Aggregating 5945 articles from trusted cybersecurity sources
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB dri...
Internet Explorer’s legacy WebBrowser control can be abused to turn seemingly harmless user clicks into full remote code execution (RCE), even on systems tha...
Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure. The post Silent Ransom Group Uses DNS Fast ...
At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families co...
A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US C...
Instagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw.
A suspected China-linked espionage cluster dubbed OP-512 after rapidly correlating many low-fidelity events into a single high-priority incident that human a...
Partnership between policymakers and tech companies, not government oversight, offers the best path forward for responsible AI innovation. The post The AI se...
A new, fully featured Lucid Stealer build that combines large-scale credential theft with hidden remote access. The sample, distributed through Telegram-link...
A flaw in Meta’s AI-powered Instagram recovery tool exposed over 20,000 accounts, letting attackers reset passwords and take over profiles. Meta’s High Touch...
Samsung’s One UI 9 beta integrates Lockdown mode into the power menu. This is the screen that contains Power off, Restart, and emergency options.
A supply chain attack targeting Klue, a competitive intelligence platform, has lead to the theft of Salesforce data from multiple entities, including several...
Customers of the affected Japanese email services are “strongly advised” to change their email passwords
FortiBleed exposed valid credentials for 73,000+ Fortinet firewalls, revealing a large-scale access-brokering operation targeting organizations worldwide. In...
The security incident, which occurred on January 20, 2026, allowed an unauthorized actor to acquire files containing sensitive information.
The breach was revealed after a hacker forum listed over 630 GB of data, reportedly containing more than 204,300 files.
The reported breach of the Glaz/Groza combat control platform by Ukrainian hackers has exposed a range of internal documents, including manuals, patents, and...
Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave atta...
LastPass has confirmed it was affected by the Klue supply chain incident, saying an unauthorised actor used stolen…
LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain att...
A security incident involving the third-party platform Klue has resulted in unauthorized access to limited customer data in LastPass. The breach occurred aft...
Tata Electronics has reported a cybersecurity incident following claims from a ransomware-linked threat group that it has exfiltrated and published over 200,...
Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems.