Cybersecurity News

The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. [...]...

The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform. The post Iranian Cyber Group Handala Claims Cal Water Hack appe...

The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honey...

The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs. The post Chrome 149 Update Patches 28 Vulnerabilities appeared firs...

An AI hacker claims to have achieved a prompt-based jailbreak shortly after Fable 5’s launch, but Anthropic says it’s not a real jailbreak. The post Anthropic Disputes Fable 5 AI J...

Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. The post Google Confirms Exploitation of Oracle PeopleSoft Zero...

Phishing attack volume has declined by approximately 20% over the past reporting period, according to new data highlighted by Dark Reading, but the decline tells a misl...

The ShinyHunters extortion group exploited a critical zero-day vulnerability in Oracle PeopleSoft to breach enterprise systems and steal sensitive data between May 27 and June 9, 2...

Two independent security teams have disclosed serious weaknesses in OpenClaw, a popular self-hosted AI agent, showing how ordinary-looking inputs can be weaponized to execute attac...

Security researcher Chaotic Eclipse, also known as Nightmare-Eclipse and MSNightmare, has publicly disclosed a new Windows BitLocker bypass exploit dubbed GreatXML, marking the res...

Kyushu Electric Power Co., Inc., one of Japan's largest regional electric utilities serving over 12.6 million residents across the Kyushu region, has disclosed a physical security ...

In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be veri...

Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively explo...

Initial methods suggest attackers had likely mapped out Ivanti's asset landscape upfront and acted quickly once the exploit became public....

A new deep-dive into The Gentlemen ransomware operation reveals that the financially motivated threat group has claimed 478 victims since emerging in March 2025, and now operates a...

The 2026 Cybersecurity Stars Awards have officially announced winners across 95 subcategories spanning four main award pillars, spotlighting the often-unseen work that keeps organi...

The latest threat intelligence roundup reveals a staggering expansion of the identity-based attack economy, with Flashpoint reporting that infostealer infections on more than 11.1 ...

Law enforcement agencies across 11 countries have jointly dismantled "AudiA6," a cryptocurrency laundering service that processed more than $380 million in illicit proceeds for ran...

AI-driven attacks are exposing the limits of fragmented MSP security stacks and slow response workflows. Kaseya breaks down why integrated security, automation, and recovery are be...

​​The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 millio...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that prioritizes security updates for Federal Civilian Execut...

Operational technology security remains as difficult as ever, with even the best practice recommendation falling short....

Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. The post Oracle Addresses PeopleSoft Vulnerabilit...

As alert volumes outpace human capacity, organizations are turning to AI, automation, and deeper context to separate real threats from the noise. The post Alert Fatigue Is Becoming...

The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal Agencies to Prioritize...

Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution te...

An amendment by Sen. Kirsten Gillibrand (D-NY) to the chamber’s fiscal 2027 national defense authorization bill that would have created the digital-focused service was defeated 14-...

Great Marlow School, which has 1,428 pupils according to the Department for Education (DfE), said it was set to remain closed while it works with specialist IT and cybersecurity pr...

Denis Obrezko, 36, made his initial appearance in federal court in Boston on Tuesday after being transferred to U.S. custody from Thailand, where he was arrested last November....

According to the university’s statement, it is still working to understand what data has been accessed and said it had already directly contacted affected students and alumni, pote...