Google disrupted a Chinese-linked hacking group that breached at least 53 organizations across 42 countries, the company said Wednesday. The hacking group, tracked as UNC2814 and “Gallium,” has a...

The Treasury Department on Tuesday sanctioned Russian firm Operation Zero and several affiliated individuals for allegedly buying stolen cyber tools originally developed for the U.S. government...

A Chinese law enforcement official attempted to use ChatGPT to review its reports on cyber operations, subsequently revealing details of a worldwide online harassment and silencing campaign of...

Researchers have uncovered and taken down the infrastructure of a phishing operation run by Russian cybercriminals targeting freight companies in the U.S. and Europe. Over a five-month period, the...

The partial shutdown of the Department of Homeland Security is impacting the preparation of cities hosting the 2026 FIFA World Cup, according to stakeholder testimony Tuesday. Beginning Sunday,...

Reflected XSS vulnerability (CVE-2026-1434) has been found in Omega-PSIR software.

During Tuesday night’s State of the Union address, President Donald Trump announced a new initiative to ensure data center owners and operators absorb surges in electricity costs associated with...

Defense Secretary Pete Hegseth gave Anthropic CEO Dario Amodei until Friday evening to give the military unfettered access to its AI model or face harsh penalties. Hegseth told Amodei in a tense...

Telegram posts promise up to $1,000 per call as gang refines IT helpdesk ruse Prolific cybercrime crew Scattered Lapsus$ Hunters (SLSH) is reportedly recruiting women in the hope of improving its...

LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost...

SQL Injection vulnerability (CVE-2026-1198) has been found in Simple.ERP software.

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild...

A rare joint alert from all five spy agencies means serious business The Five Eyes intelligence alliance is urgently warning defenders to patch two Cisco Catalyst SD-WAN vulnerabilities used in attacks.…

The European Union Agency for Cybersecurity (ENISA) released its updated cybersecurity exercise methodology, providing organizations and governments across Europe with a structured framework for...

The European Union Agency for Cybersecurity (ENISA) released its updated cybersecurity exercise methodology, providing organizations and governments across Europe with a structured framework for...

Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.”

Why they predict we’ll all be single in 2026

div]:bg-bg-000/50 [&_pre>div]:border-0.5 [&_pre>div]:border-border-400 [&_.ignore-pre-bg>div]:bg-transparent [&_.standard-markdown_:is(p,blockquote,h1,h2,h3,h4,h5,h6)]:pl-2...

Multiple vulnerabilities have been discovered in Cisco Catalyst SD-WAN products, the most severe of which could allow for authentication bypass. Cisco Catalyst SD-WAN (formerly Viptela) is a...

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API...

Recorded Future is expanding its payment fraud prevention capabilities through a partnership with CYBERA, the industry leader in detecting and verifying data on scam-linked bank accounts.

In my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access...

The global campaign marks the second series of multiple actively exploited zero-day vulnerabilities in Cisco edge technology since last spring. The similarities don’t end there. The post...

Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53...

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code...

Or Hadar reports: Clalit Health Services, the largest health maintenance organization in Israel, said it is investigating a suspected cyberattack after an Iranian-linked hacking group claimed it...

UNC2814 historically targets governments and telcos A China-linked crew found a unique formula for attacking telcos and government orgs across the Americas, Asia, and Africa in its latest round of...

The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks. The idea is to...

Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just...

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket,...