Every time Vanny Birungi, a volunteer with the Red Cross in eastern Congo, goes out to raise awareness about the latest Ebola outbreak as suspected cases near 1,000, she faces a double threat. One...
Artificial intelligence is making it easier for bad actors to initiate cyberattacks on water infrastructure, yet the water sector remains inadequately prepared, a panel of experts told lawmakers...
[Control Systems] Moxa security advisory (AV26-509)
U.S. special operators want AI tools that offer the power of giant data centers out on the disconnected front lines. SOF units already use generative AI “heavily” for things like resource...
Insights from real-world environments into how code, developer tooling, automation, and AI are reshaping application security.
White House officials and industry representatives sorting through the confusion of Thursday’s aborted artificial intelligence policy announcement still expect to see some policy emerge from the...
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the...
Pope Leo XIV on Monday set out a sweeping vision for corporate executives, politicians and individuals who will shape and be shaped by the future of artificial intelligence, warning leaders to...
Technical analysis of Payload ransomware, covering .payload encryption, ChaCha20, Curve25519 ECDH, ransom note recovery, and anti-forensics. Key Takeaways - Payload ransomware first appeared...
The British Army covertly took over a disused part of the London Underground in central London to plan a NATO military response to possible future Russian attacks. Hundreds of British soldiers...
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web...
Cybersecurity leaders and practitioners brought their burning AI cybersecurity questions to EXPOSURE 2026. They left with clear answers and a blueprint for building an exposure management program....
Researchers at Check Point Research detailed that the Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated threat actor known as... The post IRGC-linked Nimbus Manticore group attacks...
AI governance requires visibility into how AI tools interact with enterprise data. Varonis explains how its Atlas platform uses Claude Compliance API data to help monitor usage, investigate risk,...
There’s a smarter, easier pathway to resilient security
Cyber-physical systems (CPS) protection company Claroty announced an integration with Corsha, a Machine Identity Provider (mIDP). The collaboration... The post Claroty and Corsha integrate OT...
Building on nearly a decade of development, not-for-profit organization MITRE is contributing Caldera to the Apache Incubator as... The post MITRE moves Caldera cybersecurity platform to Apache...
As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.
The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise
Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers' attempts to move laterally across the network. [...]
IT teams often need to jump between monitoring dashboards, infrastructure tools, ticketing systems, and communication platforms during network incidents. This webinar explores how automation and...
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as...
Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update. [...]
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach...
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies...
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the...
Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll...
Senior research associate Kate Robertson discusses the risks Bill C-22 poses for future data-sharing agreements with foreign law enforcement agencies. The post Trump Wants to Tap Your Phone....
A ‘geeks first, PR people second’ mentality, A-list reporters, and the forces shaping the cyber media landscape today
Improper Certificate Verification vulnerability (CVE-2026-9058) has been found in Szafir SDK software.