Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick...

All your compromised credentials are belong to us now instead of the other gang

cPanel security advisory (AV26-437)

AI models now find and exploit zero-days autonomously. This 4-pillar framework accelerates patching, analysis, and threat response.

AL26-011 - Vulnerabilities affecting Linux - CVE-2026-43284 and CVE-2026-43500

Insider trading is rife on Polymarket: Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—­defined as wagers of $2,500 or more at...

The Senate’s top Democrat is worried about smaller government entities being left behind as AI models advance hacking risks. The post Sen. Schumer seeks DHS plan on AI cyber coordination with...

The Senate’s top Democrat is worried about smaller government entities being left behind as AI models advance hacking risks. The post Sen. Schumer seeks DHS plan on AI cyber coordination with...

A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise...

Microsoft Edge security advisory (AV26-436)

The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report...

Broken disclosure embargo left admins facing a fresh root-level flaw with no CVE

After years of insisting end-to-end encryption was the future of online comms, Zuckcorp has handed itself full visibility into user chats once again

This Threat Analysis report is part of the “Purple Team Series” in which the LevelBlue Global Security Operations Center (GSOC) provides a technical overview of some of the methods that threat...

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called...

A House Democrat who’s been at the forefront of congressional efforts to scrutinize the federal government’s use of commercial spyware wants the Commerce Department to brief Capitol Hill amid...

The guardians manning screens in the mission-ops center here oversaw the launch of five types of rockets in April, a new record that involved NASA’s Artemis II, the first reused New Glenn booster,...

The Pentagon is preparing to take additional steps to address a major bottleneck that could limit the military’s ability to proliferate artificial intelligence capabilities throughout the force:...

Dear readers, Mythos didn’t just shake up how AI can attack and defend: Business as usual, and the public-private partnership model on which we have long relied, is being fundamentally reshaped....

A new CSIS report, Building a Robust U.S.-ROK Cyber Alliance: A Joint Cyber Resilience Strategy, examines how the United States and South Korea can strengthen bilateral cyber cooperation in...

Until recently, artificial intelligence was a welcome tailwind for U.S. growth. We’re beyond that now. AI is more like a hurricane-strength weather system making itself felt across the entire...

On the eve of the U.S.-Israeli strikes on Iran, 56 tankers sailed through the Strait of Hormuz. Two days later, Lloyd’s List, the maritime industry’s journal of record, counted just seven tankers...

Karakurt and DPRK facilitators sentenced, PCPJack worm steals cloud credentials while evicting rivals, and attackers exploit an unpatched PAN-OS zero-day.

Iran is ramping up trade with China via rail in a bid to blunt the impact of a US blockade of its ports and adapt to pressure designed to strangle its economy. The number of cargo trains going...

ShinyHunters takes the credit and gives developer an F for security

ShinyHunters takes the credit and gives developer an F for security

Weeks after the Copy Fail vulnerability was revealed, a new Linux kernel escalation vulnerability has been uncovered. Dubbed “Dirty Frag,” this flaw could allow a local user to gain root access on...

A key company behind Thailand’s national AI effort is suspected of helping to smuggle billions of dollars worth of Super Micro Computer Inc. servers containing advanced Nvidia Corp. chips to...

Developers using the latest versions of AI coding tools like Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI could inadvertently execute malicious code on their systems with a single...

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States...