Microsoft Edge security advisory (AV26-268)
Craft CMS security advisory (AV25-300) – Update 1
Citrix security advisory (AV26-267)
An industry group this week called on Congress to speed up deployment of next-generation 911, warning that outdated emergency systems are ill-equipped to handle modern communications, especially...
Red Hat security advisory (AV26-266)
[Control systems] CISA ICS security advisories (AV26–265)
Twice in the past five months, the U.S. Congress has allowed the authorization for U.S. cyber threat intelligence sharing to lapse. In each case, it managed only short-term extensions for this...
The Defense Department and its federal partners issued a warning Friday to drone operators, threatening to impose massive fines, imprisonment and other measures on those who illegally fly unmanned...
Ubuntu security advisory (AV26-264)
Dell security advisory (AV26-263)
Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer...
Every year, the cyber threat landscape forces defenders to adapt to evolving adversary tactics, techniques, and procedures (TTPs). In 2025, Mandiant observed a clear divergence in adversary pacing...
Corporate cybersecurity leaders believe AI will be essential to their missions, but, so far, few are seeing big gains from agentic security products, according to a new EY survey. With AI...
Thousands of commercial and private vessels transit the world’s oceans daily, broadcasting positional data, transmitting communications through exploitable unencrypted satellite communications,...
On or about March 2, 2026, Heritage Financial Corporation (the "Company") detected a cybersecurity incident involving an internal file share server used by employees and the exfiltration of files...
Saturday saw the highest call-out rate of TSA officers at airports since the partial Department of Homeland Security shutdown began, according to exclusive data from the Transportation Safety...
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company's GitHub organization to tamper with dozens of...
Metro says it’s working to restore access to its internal administrative computers after the agency’s security team discovered “unauthorized activity.” The transit system said Thursday it was...
For the latest discoveries in cyber research for the week of 23rd March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Navia Benefit Solutions, a United States-based...
The head of the UK’s National Crime Agency (NCA) has warned that the country’s teens are being “radicalized” into becoming cybercriminals by online platforms. The NCA was set up over a decade ago...
The co-founder of Super Micro Computer and two others were charged with diverting $2.5 billion worth of servers with Nvidia’s artificial intelligence chips to China, in violation of U.S. laws...
CISA and the Federal Bureau of Investigation have released a Public Service Announcement (PSA) warning about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence...
The U.S. grid withstood Winter Storm Fern in January without disruption to the bulk power system, but the electric sector cannot become complacent because reliability risks are rising, Jim Robb,...
Domestic extremist actors are incorporating drone technology into operational capabilities and attack plots, taking inspiration from the battlefield. The number of violent plots utilising drones...
The White House released its policy recommendations for AI on Friday, stating its framework “can succeed only” without a patchwork of conflicting state laws on the emerging technology. The...
IBM security advisory (AV26-262)
President Donald Trump on Monday extended his deadline for Iran to reopen the crucial Strait of Hormuz to international shipping, saying the U.S. would hold off on strikes against Iranian power...
The Beers with Talos team unpack the biggest cybersecurity threats of 2025, from React2Shell to ransomware and identity abuse, and what it all means for defenders going forward.
Trio-Tech International initially said hack wasn’t 'material,' but then stolen data was published Trio-Tech International initially shrugged off a ransomware attack at a Singapore subsidiary as...
Infosec pros descend on San Francisco kettle When El Reg cybersecurity editor Jessica Lyons joins infosec industry colleagues in San Francisco for RSAC 2026 this week, she's expecting agentic AI...