AI is speeding up attacks but otherwise not changing their fundamental nature, said FBI official Jason Bilnoski. The post FBI says even in an AI-powered world, security basics still matter...

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. [...]

Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and...

[Control systems] Siemens security advisory (AV26-212)

Ransomware, malware-as-a-service, infostealers benefit MOIS, too Iranian government-backed snoops are increasingly using cybercrime malware and ransomware infrastructure in their operations - not...

Department of Homeland Security leaders removed top privacy officers who objected to mislabeling government records to block their public release, WIRED has learned.

Mozilla security advisory (AV26-211)

Attackers can exploit the defect in the widely deployed pac4j with relative ease, but researchers haven’t observed active exploitation in the wild. The post Critical defect in Java security engine...

A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store. [...]

Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on...

Key Points Iran-linked actors are increasingly engaging with the cyber crime ecosystem. Their activity suggests a growing reliance on criminal tools, services, and operational models in support of...

You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing...

Rapid7 says crims compromised more than 250 sites globally, including a US Senate candidate’s campaign page Cyber baddies quietly compromised legitimate WordPress websites, including the campaign...

The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military...

[Control systems] Schneider Electric security advisory (AV26-210)

A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response...

SAP security advisory – March 2026 monthly rollup (AV26-209)

Multiple vulnerabilities have been discovered in Mozilla Firefox, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet....

Kubernetes security advisory (AV26-208)

Delivery apps are glitching and navigation routes are changing abruptly thanks to electronic warfare disrupting the satellite signals that power everything from missiles to your ride home.

New data from Google Cloud finds that basic security failures continue to drive the majority of cloud compromises,... The post Google Cloud warns cloud misconfigurations and identity security gaps...

New analysis from Intel 471 found that military strikes by the U.S. and Israel against Iran triggered a... The post Cyber retaliation surges after US–Israel strikes on Iran as hacktivists hit...

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these...

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe Acrobat is a comprehensive software family designed to...

Microsoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including 2 zero-days and an issue that prevent some devices from...

The global maritime industry has long been the arterial system of the world economy, responsible for over 90% of global trade. For centuries, the primary dangers to a vessel were physical:...

8Critical75Important0Moderate0LowMicrosoft addresses 83 CVEs including two vulnerabilities that were publicly disclosed prior to a patch being released.Microsoft patched 83 CVEs in its March 2026...

The Federal Bureau of Investigation has released two new resources designed to help health care organizations identify, assess and prevent targeted violence. Developed through an ongoing...

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day vulnerabilities. [...]

Ransomware-as-a-service (RaaS) models, double extortion tactics, and increasing adoption of AI characterize the evolving ransomware threat landscape. Law enforcement takedowns of groups such as...