網路安全資訊

Musk's legal team filed a complaint in the Delaware Court of Chancery on 12 March, alleging that OpenAI's board has abandoned its original mission to develop artificial general int...

Palo Alto Networks has confirmed the active exploitation of a critical zero-day vulnerability affecting its PAN-OS firewall software. The flaw, tracked as CVE-2024-3400 and rated c...

Ivanti has released a critical advisory warning of a high‑severity flaw in its Endpoint Manager Mobile (EPMM) product, tracked as CVE‑2026‑6973 and rated 7.2 on the CVSS scale. The...

Cybersecurity researchers have uncovered a new credential‑stealing framework called PCPJack that aggressively targets exposed cloud infrastructure and propagates in a worm‑like fas...

Palo Alto Networks released an advisory on April 8 2026 warning of a critical remote‑code‑execution (RCE) vulnerability in its PAN‑OS firmware (CVE‑2026‑2024, CVSS 10.0). The flaw ...

The first week of 2026 has been marked by a confluence of critical vulnerabilities and aggressive threat campaigns that underscore the continuing fragility of enterprise and indust...

Organizations often believe that securing a retainer with a reputable incident response (IR) firm or pre‑approving an external provider is sufficient to survive a cyber crisis. Whi...

Researchers at SentinelLabs have uncovered a new supply‑chain threat targeting developers who rely on the Python Package Index (PyPI). The campaign, tracked as ‘ZulipSnatch’, consi...

Security researchers have disclosed twelve critical vulnerabilities in the popular vm2 Node.js sandbox library, collectively enabling attackers to escape the sandbox environment an...

On March 12, 2025, the ShinyHunters ransomware group successfully compromised Instructure, the maker of the Canvas learning management system, by exploiting a previously unknown vu...

Security researchers have identified a new banking trojan, named TCLBanker, that is actively spreading through WhatsApp messages and Outlook emails. The campaign lures victims with...

Security researchers have identified a new malware framework designated PCPJack that is actively targeting exposed cloud infrastructure environments. The threat operates as a crede...

The Australian Cyber Security Centre (ACSC) has issued a high‑priority advisory warning that a sophisticated malware campaign is actively using the ClickFix social‑engineering tech...

Ivanti has released an emergency patch for a critical remote‑code‑execution (RCE) vulnerability in its Endpoint Manager Mobile (EPMM) product. Tracked as CVE‑2023‑XXXXX with a CVSS...

Organizations investing heavily in data loss prevention (DLP) solutions are discovering a critical blind spot: the browser has become the primary vector for inadvertent data exfilt...

Security researchers at Unit 42 have uncovered a new cloud‑targeting malware family they are calling PCPJack, which has quietly replaced the earlier TeamPCP implant. PCPJack distin...

Industry insiders are buzzing after reports surfaced that Tom Parker, a seasoned executive known for his boardroom operational expertise, may be the frontrunner to assume the helm ...

Security researchers at the TrustFall convention have disclosed a critical vulnerability that allows malicious code repositories to trigger arbitrary code execution in several popu...

Security researchers at Dark Reading have disclosed the most sophisticated AI‑integrated cyber‑campaign observed to date, which targeted critical infrastructure in Mexico. The oper...

Two U.S. nationals were sentenced to 18 months in federal prison each for managing laptop farms that facilitated North Korean IT workers in securing remote positions at nearly 70 A...

Ethan J. Rivera, a 20‑year‑old from Los Angeles, California, was sentenced on Friday to 78 months (6.5 years) in federal prison for his role in a sophisticated criminal operation t...

Modern cyber‑threats have evolved beyond the initial breach, with adversaries now targeting backup systems, encryption keys, and recovery pipelines to maximize impact. A new webina...

Palo Alto Networks issued an urgent advisory warning customers that a critical‑severity zero‑day vulnerability in its PAN‑OS firewall software has been actively exploited by suspec...

Security researchers have uncovered a phishing campaign that spoofs the official Anthropic Claude AI portal to distribute a new Windows backdoor dubbed “Beagle.” The fraudulent sit...

Security researchers at Mandiant and Dragos have documented what they are calling the world's first fully AI-integrated cyberattack campaign targeting operational technology (OT) i...

Cybersecurity researchers have identified a new Mirai-variant botnet designated as xlabs_v1 that actively exploits the Android Debug Bridge (ADB) interface to compromise internet-c...

The Iranian state-sponsored threat actor MuddyWater, also tracked as Mango Sandstorm, Seedworm, and Static Kitten, has been linked to a sophisticated cyberattack that leveraged Mic...

The Hacker News (THN) has officially opened the call for entries for the Cybersecurity Stars Awards 2026, an initiative designed to shine a spotlight on the behind‑the‑scenes work ...

According to Gartner's inaugural Market Guide for Guardian Agents, published in 2024, enterprise deployment of AI agents is accelerating at a pace that outstrips the development of...

Google has announced a significant expansion of its Binary Transparency initiative for Android, introducing a public verification mechanism designed to protect the ecosystem from s...