The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multi-factor authentication defenses.

Google Threat Intelligence Group said it tracked 90 zero-day vulnerabilities that were exploited by a variety of actors last year, surpassing the 78 that were used by threat actors in 2024.

Seven governments in the Global Coalition on Telecoms unveiled a set of 6G Security and Resilience Principles at... The post Global Coalition on Telecoms set 6G security rules as next-gen networks...

Written by: Casey Charrier, James Sadowski, Zander Work, Clement Lecigne, Benoît Sevens, Fred Plan Executive Summary Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities...

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. [...]

President Donald Trump’s nominee to lead the Cybersecurity and Infrastructure Security Agency privately told stakeholders he left his role in the U.S. Coast Guard to address concerns about his...

Anthropic CEO Dario Amodei is back at the negotiating table with the U.S. Department of Defense after the breakdown of talks on Friday over the use of the company’s AI tools by the military,...

​A U.S. government contractor's son, accused of stealing more than $46 million in cryptocurrency from the U.S. Marshals Service, was arrested Wednesday on the island of Saint Martin. [...]

The Trump administration plans ​to meet with executives from the biggest U.S. defense contractors at the White House on Friday to discuss ‌accelerating weapons production, as the Pentagon works to...

The Israel Defense Forces on Wednesday said it bombed a compound in Tehran housing Iran’s cyber warfare headquarters — but it’s unclear whether the strike will significantly kneecap Iran’s...

OpenText security advisory (AV26-199)

In a ceremony at the White House on Wednesday, executives from seven major tech companies signed a pledge with President Trump to supply their own power for artificial intelligence data centers....

A vulnerability has been discovered in pac4j-jwt (JwtAuthenticator) which could allow for authentication bypass. pac4j-jwt is a Java module within the pac4j security framework designed for...

The Dutch police’s new self-reporting form is proving successful. In the first three months since the form’s launch, several suspects have self-reported, including for involvement in violence and...

Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco Secure Firewall Management Center (FMC) is a centralized...

Jessica Adiele reports: Nigeria’s telecommunications regulator, the Nigerian Communications Commission (NCC), has directed telecom operators to notify the commission within four hours of detecting...

Executive Summary In early February 2026, Cyble Research & Intelligence Labs (CRIL) identified a new Linux malware strain delivered through a loader structure previously associated with ShadowHS...

Executive Summary In early February 2026, Cyble Research & Intelligence Labs (CRIL) identified a new Linux malware strain delivered through a loader structure previously associated with ShadowHS...

Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled...

Contractors tasked with improving AI reportedly had access to intimate footage captured through wearables Britain's privacy watchdog is asking questions about Meta's AI-powered smart glasses after...

Lawmakers are ratcheting up a showdown over funding for the Department of Homeland Security over concerns that the United States is at greater risk following U.S. and Israeli strikes in Iran....

A joint law enforcement operation has dismantled LeakBase, one of the world's largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. The LeakBase forum, per the...

Chris Butera will serve as the Cybersecurity and Infrastructure Security Agency’s acting executive assistant director for the agency’s cybersecurity division, following leadership changes put into...

Key members of the Senate Armed Services Committee took aim at the Pentagon’s new National Defense Strategy (NDS) on Tuesday, when one of its architects, Undersecretary of Defense for Policy...

Amazon Web Services is grappling with widespread service disruptions this week after drone strikes severely damaged three of the cloud provider’s data centers in the Middle East during a surge of...

Iranian strikes conducted over the weekend and on Monday damaged structures that are part of or near communication and radar systems on at least seven U.S. military sites across the Middle East,...

This activity began in early February and has continued in recent days. What organizations should expect next from Iran-aligned groups and the steps they should take to guard against cyberattacks.

An iPhone hacking technique used in the wild to indiscriminately hijack the devices of any iOS user who merely visits a website represents a rare and shocking event in the cybersecurity world. Now...

Wired has the story: Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not from the government advising caution, but from an...

Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat (APT) actor closely associated with Famous Sparrow.