Cybersecurity News

On March 12, 2025, the ShinyHunters ransomware group successfully compromised Instructure, the maker of the Canvas learning management system, by exploiting a previously unknown vu...

Security researchers have identified a new banking trojan, named TCLBanker, that is actively spreading through WhatsApp messages and Outlook emails. The campaign lures victims with...

Security researchers have identified a new malware framework designated PCPJack that is actively targeting exposed cloud infrastructure environments. The threat operates as a crede...

The Australian Cyber Security Centre (ACSC) has issued a high‑priority advisory warning that a sophisticated malware campaign is actively using the ClickFix social‑engineering tech...

Ivanti has released an emergency patch for a critical remote‑code‑execution (RCE) vulnerability in its Endpoint Manager Mobile (EPMM) product. Tracked as CVE‑2023‑XXXXX with a CVSS...

Organizations investing heavily in data loss prevention (DLP) solutions are discovering a critical blind spot: the browser has become the primary vector for inadvertent data exfilt...

Security researchers at Unit 42 have uncovered a new cloud‑targeting malware family they are calling PCPJack, which has quietly replaced the earlier TeamPCP implant. PCPJack distin...

Industry insiders are buzzing after reports surfaced that Tom Parker, a seasoned executive known for his boardroom operational expertise, may be the frontrunner to assume the helm ...

Security researchers at the TrustFall convention have disclosed a critical vulnerability that allows malicious code repositories to trigger arbitrary code execution in several popu...

Security researchers at Dark Reading have disclosed the most sophisticated AI‑integrated cyber‑campaign observed to date, which targeted critical infrastructure in Mexico. The oper...

Two U.S. nationals were sentenced to 18 months in federal prison each for managing laptop farms that facilitated North Korean IT workers in securing remote positions at nearly 70 A...

Ethan J. Rivera, a 20‑year‑old from Los Angeles, California, was sentenced on Friday to 78 months (6.5 years) in federal prison for his role in a sophisticated criminal operation t...

Modern cyber‑threats have evolved beyond the initial breach, with adversaries now targeting backup systems, encryption keys, and recovery pipelines to maximize impact. A new webina...

Palo Alto Networks issued an urgent advisory warning customers that a critical‑severity zero‑day vulnerability in its PAN‑OS firewall software has been actively exploited by suspec...

Security researchers have uncovered a phishing campaign that spoofs the official Anthropic Claude AI portal to distribute a new Windows backdoor dubbed “Beagle.” The fraudulent sit...

Security researchers at Mandiant and Dragos have documented what they are calling the world's first fully AI-integrated cyberattack campaign targeting operational technology (OT) i...

Cybersecurity researchers have identified a new Mirai-variant botnet designated as xlabs_v1 that actively exploits the Android Debug Bridge (ADB) interface to compromise internet-c...

The Iranian state-sponsored threat actor MuddyWater, also tracked as Mango Sandstorm, Seedworm, and Static Kitten, has been linked to a sophisticated cyberattack that leveraged Mic...

The Hacker News (THN) has officially opened the call for entries for the Cybersecurity Stars Awards 2026, an initiative designed to shine a spotlight on the behind‑the‑scenes work ...

According to Gartner's inaugural Market Guide for Guardian Agents, published in 2024, enterprise deployment of AI agents is accelerating at a pace that outstrips the development of...

Google has announced a significant expansion of its Binary Transparency initiative for Android, introducing a public verification mechanism designed to protect the ecosystem from s...

Security analysts have uncovered a sophisticated intrusion campaign leveraging the CloudZ remote access trojan (RAT) alongside a previously undocumented plugin called Pheno to targ...

Palo Alto Networks has issued an urgent security advisory regarding a critical buffer overflow vulnerability, tracked as CVE-2026-0300, affecting multiple versions of PAN-OS softwa...

Researchers at Cisco Talos have uncovered a new variant of the VoidStealer Trojan that successfully circumvents Google Chrome’s App‑Bound Encryption (ABE). The malware, tracked as ...

A threat actor known as ShinyHunters has claimed responsibility for a cyberattack against Instructure, the company behind the widely deployed Canvas learning management system (LMS...

Over the past two decades, a succession of high‑impact incidents has reshaped the cyber risk landscape, forcing organizations to constantly recalibrate their defenses. From the rev...

Security researchers have uncovered a sophisticated cyberattack campaign leveraging the Windows Phone Link application to steal text messages and circumvent two-factor authenticati...

As the conflict with Iran intensifies, cyber operatives have turned their focus on the United Arab Emirates, with breach attempts spiking threefold over the past few weeks. Securit...

A sophisticated phishing campaign is leveraging Google’s sponsored search ads to mimic the login page of ManageWP, GoDaddy’s platform for centrally managing large fleets of WordPre...

Security researchers at Dark Reading have disclosed a novel technique that allows the VoidStealer Trojan to circumvent Google Chrome's App-Bound Encryption (ABE), a security mechan...