Analysis of 1 billion CISA KEV remediation records reveals a breaking point for human-scale security. Qualys shows most critical flaws are exploited before defenders can patch them.
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for...
A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan.
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from...
Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December.
Heard of fileless malware? How about malwareless cyber espionage? Russia's APT28 is spying on global organizations by modifying just one DNS...
A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix attack that tricked...
CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager...
Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic. This critical flaw has gone undetected for...
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication,...
Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM...
In the rapid evolution of the 2026 threat landscape, a frustrating paradox has emerged for CISOs and security leaders: Identity programs are...
Threat actors are actively exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform. This...
Exploit code for an unpatched Windows privilege escalation flaw has been released. This vulnerability was privately reported to Microsoft. It...
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS)...
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate...
Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability. This...
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable...
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store. This discovery comes...
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware.
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online. This exposure occurs amid ongoing attacks...
A new malware-as-a-service, named CrystalRAT, is actively promoted on Telegram. It offers a range of malicious capabilities, including remote...
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited...
Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on...
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times.
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS)...
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how...
Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year.
Intruder's Chris Wallis argues mid-market teams should prioritize CVE remediation speed over vulnerability counts, while expanding defenses beyond...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to...
