In a new red-teaming exercise, social engineering moved to advanced tunneling attacks, revealing a critical lesson in today's AI security.
This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of SparkCat and Triada.
The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during Q1 2026.
Firefox maker says the tools are basic security infrastructure, not teenage contraband
It’s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably...
Eliminate cryptographic blind spots and neutralize legacy debt with an integrated cryptographic asset inventory. Identify risks across code, cloud, and runtime, using the Wiz Security Graph to...
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day...
Europol announced today (May 18) that a total of 14,200 posts linked to Iran’s Islamic Revolutionary Guard Corps (IRGC) have been targeted in a coordinated action against terrorist content online....
Cybercriminals brought down the most widely used learning platform in North America. The Canvas breach is a blueprint for how SaaS attacks now work — and a warning about how unprepared most...
Part 6 of 6: Where the channel goes from here
Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]
U.S. officials are investigating a series of cyber intrusions targeting automatic tank gauge systems used to monitor fuel... The post US probes automatic tank gauge system breaches, exposing OT...
David Norman, a former Phoenix police officer who’s described himself as “a fucking savage,” now runs a company that provided training to Homeland Security’s Special Response Teams.
The U.S. National Institute of Standards and Technology (NIST) published final versions of Special Publication 800-172 Revision 3... The post NIST updates SP 800-172 to strengthen segmentation,...
Global technology company ABB and Cydome, provider of purpose-built cybersecurity, announced their collaboration to help shipping companies strengthen... The post ABB integrates voyage...
Industrial cybersecurity vendor Dragos announced a public–private partnership with the UAE Cyber Security Council (CSC) to establish OT... The post Dragos, UAE Cyber Security Council launch OT...
Cyber is no longer a supporting capability. It now shapes how defense organizations plan, assess, and act.
No customer info stolen, no impact to operations, and no blackmail payment
Microsoft has finally brought back the resizable taskbar and Start menu to Windows 11 in the latest preview version rolling out to Insiders in the Experimental channel. [...]
The BFSI (Banking, Financial Services, and Insurance) sector has always been a prime target for cybercriminals. But today, the threat landscape has evolved beyond isolated attacks into a...
pewag, Inc. writes to inform you of a recent event that may impact some of your personal information. While we are not aware of any actual or attempted misuse of your information to perpetrate...
On July 10, 2025, we discovered that we were the target of a cybersecurity incident and that files were encrypted in our virtual back-office environment that supports the shared back-office...
On January 7, 2026, Hank’s Furniture detected unauthorized activity on certain systems within our network. We promptly took steps to contain the activity and launched an investigation, with the...
On February 13, 2025, Terra Holdings learned of suspicious activity on certain systems in its environment. Upon learning this, Terra Holdings immediately launched an investigation with the...
Murray County’s government network has been hit by a cyberattack, forcing several county offices to limit services and close some departments until systems are restored. County officials say first...
Ask a plant manager what keeps them up at night, and you’ll hear the usual answers: machine downtime, supply chain delays, quality issues, and labor gaps. But in 2026, endpoint protection for...
In recent weeks, we pointed Mythos and other security-focused LLMs at live code across critical parts of our infrastructure. We share what we observed, the models’ strengths and weaknesses, and...
Microsoft has confirmed that the May 2026 Windows 11 security update (KB5089549) fails to install on some systems and triggers 0x800f0922 errors. [...]
A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. [...]
Multiple researchers using the same tools to find the same bugs are creating ‘unnecessary pain and pointless work’