Aggregating 3041 articles from trusted cybersecurity sources
This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execu...
This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execu...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not require...
Recorded Future's 2025 Identity Threat Landscape Report analyzes hundreds of millions of compromised credentials to reveal how infostealer malware is evolvin...
If your organization relies on AWS IAM Identity Center for workforce access, you can now extend that access across multiple AWS Regions with multi-Region rep...
This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at ...
No bad luck here: Friday the 13th brings new modules and a Metasploit Pro milestone This week’s Metasploit Framework release delivers three new modules acros...
A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses
Learn how Cloudflare and CDW de-risk SASE migrations with a blueprint that treats legacy debt as an application modernization project.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3909 Google S...
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide
ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cloudflare moves up its post-quantum deadline as researcher...
Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and Per...
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting governm...
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
Cybernews reports that Serasa Experian, the Brazilian subsidiary of credit risk and fraud prevention firm Experian, had 1.8 TB of data belonging to 223 milli...
The stolen data, reportedly offered for sale, is said to contain simulations and schematics of aircraft, missiles, and bombs, originating from top organizati...
The breach allowed unauthorized access to Bitcoin Depot's corporate IT systems, leading to the theft of 50.903 Bitcoin, valued at roughly $3.
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensiti...
Eurail B.V.
Grupo Bancolombia and Banco De Bogota, two of the leading banks in Colombia, were claimed to have been compromised by the same threat actor, who also exposed...
Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail i...
The breach, attributed to the extortion gang World Leaks, reportedly exposed approximately 7.7 terabytes of data, including over 337,000 files.