Anthropic PBC is set to give the European Union’s cybersecurity body access to Mythos, the first EU agency to get access to the powerful artificial intelligence tool that officials fear may be...

Introduction Ransomware attacks continue to evolve at an alarming pace, affecting organizations of all sizes across industries. Cybercriminals are no longer relying on simple encryption tactics...

Introduction Ransomware attacks continue to evolve at an alarming pace, affecting organizations of all sizes across industries. Cybercriminals are no longer relying on simple encryption tactics...

If you’re going to impersonate an officer, perhaps choose a more sophisticated way to nick cash than asking for gift cards…

In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations...

CERT Polska has received a report about 2 vulnerabilities (CVE-2026-34906 and CVE-2026-34907) found in Wirtualna Uczelnia software.

Multiple Instagram users had their accounts hijacked after attackers convinced Meta's AI-powered support tools that they were the legitimate owners. [...]

As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share...

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft...

AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI...

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework. The post Operation FlutterBridge: macOS...

The right-wing think tank is actively pushing “civil terrorism”—increasing penalties for minor crimes committed while people engage in constitutionally protected free speech.

Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown...

CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. [...]

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

The Bombay High Court has stepped in to prevent a catastrophic data leak, granting a temporary injunction against an unidentified ransomware group calling itself “Morpheus.” The group allegedly...

Iran's MOIS expands its Handala brand to hybrid cyber and physical threat operations, recruiting proxies to conduct attacks, espionage, and sabotage against US and Israeli interests

TeamPCP? Or copycat malware dev?

Bitdefender Labs has uncovered a large-scale malvertising ecosystem operating across APAC, where scam campaigns are distributed through paid advertising on Meta platforms and quickly generate...

A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a...

The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning. The post Attackers are exploiting Palo Alto Networks defect that...

Hacking voting machines is so 2017. Phishing, impersonation pose the real election risks

NIST’s National Vulnerability Database (NVD) backlog mushroomed from 13,000 unprocessed security vulnerabilities in February 2024 to more than 27,000 by the end of 2025, “undermining the NVD’s...

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round:...

Citizen Lab senior research fellow Jon Penney and co-author Bruce Schneier wrote an op-ed in The Conversation about chilling effects. The post Chilling effects of Trump’s war on free speech extend...

Qualcomm security advisory – June 2026 monthly rollup (AV26-535)

Broadcom VMware security advisory (AV26-536)

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. [...]

Oracle security advisory – July 2024 quarterly rollup (AV24-401) - Update 1

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware,...