A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to compromise Facebook accounts. The...

Unit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore the full details here. The post Essential Data Sources for Detection Beyond the Endpoint...

The exploit, dubbed CopyFail and tracked as CVE-2026-31431, allows hackers to take over PCs and data center servers. The Linux vulnerabilities have been patched—but many machines remain at risk.

Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance in a new preview build. [...]

Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the confines of SaaS environments, while leaving minimal...

Instructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact. [...]

Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European...

JetBrains security advisory (AV26-412)

AL26-010 – Cyber Criminals Social‑Engineering‑Enabled Compromise of Enterprise SaaS Environments

Incident responders at Rapid7 said successful exploitation of CVE-2026-41940 “grants an attacker control over the cPanel host system, its configurations and databases, and websites it manages.”

The managed security services market is projected to grow from $38.31 billion in 2025 to $69.16 billion by 2030[1], with cybersecurity being the fastest-growing sector[2]. Despite this...

The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks...

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering,...

Exploitation was underway before patches landed, at least one victim reports ransomware demand

Microsoft Edge security advisory (AV26-411)

French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country's agency for issuing and managing administrative documents. [...]

Altman's crew now doing the same gatekeeping it recently mocked

Exploitation was underway before patches landed, at least one victim reports ransomware demand CISA has added a critical cPanel bug to its known-exploited list, confirming that attackers are...

313 Team tells Canonical: pay up or the packets keep coming

Dear readers, With so much hanging in the balance, it was good to see POLITICO’s report by Aaron Mak, Dana Nickel and John Sakellariadis that tech companies are quietly meeting with the White...

Authorities dismantle cybercrime rings, scammers extract billions using social media, and threat actors poison SAP-related npm packages.

Detect and mitigate Copy.Fail (CVE-2026-31431), an easily exploitable vulnerability in the Linux kernel that allows escalation from an unprivileged local user account to root access.

Security researchers and European cybersecurity officials are urging administrators to address the risk posed by a newly discovered security flaw that has been hiding in the Linux operating system...

Altman's crew now doing the same gatekeeping it recently mocked OpenAI is lining up a limited release of its new GPT-5.5-Cyber model to a handpicked circle of "cyber defenders," just weeks after...

Someone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients.

Start date pushed back a year, annual cost up a third, and UK's now handing out eight million passports a year

313 Team tells Canonical: pay up or the packets keep coming Canonical says its web infrastructure is under attack after a pro-Iran hacktivist group instructed its members to target the open source giant.…

Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and speeding up...

Start date pushed back a year, annual cost up a third, and UK's now handing out eight million passports a year The Home Office has increased the annual value and overall duration of its new...

Detecting a vulnerability is easy. Finding the person responsible for fixing it is where remediation programs often break down. See how Tenable Hexa AI uses MCP to connect your exposure data to...