Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the...

As Portugal gives researchers a pass under cybersecurity law Portugal has become the latest country to carve out protections for researchers under its cybersecurity law.…

Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.

Shortly after details of CVE-2025-55182 became public, we began noticing large volumes of exploitation attempts across our endpoint and network sensors. The vulnerability, informally referred to...

Officials insist OBR relied on 'early estimate' and real figure won't emerge until next year The head of the department delivering the UK government's digital identity scheme has rejected the £1.8...

Learn why AI workloads demand a new approach to cloud securityKey takeaways:The Visibility Gap: Because AI innovation has outpaced traditional security readiness, organizations face a critical...

The pattern which emerged was that attackers prefer to work in a low complexity and low effort manner. Most victims were compromised through RDP and frequently after that attackers use...

The village of Golf Manor will consider paying a $10,000 ransom to unlock computer systems affected by a recent cyberattack. The ransomware attack infiltrated and encrypted the village's computer...

Get your Hyper-V and VMware ESXi setups in order, people Researchers at security software vendor Huntress say they’ve noticed a huge increase in ransomware attacks on hypervisors and urged users...

Note: The analysis cut-off date for this report was November 10, 2025 Executive Summary Insikt Group continues to monitor GrayBravo (formerly tracked as TAG-150), a technically sophisticated and...

November 2025 CVE landscape: 10 exploited critical vulnerabilities, a 69% drop from October, and why Fortinet and Samsung flaws need urgent patching.

Explore 5 third-party risk examples, from vendor data breaches to supply chain attacks and learn how third-party risk management can prevent cyberattacks.

While spelunking through the noise of React2Shell initial access payloads, we were diverted down a side quest when we spotted an exploit attempting to drop a well-known Remote Monitoring and...

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan...

Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. The post Officials...

The re:Invent announcements that are most impactful to security teams.

Legislators at both the state and federal level have increasingly scrutinized how AI models suck up data for training purposes.

Instagram and Facebook users in the EU will now have the option to share less personal data and see fewer personalized ads.

Minors groomed to kill and intimidate victims Nearly 200 people, including minors accused of involvement in murder plots, have been arrested over the last six months as part of Europol's...

It’s been a week of chaos in code and calm in headlines. A bug that broke the internet’s favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking cyberattacks —...

The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers time automated campaigns to get maximum return. Multiple industry threat reports...

We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors.

The ban on Roblox has drawn a sharp backlash from the platform’s roughly 18 million monthly Russian users — mostly children and teenagers — who have launched social-media campaigns and video...

Researchers have confirmed more than 30 affected organizations tied to the React2Shell bug that emerged last week.

Cybersecurity researchers have disclosed details of two new Android malware families dubbed FvncBot and SeedSnatcher, as another upgraded version of ClayRat has been spotted in the wild. The...

KuppingerCole has the go-to guide on what to look for, how to evaluate platforms, and an expert POV on Symantec Security Service Edge (SSE)

Senior House Homeland Security Committee Republicans are seeking information from Apple and Google about mobile applications that enable users to report or track the presence of Immigration and...

The Department of Veterans Affairs is moving toward a more operational approach to cybersecurity. This means VA is applying a deeper focus on protecting the attack surfaces and closing off threat...

America’s ports are a backbone of the U.S. economy and national defense. They move food, fuel, medical supplies, and military logistics at scale. But modern port operations increasingly depend on...

A new report from Europol examines the use of unmanned systems by law enforcement as well as activities and capabilities against the unlawful use of drones. It also highlights a critical gap in...