Real cyber-threats unfolding around the world right now — ransomware, phishing, malware, breaches and zero-day exploits. Click any threat to see what happened and exactly how to stay protected.
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-2026…
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three…
The Council of Europe, the continent's oldest intergovernmental body, is probing claims of a data breach made by the Sh…
The U.S. Federal Bureau of Investigation (FBI) warned that criminals are using couriers to collect money from victims o…
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files …
Employees are increasingly building automations, agents, and apps with AI tools outside traditional security oversight.…
A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive…
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feat…
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sen…
The ShinyHunters extortion gang stole personal information from more than 137,000 school staff accounts in a Salesforce…
Modern phishing, BEC, and account takeover attacks increasingly bypass traditional email defenses and create operationa…
Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords…
Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper …
An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustP…
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and Nort…
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability…
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-a…
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited t…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active …
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credent…
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to impersonate devices, inte…
View CSAF Summary Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gai…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active …
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidl…
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and su…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of act…
View CSAF Summary KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the…
View CSAF Summary Schneider Electric is aware of its vulnerability in its EcoStruxure Panel Server offer. The EcoStruxu…
View CSAF Summary Schneider Electric is aware of a RADIUS protocol vulnerability affecting its Modicon Network Managed …
Kaspersky researchers analyze new Argamal RAT distributed via infected hentai games and allowing the attacker to contro…
In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Mo…
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly def…
We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, A…
What are the main risks for container environments: vulnerabilities, supply chain attacks, configuration errors; how to…
Our experts continue to track attacks targeting consumers of pirated content, both books and movies. 2026 saw the disco…
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT i…
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency…
Cloud Atlas attacks the public sector and diplomatic structures of Russia and Belarus, using ReverseSocks, SSH, and Tor…
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a f…
We explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102).
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public…
This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new …
The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as…
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are provin…
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and c…