Grafana Labs, on May 19, 2026, said an investigation into its recent breach found no evidence of customer production systems or operations being compromised. It said the scope of the incident is...
A Freedom of Information Act request shows the extent of the surveillance
Identity checks alone can't stop attackers using stolen session tokens and compromised devices. Specops Software outlines why Zero Trust strategies increasingly depend on continuous device...
Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Tracking TamperedChef Clusters via...
Concurrent Technologies Corporation partnered with Quantum Knight to support deployment of post-quantum cybersecurity protections across federal, defense, and... The post CTC and Quantum Knight...
Team Cymru, vendor of external threat intelligence and internet visibility, announced its role as a private-sector partner in... The post Team Cymru supports Interpol’s Operation Ramz targeting...
Wasion Americas announced a partnership with Crytica Security to integrate Crytica’s Rapid Detection Alert and Isolation (RDAi) technology... The post Wasion Americas and Crytica bring endpoint...
GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal...
We explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102).
A new study finds AI companies, defense firms, and dating apps are among 38 data collectors allegedly using manipulative design to confuse users while collecting their data.
As frontier AI models collapse the traditional exploit window, Tenable Hexa AI transforms the security operating model from manual triage to agentic orchestration. See how you can automate...
Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. [...]
ESET researchers describe new tools and techniques that the Webworm APT group recently added to its arsenal
On March 24, 2026, SCUHS became aware of unauthorized activity on our computer network. We promptly launched a response with assistance from outside cybersecurity specialists to secure the network...
On or around November 13, 2025, we identified suspicious activity occurring within our environment. In response, we quickly took some of our systems offline to stop the activity and followed our...
On February 23, 2026, Caesars Entertainment, Inc. (“Caesars”) identified suspicious activity in certain cloud-hosted platforms that are used to store data. We immediately activated our incident...
On June 17, 2025, Bomco became aware that certain files in its network may have been accessed by an unauthorized actor. Bomco promptly launched an investigation to determine the nature and scope...
PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux...
We regret to inform you that we recently experienced a data incident. As per our data and security protocols, we immediately commenced a forensic investigation with the assistance of external...
Classes have been canceled in Delano, Minnesota, on Wednesday after the school district said it suffered a "cyber incident." Delano Public Schools says the incident happened Monday night. "The...
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. [...]
Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. [...]
GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed approximately 4,000 repositories containing private code. [...]
According to GitHub’s public statement, the company detected unauthorized access involving internal repositories and initiated an ongoing investigation into the scope and potential impact of the...
'Thousands' of US victims, including 12+ machines owned and operated by Redmond
Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN's Satori Threat Intelligence...
Verizon’s annual Data Breach Investigations Report uncovered a surge of exploited vulnerabilities, and a growing lack of critical defect remediation industrywide. The post Attackers hit...
Atlassian security advisory (AV26-483)
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the...
Ubuntu security advisory (AV26-482)