A new Cydome report highlights a sharp rise in OT (operational technology) and maritime cyber incidents, noting that... The post Cydome report finds 150% surge in maritime OT cyberattacks as...
Tanium announced that it has achieved Cybersecurity Maturity Model Certification (CMMC) Level 2. This milestone assures the Department... The post Tanium achieves CMMC Level 2 certification,...
Trellix, vendor of AI-powered cybersecurity solutions, announced the appointments of Alex Au Yeung as chief product officer and... The post Trellix names Alex Au Yeung as CPO and Zach Nelson as...
Key Findings Introduction As highlighted in the Cyber Security Report 2026, cyber operations have increasingly become an additional tool in interstate conflicts, used both to support military...
Retains eight-weekly Extended Stable releases but warns fortnightly updates are the best way to stay safe Google will halve the time between releases of its Chrome browser to two weeks, across...
Insikt Group tracks the cyber, physical, and geopolitical components of the US-Israeli strikes on Iran — with continuously updated threat analysis and scenarios.
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile...
Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed A developer says their company is on the hook for more than $82,000 in unauthorized charges...
Dutch Police reports: Nearly 1,700 police officers will receive a letter in the coming period because they used police systems when there was likely no need to do so. These colleagues were looking...
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data...
Researchers traced the kit moving from a spyware vendor’s customer to Russian hackers to Chinese cybercriminals. The post Possible U.S.-developed exploits linked to first known ‘mass’ iOS attack...
Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and criteria when it comes to identifying and addressing cyber incidents. The Verizon...
AI conversations for sale include sensitive health and legal details Your latest chat transcript could be bought and sold. Data brokers are selling access to sensitive personal data captured...
Strengthening secure cloud modernization for Spain’s public sector through CPSTIC certification.
Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1...
The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform...
A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging...
Django security advisory (AV26-193)
No more hiding in the server closet: Cyber ops mentioned alongside kinetic warfare as critical to conflict In what may be the most public acknowledgment of its cyber operations capabilities to...
In its amicus brief, Google called the warrants a violation of people’s rights and said that in recent months it has objected to more than 3,000 geofence warrants on constitutional grounds.
XRPL added a Batch execution feature. The idea was to have multiple instruction types, such as multiple payments, in a single transaction by batching them altogether. Right before launching the...
The multinational Dutch paint company AkzoNobel has confirmed to BleepingComputer that hackers breached the network of one of its U.S. sites. [...]
In an Android Manifest, the most interesting part is anything with android:exported="true". If it has a deeplink, then it makes it possible to trigger from just a single link on the web. There...
Social media giant Facebook is currently experiencing a massive worldwide outage, preventing users from accessing their accounts. [...]
The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications,...
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It's...
A pro-Iran hacking group detailed an attack manipulating agricultural sector control systems in an incident the Jordanian government said was aimed at destroying a strategic wheat stockpile. A...
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]
Samsung mobile security advisory (AV26-192)