網路安全資訊

A Slovakian national, Alan Bill, 33, was sentenced on Thursday to 16 years (192 months) in federal prison after pleading guilty to conspiracy to distribute controlled substances. B...

A federal jury in Virginia has convicted 39-year-old Richmond resident James E. Thornton on multiple charges stemming from a 2023 cyber intrusion that resulted in the deletion of 9...

On Thursday, May 30 2025, a coordinated cyber incident hit Instructure's Canvas learning management system, displaying a ransom note from an unidentified cybercriminal group to stu...

Kaspersky researchers have uncovered a convergence between the pro‑Ukraine hacktivist group BO Team and the advanced threat actor Head Mare, revealing that the two have begun shari...

Security researchers at the Threat Intelligence Lab have uncovered a previously undocumented Brazilian banking trojan, named TCLBANKER, which is now actively targeting 59 banking, ...

Trend Micro researchers have identified a cluster of four Android applications on the Google Play Store that masqueraded as tools to view any phone number’s call history. The apps,...

The Hacker News recently highlighted an emerging cybersecurity threat model dubbed "Patient Zero" that organizations increasingly struggle to detect. A specialized webinar hosted b...

Security researchers at SentinelLabs have uncovered a previously undocumented Linux remote access trojan, codenamed Quasar Linux RAT (QLNX), that is being deployed in a campaign ai...

A recent analysis of more than 25 million security alerts collected from a dozen global security operations centers (SOCs) over a six‑month period reveals that low‑severity events ...

Cybersecurity researchers have disclosed a previously unknown Linux backdoor called PamDOORa that is being actively advertised on the Russian cybercrime forum Rehub for $1,600 by a...

Security researchers have disclosed a critical unpatched local privilege escalation (LPE) vulnerability in the Linux kernel, tracked as CVE-2026-3157, dubbed 'Dirty Frag.' The flaw...

NVIDIA has officially confirmed a data breach impacting its GeForce NOW service, exposing personal information for a subset of users in Armenia. The disclosure, made in a statement...

Modern threat actors launch campaigns that generate thousands of alerts per hour, leaving security operations centers (SOCs) drowning in data. Even with a larger team of analysts, ...

Trellix, a prominent cybersecurity vendor, disclosed on [date] that its internal source‑code repository had been compromised. The intrusion was promptly claimed by the RansomHouse ...

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal civilian agencies to patch a critical vulnerability in Ivanti Endpoi...

Zara, the Spanish fast‑fashion giant, has confirmed a data breach that exposed the personal information of approximately 197,000 customers. The compromise was uncovered after the b...

On March 15, 2023, a federal jury in the Eastern District of Virginia found Austin M. Collins, 34, of Arlington, Virginia, guilty of one count of conspiracy to commit computer frau...

Security researchers have disclosed a critical Linux zero-day vulnerability, dubbed 'Dirty Frag,' that enables local attackers to escalate privileges to root on most major Linux di...

A massive data‑extortion campaign slammed the widely‑used learning‑management platform Canvas on Tuesday, forcing districts and universities across the United States to suspend onl...

ShinyHunters, the notorious threat group behind a string of high‑profile data thefts, announced on March 5 that it had executed a second intrusion into Instructure, the education‑t...

Musk's legal team filed a complaint in the Delaware Court of Chancery on 12 March, alleging that OpenAI's board has abandoned its original mission to develop artificial general int...

Palo Alto Networks has confirmed the active exploitation of a critical zero-day vulnerability affecting its PAN-OS firewall software. The flaw, tracked as CVE-2024-3400 and rated c...

Ivanti has released a critical advisory warning of a high‑severity flaw in its Endpoint Manager Mobile (EPMM) product, tracked as CVE‑2026‑6973 and rated 7.2 on the CVSS scale. The...

Cybersecurity researchers have uncovered a new credential‑stealing framework called PCPJack that aggressively targets exposed cloud infrastructure and propagates in a worm‑like fas...

Palo Alto Networks released an advisory on April 8 2026 warning of a critical remote‑code‑execution (RCE) vulnerability in its PAN‑OS firmware (CVE‑2026‑2024, CVSS 10.0). The flaw ...

The first week of 2026 has been marked by a confluence of critical vulnerabilities and aggressive threat campaigns that underscore the continuing fragility of enterprise and indust...

Organizations often believe that securing a retainer with a reputable incident response (IR) firm or pre‑approving an external provider is sufficient to survive a cyber crisis. Whi...

Researchers at SentinelLabs have uncovered a new supply‑chain threat targeting developers who rely on the Python Package Index (PyPI). The campaign, tracked as ‘ZulipSnatch’, consi...

Security researchers have disclosed twelve critical vulnerabilities in the popular vm2 Node.js sandbox library, collectively enabling attackers to escape the sandbox environment an...

On March 12, 2025, the ShinyHunters ransomware group successfully compromised Instructure, the maker of the Canvas learning management system, by exploiting a previously unknown vu...