A federal jury on Thursday convicted an Alexandria man of conspiring with his twin brother to delete approximately 96 federal government databases after the pair were fired from a contractor that...

Social media biz says watchdog's fine formula is 'disproportionate' and should stop counting global revenue

Health authorities across several countries are racing to trace and contain an outbreak of the hantavirus after the World Health Organization (WHO) said Thursday that five confirmed infections had...

The National Reconnaissance Office (NRO) is expanding its research and experimentation projects designed to allow analysts to track back how artificial intelligence (AI) algorithms come to...

NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach. [...]

In this weekly roundup from The Cyber Express, the global cybersecurity landscape continues to show rapid and uneven change, shaped by both regulatory shifts and escalating cyber threats....

Poland’s domestic intelligence service said attackers breached water treatment facilities in five towns in 2025, in some cases gaining access to industrial control systems that could have...

One of the Pentagon’s top technology leaders ruled out any reconciliation with Anthropic, despite the White House softening its own tone on the AI company. “Never again will we be single-threaded...

On a recent call with the heads of the biggest artificial-intelligence companies, Vice President JD Vance was alarmed. New AI models such as Anthropic’s Mythos, which are capable of finding...

Akamai edge configurations are now visible on the Wiz Security Graph, giving teams a single understanding of risk from edge to runtime

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it has been described as a successor to Copy Fail...

Attackers move faster than overwhelmed SOC teams can realistically investigate alerts. Prophet Security breaks down how AI can help analysts investigate alerts faster and focus on real threats. [...]

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. [...]

AI-driven discovery, NIST’s retreat from universal enrichment, and the end of “good enough” vulnerability managementKey takeawaysAI-driven discovery tools are accelerating CVE volume, resulting in...

Unpatched kernel flaw chain (CVE-2026-43284, CVE-2026-43500) enables root escalation on major Linux distributions.

With the launch of the first 16 satellites, Russia begins construction of a network for satellite internet that aims to cover the entire country by 2030. But getting there won’t be easy.

A newly disclosed local privilege escalation (LPE) vulnerability known as Dirty Frag is raising serious concerns across the Linux ecosystem after researchers revealed that the flaw can grant root...

CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. [...]

During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project maintainers promptly patched the vulnerability.

In April 2026, the fashion brand Zara was among a number of organisations targeted by the ShinyHunters extortion group as part of their "pay or leak" campaign. The group claimed the breach was...

Hackers who gained access to the databases of Spanish fast-fashion retailer Zara stole data belonging to more than 197,000 customers, according to data breach notification service Have I Been Pwned. [...]

Universities across the US reported widespread outages on Thursday after a cybersecurity incident affected the Canvas online learning platform used by colleges nationwide. The disruption involved...

Industrial cybersecurity firm Dragos revealed details of an AI-assisted intrusion targeting a municipal water and drainage utility serving... The post Dragos details AI-assisted intrusion...

Researchers at Securelist by Kaspersky disclosed an ongoing supply chain attack targeting the official website of the widely... The post Kaspersky uncovers targeted DAEMON Tools supply chain...

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters.

A 34-year-old Virginia man was found guilty of conspiring to destroy dozens of government databases after getting fired from his job as a federal contractor. [...]

A new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. [...]

Yet it remains unclear if Anthropic's uber model was effective, or if better model middleware is what makes the difference

Explore the different types of payment fraud and become aware of telltale signs and how to prevent them.

Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score:...