Cybersecurity News

Adam Young, 42, and Harrison Gevirtz, 33, pleaded guilty to misprision of a felony after they were accused of offering phone numbers, call routing services, call tracking tools and...

Cybersecurity researchers from Lumen Technologies Black Lotus Labs have uncovered a sophisticated Linux malware campaign targeting a telecommunications provider in the Middle East ...

This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: a...

Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent App Store transaction...

Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishin...

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [....

Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. [...]...

A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. [...]...

AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent ide...

"Showboat" doesn't show off, but clearly it doesn't need to, as it's long helped China spy on small market communications providers....

The Underminr domain-fronting attack allows threat actors to modify Web requests and leverage trusted websites to cloak malicious activity....

Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges. The post Cisco Patches Critical Vulnerability in ...

The proposals would require researchers to cease activity the moment a vulnerability is identified, meaning they could not confirm it was real, assess its severity or determine its...

Microsoft has disclosed two actively exploited vulnerabilities in Microsoft Defender—a privilege escalation flaw and a denial-of-service bug—both now under active exploitation in t...

A threat actor recently obtained an AWS access key cached on a developer's workstation through standard browser behavior—no misconfiguration or policy violation required. This sing...

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS...

Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. [...]...

On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]...

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm ...

The company has developed a platform that uses specialized AI agents to inspect every incoming message. The post Ocean Emerges From Stealth With $28M for Agentic Email Security Pla...

The company blocked over 1.1 billion accounts and $2.2 billion in potentially fraudulent transactions. The post Apple Rejected 2 Million App Store Submissions in 2025 for Security ...

CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerabi...

The company will invest in its firewall, certified patches, protection extensions, new products, and team expansion. The post Socket Raises $60 Million at $1 Billion Valuation appe...

The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. The post Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Da...

More than 200 vulnerabilities patched in recent Chrome releases are marked as ‘reported by Google’. The post Google’s Surge in Chrome Vulnerability Discoveries Likely Driven ...

New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking. The post Supply Chain Security Crisis: To...

GitHub has officially confirmed that the breach of its internal repositories resulted from a compromise of an employee device involving a poisoned version of the Nx Console Microso...

Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege ...

Organizations are dramatically increasing investments in AI agent identity management as enterprise deployments accelerate, according to new research from Omdia. The study reveals ...

Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short....