網路安全資訊

OpenAI on Friday rolled out a limited preview of GPT-5.6, introducing three variants—Sol, Terra, and Luna—to select partners and U.S. government agencies. Sol serves as the new fla...

A newly uncovered cyber-espionage campaign dubbed StrikeShark is leveraging a previously undocumented malware loader called SharkLoader to deliver Cobalt Strike Beacon on compromis...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive requiring federal agencies to patch a critical Cisco Unified Communications Manager ...

A serious flaw in the Linux kernel's traffic-control subsystem, tracked as CVE-2026-46331 and nicknamed "pedit COW," allows a local unprivileged user to escalate to root on vulnera...

This week's threat landscape blended privacy innovation with two decades of dormant risk. Cloudflare announced a partnership with Google Chrome, Microsoft Edge, and Mozilla Firefox...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning on Tuesday that a critical security flaw in Lantronix EDS5000 Series serial-to-IP converte...

Cybersecurity researchers at Novee Security have identified a critical class of CI/CD workflow misconfiguration dubbed "Cordyceps" that exposes more than 300 high-impact GitHub rep...

Threat actors are actively exploiting a critical vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition, tracked as CVE-2026-2...

A critical vulnerability in Cisco's Unified Communications Manager (Unified CM) is being actively exploited in the wild, according to exploit intelligence firm Defused. The flaw, t...

A senior U.S. official confirmed to The Associated Press that Anthropic's Mythos artificial intelligence model identified vulnerabilities in highly sensitive and classified governm...

A Russian-speaking initial access broker (IAB) has been linked to a massive credential-harvesting campaign called FortiBleed, which has compromised over 430,000 FortiGate firewalls...

President Trump signed Executive Order 14409 on June 22, establishing firm deadlines for federal agencies to migrate high-value assets and high-impact systems to post-quantum crypt...

OpenAI announced on Monday the release of GPT-5.5-Cyber, an upgraded version of its cybersecurity-focused large language model, made available to trusted defenders through the Dayb...

Multiple premium WordPress plugins from ShapedPlugin were compromised in a sophisticated supply chain attack after unknown threat actors tampered with the vendor's official release...

Cybersecurity researchers at Zafran Security have disclosed four vulnerabilities in Dify, the open-source agentic workflow platform boasting more than 146,000 GitHub stars, that co...

Threat actors are actively exploiting a recently patched information disclosure vulnerability in the Gravity SMTP WordPress plugin, installed on roughly 100,000 websites. Tracked a...

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 SoCs. ...

Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on over 100,000 websites. Tra...

Microsoft researchers have disclosed AutoJack, an exploit chain that weaponizes an AI browsing agent into a remote code execution vector. By luring a local agent to render an attac...

Apple has released a firmware update for its Beats Studio Buds wireless earbuds to remediate a high-severity Bluetooth vulnerability, tracked as CVE-2025-20701, that allowed nearby...

A critical Splunk Enterprise vulnerability tracked as CVE-2026-20253 is being actively exploited in the wild just days after its public disclosure, prompting urgent warnings from s...

F5 has released emergency security updates to address two critical vulnerabilities in NGINX Open Source, both carrying a CVSS v4 score of 9.2, that could allow remote unauthenticat...

Microsoft has resolved a known issue that caused the June 2026 security updates to fail on Windows Server 2016 systems that were not up to date. The bug primarily affected IT admin...

F5 has issued out-of-band security updates to remediate two critical-severity vulnerabilities in its NGINX web server software that could allow unauthenticated remote attackers to ...

Microsoft has officially acknowledged a new zero-day vulnerability in its Microsoft Defender antivirus engine, codenamed "RoguePlanet." The flaw, tracked as CVE-2026-50656, carries...

Security teams today are drowning in findings but starving for context. Vulnerability scanners, CSPM tools, endpoint detection platforms, attack surface monitors, SAST scanners, an...

A newly discovered data leak dubbed "FortiBleed" has exposed a massive trove of Fortinet and FortiGate VPN credentials spanning 73,932 firewall URLs across 194 countries. Security ...

A new analysis of 3,000 organizational attack surfaces reveals that unnecessary internet-facing services remain the weakest link in enterprise defense. Intruder's 2026 Attack Surfa...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity flaw in Widget Factory's Joomla Content Editor (JCE) to its Known Exploited Vulnerabil...

A critical vulnerability in Google Cloud's Vertex AI SDK for Python allowed attackers to hijack machine learning model uploads and execute arbitrary code inside Google's serving in...

A newly disclosed technique dubbed GhostTree exploits a little-known feature of the Windows NTFS file system to conceal malware from security scanners. By creating recursive direct...

Threat intelligence firm Defused Cyber has reported active in-the-wild exploitation of three critical vulnerabilities in Fortinet FortiSandbox appliances over the past 24 hours. Th...

A critical vulnerability in SimpleHelp remote management software, tracked as CVE-2026-48558, enables unauthenticated attackers to create privileged Technician accounts on servers ...

Researchers at Obsidian Security have disclosed a three-vulnerability chain in LiteLLM, a widely deployed open-source AI gateway that brokers calls to more than 100 model providers...

Researchers at Varonis Threat Labs have disclosed a critical chain of three vulnerabilities in Microsoft 365 Copilot's Enterprise Search feature that, if exploited, would have allo...

Google has rolled out emergency security updates for Chrome to patch CVE-2026-11645, a high-severity out-of-bounds memory access vulnerability in the V8 JavaScript and WebAssembly ...

Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a high-severity authentication bypass vulnerability (CVSS 7.8) affecting the GlobalProtect VPN portal and gat...

Splunk has rolled out emergency security patches for a critical vulnerability in Splunk Enterprise that allows remote attackers to execute arbitrary code without any authentication...

Security researchers at application security firm Aikido have disclosed a severe authentication bypass vulnerability in phpBB, the widely used open-source forum platform, that h...

ShinyHunters, one of the most prolific data extortion groups active today, has weaponized a critical zero-day vulnerability in Oracle's enterprise resource planning (ERP) software ...

Cybersecurity researchers at Tenet Security have uncovered a new attack class dubbed “Agentjacking” that tricks AI coding agents into executing arbitrary code on developer machines...

Cybersecurity researchers at Check Point have disclosed three now-patched vulnerabilities in LangGraph, the open-source framework from LangChain used to build stateful, multi-agent...

Microsoft has resolved a long-standing known issue that caused Windows updates released since May 2025 to fail when deployed via the Windows Update Standalone Installer (WUSA) from...

The ShinyHunters extortion group exploited a critical zero-day vulnerability in Oracle PeopleSoft to breach enterprise systems and steal sensitive data between May 27 and June 9, 2...

Two independent security teams have disclosed serious weaknesses in OpenClaw, a popular self-hosted AI agent, showing how ordinary-looking inputs can be weaponized to execute attac...

Security researcher Chaotic Eclipse, also known as Nightmare-Eclipse and MSNightmare, has publicly disclosed a new Windows BitLocker bypass exploit dubbed GreatXML, marking the res...

GitHub has announced sweeping "breaking changes" coming to npm version 12, scheduled for release next month, including a default-off setting for install scripts designed to disrupt...

For three decades, vulnerability management depended on a buffer: the months between disclosure and weaponization. Triage by severity, schedule remediation, validate, and move on. ...

Attackers are weaponizing CVE-2026-5027, a high-severity path traversal vulnerability in the open-source AI development platform Langflow, to write arbitrary files onto exposed ser...

Fortinet, Ivanti, and SAP have rolled out urgent security updates addressing multiple critical vulnerabilities that could enable arbitrary code execution, authentication bypass, an...

A high-severity, unpatched flaw in Langflow—the open-source low-code platform for building AI applications—is now under active exploitation in the wild, according to findings from ...

A clean penetration test report may look reassuring, but security leaders should read it as a warning sign, not a victory lap. According to Autumn Stambaugh and Can Yüceel of Picus...

Microsoft released fixes for a record 206 security vulnerabilities on Tuesday as part of its June 2026 Patch Tuesday cycle, including three publicly disclosed zero-day flaws. Of th...

Cybersecurity researchers at Cyera have disclosed six vulnerabilities in protobuf.js, a widely used JavaScript and TypeScript implementation of Google's Protocol Buffers serializat...

Anthropic has begun rolling out Claude Fable 5, a new AI model built on the same foundation as its powerful Mythos class. When Anthropic first unveiled Mythos, the company warned t...

Veeam has shipped an emergency patch for a critical remote code execution vulnerability in its widely deployed Backup & Replication platform. Tracked as CVE-2026-44963, the flaw ca...

ServiceNow disclosed a security incident on June 9, 2026, revealing that attackers exploited an unauthenticated access flaw in a REST API endpoint to query data from hosted custome...

Two Russia-aligned cyber-espionage campaigns have continued weaponizing CVE-2025-8088, a path-traversal vulnerability in WinRAR patched in July 2025, to compromise Ukrainian organi...

Researchers at Graz University of Technology have unveiled FROST, a new side-channel attack that lets any malicious website determine which sites you visit and which applications y...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity command injection vulnerability in BerriAI LiteLLM to its Known Exploited Vulnerabilities...

Google on Monday rolled out Chrome 149, a critical security update that patches 74 vulnerabilities, including a high-severity zero-day flaw actively exploited in the wild. The vuln...

Security researchers have released a fully working exploit for CVE-2026-23111, a one-character use-after-free vulnerability in the Linux kernel's nf_tables packet-filtering subsyst...

Microsoft has rolled out a new protective measure in Visual Studio Code (VS Code) 1.123 that delays automatic extension updates by two hours, aiming to curb the rising tide of soft...

Fortinet researchers have uncovered a new variant of the Gafgyt botnet, dubbed C0XMO, which exploits a long-known buffer overflow vulnerability in DD-WRT router firmware (CVE-2021-...

Seattle-based cybersecurity startup Emphere has secured $2.1 million in pre-seed funding from AI2 Incubator and Outsiders Fund to advance its AI-driven vulnerability remediation pl...

Hackers are actively exploiting a critical unauthenticated remote code execution (RCE) vulnerability in the Everest Forms Pro WordPress plugin to seize full control of vulnerable w...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity denial-of-service vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabiliti...

A security startup called depthfirst reported 21 previously unknown vulnerabilities in FFmpeg, the ubiquitous open-source media library, all uncovered by an autonomous AI agent. Th...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that threat actors are actively exploiting a recently patched high-severity vulnerability in SolarWin...

Threat actors are actively weaponizing a critical remote code execution vulnerability in the Everest Forms Pro WordPress plugin, putting an estimated 4,000 active installations at ...

Cisco has released a patch for a server-side request forgery (SSRF) vulnerability in Unified Communications Manager (Unified CM) and its Session Management Edition that allows an u...

The Cybersecurity and Infrastructure Security Agency (CISA) will release a binding operational directive (BOD) to federal agencies by the end of the week, directing them on how to ...

A single malicious notification pushed through WhatsApp, Slack, SMS, Signal, Instagram, or Messenger was enough to hijack Google Gemini's voice assistant on Android, according to r...

A single leftover debug flag in production builds of several Microsoft 365 Android applications disabled a critical security check, allowing any app installed on the same device to...

Redis has patched a use-after-free vulnerability in its blocking-client code that allows an authenticated user to execute arbitrary OS commands on the host running the database. Tr...

Cybersecurity researchers have disclosed a critical one-click attack chain that abuses Microsoft Visual Studio Code (VS Code) webviews to steal fully scoped GitHub OAuth tokens. Di...

Assume the breach. Zero-days continue to ship faster than patches, and AI-assisted exploit development has rendered the "patch everything in time" strategy obsolete for most organi...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity vulnerabilities—one in the Android Framework and another in the Linux kernel—to its Kno...

Cybersecurity researchers at Huntress have disclosed an unpatched vulnerability in the Windows "search:" URI handler that can be weaponized to leak a user's NTLMv2 hash to a remote...

Cybersecurity researchers at Calif have disclosed a new remote denial-of-service vulnerability dubbed "HTTP/2 Bomb" that affects five major web server platforms: NGINX, Apache HTTP...

Acer has confirmed it is actively developing patches for two maximum-severity zero-day vulnerabilities impacting its Wave 7 mesh routers. Both flaws were reported by independent se...

Google has rolled out its June 2026 Android security bulletin, addressing 124 vulnerabilities across the mobile operating system, including a high-severity privilege escalation fla...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Oracle WebLogic Server flaw, tracked as CVE-2024-21182, to its Known Exploited Vulnerabil...

The window between vulnerability disclosure and indiscriminate exploitation has collapsed from days to hours, driven by AI-powered tooling that automates discovery, reproduction, a...

Palo Alto Networks has issued a critical warning regarding CVE-2026-0257, a medium-severity authentication bypass vulnerability affecting PAN-OS and Prisma Access with a CVSS score...

A critical security vulnerability (CVE-2026-8732) in the WP Maps Pro WordPress plugin is being actively exploited by threat actors to create malicious administrator accounts on vul...

Security researchers have identified active exploitation of a critical zero-day vulnerability in the WP Maps Pro WordPress plugin, tracked as CVE-2026-8732 with a severity rating o...

Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a medium-severity authentication bypass vulnerability (CVSS 7.8) affecting PAN-OS and Prisma Access GlobalPro...

Security researchers at Permiso Security have uncovered a critical vulnerability in OpenAI's ChatGPT, dubbed ChatGPhish, that transforms the AI assistant's web summarization featur...

Sysdig researchers have documented a sophisticated cyberattack where threat actors deployed a large language model (LLM) agent to automate post-exploitation activities following th...

Security researchers at Red Access have uncovered a alarming trend in enterprise data exposure through what they term the 'Shadow Builders' phenomenon. In a comprehensive investiga...

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, enabling authenticated users to execute arbitrary code on affected serv...

Microsoft has strongly advocated for Coordinated Vulnerability Disclosure (CVD) following a public disclosure of multiple zero-day vulnerabilities affecting Windows components, inc...

Microsoft has released security updates addressing a critical remote code execution vulnerability, tracked as CVE-2026-45659, affecting Microsoft SharePoint Server across multiple ...

A critical high-severity vulnerability (CVE-2026-5426, CVSS 7.5) in Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) widely used in Japan, was actively exploi...

Threat actors are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980, CVSS 9.4) to compromise over 700 websites across multiple sectors includi...

A coordinated campaign is actively exploiting a critical SQL injection flaw (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript that drives a ClickFix attack flow. Discove...

Anthropic's Project Glasswing initiative has uncovered more than 10,000 high- or critical-severity vulnerabilities across systemically important software globally since its launch ...

The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new nomination form enabling security researchers, vendors, and industry partners to submit vulnerabiliti...

Google inadvertently exposed technical details of an unfixed Chromium vulnerability that allows JavaScript to persist in the background after the browser is closed, effectively giv...

Microsoft has disclosed two actively exploited vulnerabilities in Microsoft Defender—a privilege escalation flaw and a denial-of-service bug—both now under active exploitation in t...

A critical vulnerability, tracked as CVE-2026-45829, has been discovered in ChromaDB's Python FastAPI implementation, allowing unauthenticated attackers to exec...

Multiple enterprise software vendors have released critical security patches addressing severe vulnerabilities that could allow remote code execution, authentication bypass, and pr...

Security researchers are warning that a new generation of AI agents capable of autonomously discovering and exploiting obscure vulnerabilities is fundamentally altering the threat ...

A critical Windows privilege escalation zero-day exploit, dubbed "MiniPlasma," has been publicly released, enabling attackers to gain SYSTEM-level access on fully patched Windows s...

A critical heap buffer overflow vulnerability in NGINX's ngx_http_rewrite_module, tracked as CVE-2026-42945 with a CVSS score of 9.2, is now under active exploitation mere days aft...

Security researcher Justin O'Leary has disclosed a critical vulnerability in Microsoft Azure Backup for Azure Kubernetes Service (AKS) that allowed privilege escalation from a low-...

A critical vulnerability in the Funnel Builder plugin for WordPress, used by over 40,000 WooCommerce stores, is being actively exploited to inject malicious JavaScript into checkou...

Technical details and proof-of-concept (PoC) exploit code targeting a newly patched critical-severity vulnerability in NGINX are now publicly available. Tracked as CVE-2026-42945 w...

Bitdefender's analysis of 700,000 high-severity incidents reveals that legitimate-tool abuse now accounts for 84% of attacks, fundamentally reshaping how organizations must approac...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-20182, a critical authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller...

Palo Alto Networks has released emergency patches for CVE-2026-0300, a critical buffer overflow vulnerability in the User-ID Authentication Portal service of PAN-OS software. The f...

Security researchers have identified Fragnesia, a new local privilege escalation (LPE) vulnerability in the Linux kernel affecting multiple distributions. Tracked as CVE-2026-46300...

Security researcher Chaotic Eclipse (also known as Nightmare-Eclipse) has disclosed two critical zero-day vulnerabilities affecting Windows systems: YellowKey, a BitLocker bypass a...

Security researchers at QiAnXin XLab have identified active exploitation of CVE-2026-41940, a critical authentication bypass vulnerability affecting cPanel and WebHost Manager (WHM...

The cybersecurity industry’s beloved “purple team” concept is broken by design. According to data from CISA KEV, VulnCheck KEV, and ExploitDB, the mean time from ...

Cybersecurity researchers have identified a critical out-of-bounds read vulnerability (CVE-2024-37054) in Ollama, the popular open-source large language model (LLM) deployment fram...

cPanel Inc. has pushed a critical set of patches for its flagship hosting control panel software, addressing three distinct security flaws in both cPanel and the accompanying Web H...

U.S. authorities have apprehended a suspect allegedly responsible for compromising rail signaling systems, marking a rare enforcement action against attacks on transportation netwo...

Poland's Computer Security Incident Response Team (CERT Polska) has disclosed a series of intrusion campaigns targeting Industrial Control Systems (ICS) at five municipal water tre...

Security researchers at Cisco Talos have disclosed a critical flaw in the Claude Chrome extension (version 2.3.0) that lets remote attackers hijack the AI agent by abusing the exte...

Ivanti has issued an emergency patch for a critical zero‑day vulnerability in its Endpoint Manager Mobile (EPMM) platform, tracked as CVE‑2026‑6973. The flaw, rated 9.1 on the CVSS...

A recent analysis of more than 25 million security alerts collected from a dozen global security operations centers (SOCs) over a six‑month period reveals that low‑severity events ...

Security researchers have disclosed a critical unpatched local privilege escalation (LPE) vulnerability in the Linux kernel, tracked as CVE-2026-3157, dubbed 'Dirty Frag.' The flaw...

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal civilian agencies to patch a critical vulnerability in Ivanti Endpoi...

Security researchers have disclosed a critical Linux zero-day vulnerability, dubbed 'Dirty Frag,' that enables local attackers to escalate privileges to root on most major Linux di...

Palo Alto Networks has confirmed the active exploitation of a critical zero-day vulnerability affecting its PAN-OS firewall software. The flaw, tracked as CVE-2024-3400 and rated c...

Ivanti has released a critical advisory warning of a high‑severity flaw in its Endpoint Manager Mobile (EPMM) product, tracked as CVE‑2026‑6973 and rated 7.2 on the CVSS scale. The...

Cybersecurity researchers have uncovered a new credential‑stealing framework called PCPJack that aggressively targets exposed cloud infrastructure and propagates in a worm‑like fas...

Palo Alto Networks released an advisory on April 8 2026 warning of a critical remote‑code‑execution (RCE) vulnerability in its PAN‑OS firmware (CVE‑2026‑2024, CVSS 10.0). The flaw ...

The first week of 2026 has been marked by a confluence of critical vulnerabilities and aggressive threat campaigns that underscore the continuing fragility of enterprise and indust...

Security researchers have disclosed twelve critical vulnerabilities in the popular vm2 Node.js sandbox library, collectively enabling attackers to escape the sandbox environment an...

On March 12, 2025, the ShinyHunters ransomware group successfully compromised Instructure, the maker of the Canvas learning management system, by exploiting a previously unknown vu...

Ivanti has released an emergency patch for a critical remote‑code‑execution (RCE) vulnerability in its Endpoint Manager Mobile (EPMM) product. Tracked as CVE‑2023‑XXXXX with a CVSS...

Security researchers at the TrustFall convention have disclosed a critical vulnerability that allows malicious code repositories to trigger arbitrary code execution in several popu...

Palo Alto Networks issued an urgent advisory warning customers that a critical‑severity zero‑day vulnerability in its PAN‑OS firewall software has been actively exploited by suspec...

Security researchers at Mandiant and Dragos have documented what they are calling the world's first fully AI-integrated cyberattack campaign targeting operational technology (OT) i...

Cybersecurity researchers have identified a new Mirai-variant botnet designated as xlabs_v1 that actively exploits the Android Debug Bridge (ADB) interface to compromise internet-c...

Google has announced a significant expansion of its Binary Transparency initiative for Android, introducing a public verification mechanism designed to protect the ecosystem from s...

Palo Alto Networks has issued an urgent security advisory regarding a critical buffer overflow vulnerability, tracked as CVE-2026-0300, affecting multiple versions of PAN-OS softwa...

A threat actor known as ShinyHunters has claimed responsibility for a cyberattack against Instructure, the company behind the widely deployed Canvas learning management system (LMS...

As the conflict with Iran intensifies, cyber operatives have turned their focus on the United Arab Emirates, with breach attempts spiking threefold over the past few weeks. Securit...

A critical sandbox‑escape flaw (CVE‑2023‑48927) has been uncovered in vm2, the widely‑used Node.js sandboxing library. The vulnerability, discovered by security researcher Alex Tsv...

Cisco has released patches for a high‑severity denial‑of‑service (DoS) vulnerability affecting its Crosswork Network Controller and Network Services Orchestrator (NSO) products. Tr...

Palo Alto Networks issued an emergency advisory on Tuesday warning customers that a critical, as‑yet‑unpatched remote‑code‑execution (RCE) flaw in the PAN‑OS User‑ID Authentication...

The Apache Software Foundation has released emergency security updates addressing CVE-2026-23918, a critical vulnerability in the Apache HTTP Server's HTTP/2 module that enables de...

A sophisticated supply‑chain compromise has been uncovered in the popular disc‑imaging suite DAEMON Tools, after security researchers at Kaspersky detected a malicious payload embe...

In the past twelve months, enterprises have rushed to embed AI‑powered writing assistants, workflow automations and productivity plugins into their Google Workspace and Microsoft 3...

Security researchers at VulnCheck have identified active exploitation of a critical remote‑code‑execution flaw in MetInfo, an open‑source content management system. The vulnerabili...

A joint research effort by the Security Research Lab (SRL) and the AI Security Initiative (AISI) scanned over one million publicly reachable AI endpoints across IPv4 space between ...

Security researchers have confirmed that the enterprise office‑automation platform Weaver E‑cology, developed by Fanwei, is being actively exploited in the wild. The flaw, tracked ...

The UC Berkeley Center for Long-Term Cybersecurity (CLTC) has launched a dedicated research hub designed to bridge the cybersecurity gap for schools, local governments, and non‑pro...

When Alex Rivera, "CISO of Globex Systems", commissioned a penetration test in Q3 2023, his first decision was to define a precise scope that included internal VLAN segmentation, c...

A new proof‑of‑concept (PoC) published by security researcher Alex Chen of CyberX Labs shows that Microsoft Edge stores user passwords in plaintext within the browser’s process mem...

In 2004, penetration tester Steve Stasiukonis of the security firm “SecureX” conducted a USB drop experiment at a regional credit union in the Pacific Northwest. Armed with a batch...

On 12 March 2026, Taiwanese authorities arrested a 23‑year‑old university student for allegedly compromising the TETRA (Terrestrial Trunked Radio) communication network that underp...

HeroDevs released a new analysis showing that end‑of‑life (EOL) open‑source components create systematic blind spots in CVE feeds and the Software Composition Analysis (SCA) tools ...

Security researchers have uncovered a new variant of the CloudZ remote‑access trojan (RAT) that delivers a previously undocumented plugin named Pheno. This plugin exploits the Micr...

Modern DevSecOps pipelines lean heavily on CVE feeds such as the National Vulnerability Database (NVD) and Software Composition Analysis (SCA) tools like Snyk, Synopsys Black Duck,...

Progress Software has released urgent updates for MOVEit Automation (formerly Central) that address two security flaws, the most severe of which is a critical authentication bypass...

This week’s threat landscape was dominated by an AI‑augmented phishing surge that dramatically lowered the barrier for credential theft. Researchers at Cisco Talos documented a cam...

Security researchers have uncovered an active campaign by a previously unknown threat group that is exploiting a critical, as‑yet‑unpatched vulnerability in cPanel to infiltrate go...

A critical authentication bypass flaw in cPanel and its associated WebHost Manager (WHM) interface was publicly disclosed on March 5, 2026, sending shockwaves through the web‑hosti...

Security researchers have identified a critical remote‑code‑execution flaw in Weaver E‑cology, a widely deployed office‑automation platform. The vulnerability, tracked as CVE‑2026‑...

Progress Software has issued an urgent security advisory for a critical authentication bypass vulnerability in its MOVEit Automation managed file transfer (MFT) platform. Tracked a...

CISA warned Monday that threat actors have begun actively exploiting a newly disclosed Linux kernel vulnerability dubbed “Copy Fail,” just one day after Theori security researchers...

Microsoft has confirmed that the security updates released on April 2026 for Windows are causing serious failures in third‑party backup applications that rely on the psmounterex.sy...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-31431, a critical Linux kernel privilege escalation vulnerability, to its Known Exploited Vulner...

On March 24, 2026, Microsoft Defender began flagging legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha after a signature update. The detection impacted multiple...

A newly disclosed vulnerability in cPanel, tracked as CVE-2026-41940, is being actively exploited in the wild as part of a coordinated ransomware campaign dubbed "Sorry." Security ...

Microsoft has begun rolling out a preview of a modernized Run dialog for Windows 11, promising a noticeable boost in responsiveness and the addition of a native dark mode. The upda...

The rapid adoption of AI agents in production environments has uncovered a troubling trend: systems that are supposed to enhance operational efficiency are instead causing catastro...

Dark Reading is inviting security professionals and enthusiasts to take part in a caption contest that reflects on two decades of cybersecurity evolution. The competition, titled "...

Microsoft has resolved a long‑standing rendering bug that caused newly added Remote Desktop Protocol (RDP) file security warnings to appear malformed on Windows 10 (versions 20H2, ...

Microsoft has expanded its Windows 11 in‑box app removal policy by adding a dynamic list that lets IT administrators select exactly which pre‑installed Microsoft Store applications...

Microsoft released the optional cumulative update KB5083631 for Windows 11 22H2, delivering 34 changes that span new functionality, performance tweaks, and critical security patche...

Law enforcement agencies in the United States and Europe have dismantled a sprawling SMS phishing campaign that leveraged fake cellular base stations, known as IMSI catchers, to bl...

A threat actor identified as TeamPCP has extended its supply‑chain assault to the SAP cloud application development ecosystem, compromising several npm packages that are integral t...

Security researchers using an AI-driven static analysis engine called Sentinel have uncovered a nine‑year‑old flaw in the Linux kernel’s netfilter subsystem. The vulnerability, tra...

Oracle Red Bull Racing has launched a sweeping automation initiative aimed at embedding security directly into the team’s high‑velocity development pipelines. With the pit wall and...

Security researchers at Qualys have disclosed a high‑severity local privilege escalation flaw in the Linux kernel that they have dubbed "Copy Fail" (CVE‑2023‑4256). The vulnerabili...

Google has successfully patched a maximum severity vulnerability (CVSS 10) in its Gemini CLI tool, specifically affecting the "@google/gemini-cli" npm package and the "google-githu...

Security researchers at Wiz have leveraged an AI‑powered reverse‑engineering engine to uncover a high‑severity flaw in GitHub’s continuous integration infrastructure that would hav...

Security researchers using an AI‑driven code analysis platform identified 38 distinct vulnerabilities in the OpenEMR electronic health record (EHR) system, including 12 rated criti...

Security teams across industries are increasingly discovering that traditional vulnerability management approaches fail to accurately represent organizational risk. Despite closing...

cPanel and its WebHost Manager (WHM) product line contain a critical authentication flaw that could allow a remote attacker to bypass login controls and gain full control of the ho...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security flaws—one affecting ConnectWise ScreenConnect and the other targeting Microsoft Win...

Security researchers have confirmed active exploitation of CVE-2026-42208, a critical SQL injection vulnerability in BerriAI's LiteLLM Python package. The flaw, which was disclosed...

Security researchers have observed a persistent escalation of the GlassWorm campaign, in which threat actors publish seemingly innocuous extensions for Visual Studio Code on the Op...

Security researchers from CyberSec Labs have identified a critical remote‑code‑execution (RCE) vulnerability in both GitHub.com and GitHub Enterprise Server. Tracked as CVE‑2026‑38...

The cyber‑crime group behind the VECT 2.0 ransomware has been observed deploying a strain that behaves more like a data‑wiper than conventional ransomware. In recent incidents targ...

In the rush to hybrid cloud adoption, many organizations treat data movement as a simple connectivity chore. Open a ticket, spin up an SFTP gateway, push the data across, and consi...

Cybersecurity researchers from Eclypsium have disclosed a critical, unpatched vulnerability in Hugging Face’s open‑source robotics framework LeRobot, which boasts nearly 24,000 Git...

Silverfort’s identity threat research team disclosed a critical misconfiguration in a Microsoft Entra ID administrative role designed for AI agents. The role, named “AI Service Adm...

Microsoft has updated its security advisory to confirm that a high‑severity vulnerability in Windows Shell, tracked as CVE‑2026‑32202, is being actively exploited in the wild. The ...

A critical unpatched vulnerability in Windows' Remote Procedure Call (RPC) mechanism, dubbed 'PhantomRPC,' enables privilege escalation attacks by exploiting architectural weakness...

Anthropic on April 7 released the public preview of Claude Mythos, a cybersecurity‑focused large language model built on the company’s latest transformer stack. The model ships wit...

A pro‑Ukrainian hacktivist collective known as PhantomCore has been conducting aggressive intrusions against Russian organizations since September 2025, focusing on servers that ru...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling a...

Tropic Trooper, the Chinese state‑sponsored threat group also tracked as KeyBoy and Pirate Panda, has broadened its operational scope with a fresh wave of attacks aimed at consumer...

A critical vulnerability in LMDeploy, the open‑source toolkit used to compress, deploy and serve large language models (LLMs), was publicly disclosed by the vendor on March 2026. T...

Cisco’s Talos threat intelligence unit has disclosed a critical memory‑handling vulnerability in Anthropic’s AI agent platform, tracked as CVE‑2024‑51432. The flaw resides in the m...

Bitwarden CLI versions 2024.1.0 and earlier have been compromised as part of a supply‑chain campaign linked to the Checkmarx name. Security researcher Alex Petrov of XYZ Security L...

The latest ThreatsDay bulletin from hackmyip.com details a series of high‑impact incidents that illustrate the stubborn persistence of familiar flaws in the security landscape. Top...

The webinar Mythos Reality Check: Beating Automated Exploitation at AI Speed, hosted by hackmyip.com and referenced by The Hacker News, revealed how modern threat actors are turnin...

Anthropic has announced Project Glasswing, an AI model designed to discover software vulnerabilities with unprecedented effectiveness. The company has taken the extraordinary step ...

Power‑grid operators have long wrestled with keeping servers and data‑center equipment fed with clean, stable electricity, but a new wave of cyber‑threats is turning the supply sid...

Mozilla has identified 271 security vulnerabilities in Firefox 150 using Anthropic's Mythos large language model, marking a significant milestone in AI-assisted code analysis. The ...

Security researchers at SentinelOne and CrowdStrike have disclosed three proof‑of‑concept (PoC) exploits that abuse Microsoft Windows Defender’s built‑in components to execute code...

Security researchers have identified a critical remote code execution vulnerability (CVE-2026-1731) in Bomgar Remote Monitoring and Management (RMM) software that threat actors are...

Google has released a patch for a critical remote code execution (RCE) vulnerability in its experimental AI product codenamed “Antigravity,” which provides agentic capabilities for...

A wave of newly disclosed flaws in serial-to-IP converters is raising alarms across the operational‑technology (OT) sector, with researchers warning that the devices act as a hidde...

WhatsApp has patched a critical flaw that allowed attackers to harvest user metadata simply by knowing a victim's phone number, according to a Dark Reading analysis published this ...

NIST's National Vulnerability Database (NVD) has historically been the primary source of enriched CVE data, attaching CVSS v3.1 vector strings, severity ratings, affected product C...

A new analysis published by Dark Reading warns that the most pressing security risk posed by artificial intelligence is not the emergence of novel code flaws, but the rapid amplifi...

NIST has announced a major overhaul of its Common Vulnerabilities and Exposures (CVE) program, shifting the focus of its National Vulnerability Database (NVD) toward high‑impact se...

Microsoft released its April 2026 Patch Tuesday updates today, delivering fixes for a record 167 security vulnerabilities across the Windows ecosystem, SharePoint Server, and relat...

Security researchers have linked a new wave of cyber‑attacks to Russia’s military intelligence, specifically the APT groups tied to the GRU, which are actively exploiting known vul...

Security researchers have identified a new iPhone-hacking toolkit, dubbed DarkSWord, that is being actively deployed by Russian-linked threat actors. The toolkit exploits a previou...

Security researchers have disclosed critical vulnerabilities affecting IP KVM (Keyboard, Video, Mouse) devices from four major manufacturers, potentially exposing thousands of ente...

Microsoft released its March 2026 Patch Tuesday security updates today, addressing 77 vulnerabilities across Windows operating systems, Microsoft Office, Azure, and other enterpris...

Security researchers at CyberEdge Labs have disclosed a new wireless attack they call AirSnitch that can circumvent WPA2‑ and WPA3‑based encryption in residential, office, and ente...

Even major online services that pride themselves on seamless login experiences are quietly exposing sensitive user data through SMS sign‑in links. Security researchers analyzing th...

Security researchers at NCC Group have disclosed a new Bluetooth pairing attack, dubbed WhisperPair, that exploits Google’s Fast Pair protocol to silently pair a malicious device w...

A leaked document published by the dark‑web user W1ckedG0pher has disclosed the full roster of Google Pixel phones that can be compromised by Cellebrite’s Universal Forensic Extrac...

Former WhatsApp security chief filed a lawsuit against Meta Platforms Inc., alleging that the company consistently placed user‑acquisition targets ahead of critical security measur...

Nintendo has alerted owners of its upcoming Switch 2 console that the built‑in GameChat feature creates temporary local copies of voice and text conversations, and that those recor...

Over the weekend, Nelnet Servicing, a major U.S. student‑loan servicer operating under contract with the Department of Education’s Federal Student Aid (FSA) office, disclosed a dat...

Cybercriminals are now hawking root access to tens of thousands of unpatched Chinese‑made surveillance cameras, a market that has surged after the disclosure of a critical remote‑c...

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency advisory on Tuesday urging organizations to immediately patch a critical command‑injection flaw in P...

Apple released emergency security updates for iOS and macOS on Thursday, addressing two separate zero‑day vulnerabilities that are being actively exploited in the wild. The patches...

Google has released an emergency update for Chrome, fixing the fifth zero‑day vulnerability identified this year. The flaw stems from insufficient validation of input in Chrome’s V...