Three recently disclosed Windows zero-days are being used in attacks to gain elevated or SYSTEM privileges, according to Huntress Labs.
A public BlueHammer exploit for a Windows zero-day highlights disclosure concerns, local privilege escalation risk, and patch urgency.
Cisco Talos disclosed one Foxit Reader use-after-free flaw and six LibRaw vulnerabilities, including heap overflows and integer overflows.
A ransomware attack forced a water treatment plant in Minot, North Dakota, to switch to manual operations while officials responded.
Vercel says hackers breached internal systems through a Context AI OAuth compromise and stole customer data, keys, and source code.
Russian state hackers are abusing CVE-2026-21509 to deploy MiniDoor and Covenant malware against European government targets. Learn about the latest APT28 campaign.
Fortinet discloses CVE-2026-24858, a critical FortiOS SSO zero-day exploited in the wild. Learn how to secure your FortiManager and FortiAnalyzer systems now.
Learn about CVE-2026-24061, a decade-old vulnerability in GNU InetUtils telnetd that allows remote root access through simple argument injection.
A critical authentication bypass vulnerability in nginx-ui (CVE-2026-33032) allows attackers to achieve full server takeover. Learn how to secure your Nginx environment.
Microsoft has patched CVE-2026-21509, a critical Office zero-day used in targeted attacks to bypass security features and OLE mitigations in Microsoft 365.
Explore the latest CVE reports from April 2026, highlighting critical unpatched flaws in SuperAGI frameworks, H3C network hardware, and Django-based platforms.
CISA adds CVE-2026-34197 in Apache ActiveMQ to its KEV catalog following reports of active exploitation. Learn about the Jolokia API vulnerability and how to patch.
New Trellix research details a Russian APT28 campaign using CVE-2026-21509 to target European maritime and transport agencies with advanced malware and cloud C2.
Microsoft Defender faces active exploitation of three zero-day flaws. While BlueHammer is patched, RedSun and UnDefend remain unpatched and under active attack.
Microsoft releases an out-of-band update for CVE-2026-21509, an Office zero-day bypass vulnerability under active exploitation. Learn how to secure your systems.
Analyze the 2026 ransomware landscape in the US, highlighting shifting attack vectors, the rise of Qilin, and how automation is shrinking exploit windows.
Explore the major data security events of March 2026, including the Foster City ransomware attack, 3.7 million exposed records, and the FBI’s data acquisition.
Researchers have identified six security flaws in the OpenClaw AI assistant. Learn about the SSRF and path traversal bugs affecting agentic AI infrastructure.
A proof-of-concept exploit for CVE-2026-33825 in Microsoft Defender is now public. Learn about the risks of this privilege escalation flaw and how to stay secure.
Explore the rise of AI-powered cyberattacks in 2026, including the $25M Arup deepfake heist, LunaLock ransomware, and major data leaks from 2025.
Explore the March 2026 ransomware landscape, featuring 90 public attacks, sector vulnerabilities in healthcare, and high-profile breaches at LISI and FGV.
Microsoft’s March 2026 security updates address over 80 vulnerabilities, including critical privilege escalation flaws in Windows Kernel and Winlogon components.
University of Mississippi Medical Center halts surgeries and closes clinics following a major ransomware attack on February 19, 2026, disrupting healthcare services.
Microsoft addresses 169 vulnerabilities in its April 2026 update, including an actively exploited SharePoint zero-day and the ‘BlueHammer’ Defender exploit.
Booking.com warns customers after unauthorized parties accessed guest contact and booking info. Financial data remains secure as the travel giant investigates.
Langflow’s CVE-2026-33017 vulnerability sees active exploitation in under a day. Learn about the unauthenticated RCE risk and how to protect your AI infrastructure.
Learn about CVE-2026-21262, a high-severity SQL Server Elevation of Privilege zero-day fixed in Microsoft’s March 2026 Patch Tuesday. Stay ahead of enterprise risks.
Japanese semiconductor supplier Advantest Corporation reports a February 2026 ransomware attack. Learn about the incident timeline, response, and current status.
Discover the details of CrackArmor, a series of critical AppArmor vulnerabilities discovered by Qualys that allow local privilege escalation and container escapes.
A critical 9.3 CVSS vulnerability in the Marimo Python notebook was weaponized in under 10 hours. Learn how attackers are targeting data science environments.
The European Commission has unveiled a landmark cybersecurity package to update the Cybersecurity Act and NIS2 Directive, targeting high-risk ICT suppliers.
Discover the critical pre-auth RCE chain in Progress ShareFile’s Storage Zone Controller. CVE-2026-2699 and CVE-2026-2701 allow full compromise of 5.x servers.
Explore the major cybersecurity incidents of January 2026, from Target’s source code theft to massive credential leaks impacting millions of global users.
Google researchers highlight new quantum threats to elliptic curve cryptography and propose a zero-knowledge framework for responsible risk disclosure.
Global cyber attacks reached 2,086 weekly incidents per organization in February 2026. Discover how automation and sector shifts are defining the new normal.
Ransomware groups are shifting tactics in 2026 following a dip in revenue. Learn about new trends like DDoS bundling and insider recruitment in this threat analysis.
Citrix NetScaler ADC and Gateway face active exploitation via CVE-2026-3055. Learn about the memory overread bug and the critical patching deadlines for admins.
Explore the shifting ransomware landscape of January 2026, where psychological coercion and stealth-first operations are redefining corporate cyber risk.
Explore how AI integration, geopolitical tensions, and digital inequality are redefining global cybersecurity risks according to the World Economic Forum.
Security researchers identify Osiris, a new ransomware family targeting Southeast Asian enterprises using BYOVD techniques and modified remote access tools.
New Britain, CT, is responding to a ransomware attack that disrupted municipal systems. Learn how city officials and the FBI are managing the recovery effort.
New 2026 research reveals how Qilin and Warlock ransomware groups utilize BYOVD techniques to disable over 300 security tools before deploying encryption.
You must be logged in to post a comment.