Subscribe below for free to get these delivered straight to your inbox
The EU introduces a new single reporting interface for cybersecurity incidents and personal data breaches as part of its Digital Package, aiming to streamline compliance and enhance the Union’s digital…
Discover Sicarii ransomware, a unique and highly destructive threat that prioritizes irreversible data loss over traditional encryption for ransom. Learn how it operates and crucial defense strategies.
OpenSSL has patched a high-severity remote code execution (RCE) vulnerability, urging immediate updates. Learn about the impact and importance of patching this critical flaw.
Claroty Team82 disclosed a critical RCE vulnerability in IDIS Cloud Manager Viewer, emphasizing the urgent need for updates to protect video surveillance systems from potential compromise.
Fortinet has initiated patching for an actively exploited zero-day vulnerability (CVE-2026-24858) impacting FortiCloud SSO. Learn about the critical update and what users need to do to secure their systems.
Warnings highlight significant security risks for organizations utilizing AI tools without formal governance policies, emphasizing potential data leakage, intellectual property exposure, and compliance challenges.
Discover how the Amatera infostealer campaign employs fake CAPTCHA challenges and malicious App-V scripts to bypass defenses and steal sensitive data. Learn about this sophisticated threat.
Explore the sophisticated cyber espionage campaign targeting India, utilizing the potent Blackmoon trojan. Learn about its capabilities, attack vectors, and the critical need for enhanced cybersecurity measures.
CERT-In has issued critical advisories on high-severity vulnerabilities affecting SAP, Microsoft, and Atlassian products. Learn about the risks and urgent patching recommendations.
CERT-In has issued critical advisories regarding severe vulnerabilities in SAP, Microsoft, and Atlassian products. Learn about the potential risks and CERT-In’s urgent recommendations for patching and securing your systems against…
Crunchbase confirms a data breach impacting over 2.3 million user records after a leak by the ShinyHunters hacking group. Learn about the exposed data and essential security measures for users.
A dark-web actor, IntelBroker, has reportedly leaked an alleged database associated with Under Armour, impacting 72 million customer records. Learn about the incident and essential data protection measures.
Explore the recent claim by the RansomHub ransomware group against Luxshare, a global electronics manufacturer, and understand the tactics involved in modern ransomware operations. Learn about the persistent threat to…
Microsoft has confirmed an investigation into reports of boot failures affecting Windows 11 version 25H2 after users installed the recent January security updates. Learn what’s known about the issue.
Learn about the active probing targeting Cisco Unified Communications solutions for a critical Remote Code Execution vulnerability, CVE-2026-20045. Understand the risks and immediate actions to secure your systems.
Fortinet has issued a critical warning regarding an active FortiCloud SSO bypass vulnerability. Learn about the security risk to updated devices and recommended mitigation steps.
Discover the critical security flaw where “one-time” SMS links, designed for temporary access, can remain active indefinitely, leading to prolonged exposure of sensitive personal information.
Security researchers at Pwn2Own Automotive 2026 revealed 37 previously unknown vulnerabilities, highlighting critical efforts to enhance the safety of modern connected vehicles.
Discover how Pwn2Own Automotive 2026 led to the disclosure of 37 critical vulnerabilities, reinforcing the need for robust cybersecurity in modern vehicles. Learn about the event’s impact on automotive security.
Nike is investigating a potential security incident as hackers threaten to leak company data. Learn about the ongoing investigation and the implications of such cyber threats.
A critical cybersecurity alert: 149 million credentials and 5.7 terabytes of financial, government, and personal data have been leaked following attacks by a sophisticated info-stealer.
A new report reveals 48 million Gmail usernames and passwords have been leaked online. Learn immediate steps to protect your account and enhance your digital security against credential breaches.
Learn about the NorthWind Land Resources data breach by BrainCipher ransomware, which exposed 3TB of client financial records, internal documents, and employee PII on January 29, 2026.
A recent Trello data breach has exposed the personal data of 15 million users, now circulating on the dark web. Learn what information was leaked and how to protect yourself.
Fortinet has confirmed active exploitation of a FortiCloud SSO bypass affecting fully patched FortiGate firewalls. Learn about the vulnerability and critical mitigation steps.
Fortinet has confirmed active zero-day attacks exploiting an unpatched SAML SSO vulnerability. Learn about the threat and crucial steps to protect your systems.
Cisco addresses a critical remote code execution (RCE) zero-day vulnerability actively exploited in Unified Communications products. Learn about the fix and urgent patch recommendations.
Learn how Large Language Models are becoming increasingly adept at finding and generating exploits for software vulnerabilities, impacting cybersecurity.
Discover how a recent phishing attack compromised credentials, bypassed MFA, and installed LogMeIn RMM for persistent access, highlighting evolving cyber threats and the importance of robust defenses.
An investigation is underway after 72 million Under Armour records reportedly surfaced online, raising significant cybersecurity concerns for user data.
A recent House Homeland Security Committee hearing examined the growing cyber, drone, and AI risks targeting US transportation and critical infrastructure sectors, highlighting urgent security needs.
NIST has begun a major overhaul of SP 800-82, its “Guide to Industrial Control System (ICS) Security,” to provide stronger operational technology (OT) cybersecurity guidance in the USA. This update…
Marlink Cyber has exposed a critical denial-of-service vulnerability in ISC BIND DNS software, posing a significant threat to global critical infrastructure. Learn about the flaw and mitigation strategies.
A widespread Microsoft infrastructure failure caused significant disruptions to Outlook, Teams, and Azure services for users across the United States. Learn about the impact of this major outage.
The Tycoon phishing kit now employs HTML table-built QR codes to evade detection, posing a new threat for organizations. Learn how this technique works and bolster your defenses against credential…
Discover the new Osiris ransomware strain, which utilizes the POORTRY driver in Bring Your Own Vulnerable Driver (BYOVD) attacks. Learn about its emergence and targeted campaigns in Southeast Asia.
A critical Fortinet SSO vulnerability is being actively exploited to gain unauthorized admin access to firewalls. Learn about the threat and essential mitigation steps to protect your network.
Oracle’s January 2026 Critical Patch Update delivers 337 security fixes, including urgent resolutions for CVE-2025-66516 and CVE-2026-21962, crucial for enterprise security.
Discover how a malicious PyPI package, “symphony,” impersonates SymPy to deploy an XMRig cryptocurrency miner on Linux hosts. Learn about this software supply chain attack and how to protect your…
Discover the critical vulnerabilities recently identified in the Chainlit AI framework, which can lead to unauthorized cloud environment takeovers. Learn about the impact and importance of securing AI development.
CISA has added CVE-2026-20045, a critical code injection vulnerability affecting Cisco Unified Communications products, to its Known Exploited Vulnerabilities Catalog. Learn about this urgent threat and required mitigation steps for…
Discover how the European Commission’s proposed revised Cybersecurity Act aims to boost EU cyber resilience and secure ICT supply chains with enhanced certification and ENISA’s strengthened role.
Discover how an indirect prompt injection vulnerability in Google Gemini led to the exposure of sensitive calendar data. Learn about the mechanics of this AI security flaw and its implications…
You must be logged in to post a comment.