Underground forum tutorial simplifies vulnerability exploitation for novice hackers
The tutorial, authored by a hacker known as "Hercules" and documented by cybersecurity company Flare, breaks down the process of scanning, detecting, exploit...
SC Media
20 articles
Critical Redis vulnerability CVE-2026-23479 allows remote code execution
The vulnerability, rated 8.8 by CVSS 3.
Offroad launches with $7 million to use AI agents for identity security
Offroad addresses the growing complexity of identity security, which has surpassed manual review capabilities.
AI tools pose insider threat risks as integration accelerates
Researchers from DTEX have detailed how common workflows using AI agents, such as Anthropic's Claude Cowork, can grant extensive access to sensitive corporat...
Critical vulnerability in Hugging Face Transformers library allowed arbitrary code execution
The vulnerability, tracked as CVE-2026-4372, was exploitable through a standard model-loading command, even when Hugging Face’s recommended security setting ...
Fake document marketplace aiding migrant smuggling dismantled in Spain
The investigation, initiated by French authorities who identified the website, culminated in Spain with the arrest of a suspect in Alicante.
DentaQuest data breach exposes sensitive information of 2.6 million accounts
The incident came to light last month when the extortion group ShinyHunters claimed to have stolen over 234 GB of data from the company.
World Food Programme reports data breach affecting Palestinian beneficiaries
The World Food Programme confirmed a breach of its self-registration application (SRA) for Palestine, which occurred on May 14.
Security Researchers Are Threat Actors - PSW #929
9.8 Mirasvit bug actively exploited on Magento servers
CISA warns of an actively exploited Magento extension flaw that enables remote code execution.
What Is Non-Human Identity Management?
What Is Agentic Identity and AI Identity Governance?
Info Stealer Malware Explained: How Hackers Steal Your Data & Bypass MFA - WC #1
WordPress Kirki plugin vulnerability allows account takeover
The vulnerability, present in Kirki versions 6.0.
New malspam campaign uses Google DoubleClick to deliver DesckVB RAT
The campaign begins with a phishing email containing an HTML attachment.
Microsoft introduces execution containers for AI agents
MXC functions as an SDK and policy model embedded within Windows and WSL, acting as a declarative boundary system for AI agents.
Ultrahuman reports customer wellness data accessed in breach
Ultrahuman confirmed that attackers accessed customer data using credentials stolen from an employee's malware-infected laptop.
The Trump AI EO strikes a compromise to balance innovation with accountability
The AI EO underscores the need for innovation and secuirty to evolve together.
US agencies warn of hackers targeting fuel tank monitoring systems
Threat actors are exploiting vulnerabilities such as authentication bypass, hardcoded credentials, OS command execution flaws, SQL injection, and privilege e...
U.S. sanctions Iran's largest crypto exchange Nobitex for facilitating terrorism financing
Nobitex is accused of processing over 50% of Iranian digital asset inflows in 2025 and enabling transactions connected to the Islamic Revolutionary Guard Cor...