A newly revealed Exim BDAT vulnerability is affecting some email server setups that use Exim as their Mail Transfer Agent (MTA), prompting security attention due to its severity. Tracked as...

UK researchers find LLMs are learning to finish jobs faster and improving all the time

Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. [...]

Cybersecurity in Construction: Your Site Is Secure – But Is Your Data? There’s something ironic about the construction industry. You’re in the business of building things that last, structures...

Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. [...]

Reducing memory requirements to control costs in a new wave of kit

The alleged main administrator of Dream Market Incognito Market, one of the largest dark web marketplaces before its shutdown, has been indicted in the United States on money laundering charges. [...]

In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data allegedly taken from the company's Salesforce...

Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) that allows attackers to run malicious...

Palo Alto Networks found and fixed 75 flaws this month, up from its usual five

If a setting fails in the forest and nobody hears it ...

If a setting fails in the forest and nobody hears it ...

The real question in modern cyber defense isn't who has more technology. It's who uses their resources more efficiently. Here's how AI fused with threat intelligence tips that balance.

NVD enrichment now covers only 15–20% of CVEs. Learn how Recorded Future Vulnerability Intelligence prioritizes risk using real attacker behavior signals.

Multiple trojanized versions of the @node-ipc package have were uploaded to npm on 14 May 2026. The malicious versions are: [email protected], [email protected], [email protected] The malicious code...

AI systems that can find vulnerabilities and write exploits faster than humans are forcing companies and government agencies to rethink cyber defense around machine-speed response, CrowdStrike...

Apache, Alibaba databases vulnerable and only one has a patch

HPE security advisory (AV26-465)

Apple security advisory (AV26-466)

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by...

Autonomous drones and ground vehicles will stream “battlefield intelligence” over 5G along the US-Canada border in a bilateral DHS experiment this fall.

cPanel security advisory (AV26-464)

Drupal security advisory (AV26-463)

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026,...

West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [...]

Security pros warn YellowKey claim could make stolen laptops a much bigger problem

SentinelOne’s latest report examines the evolving 'secrets' threatscape, showing how modern cloud and AI infrastructures are being exploited.

The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and...

Palo Alto Networks security advisory (AV26-462)

F5 security advisory (AV26-461)