HashiCorp security advisory (AV26-363)

JetBrains security advisory (AV26-364)

Security researchers recently spent a month getting a first-hand look at the activity of cybercriminals targeting the trucking and logistics industry. The researchers, from cybersecurity firm...

A security researcher named Morpheuskafka has found that thousands of private files from the Tel Aviv-based gig-work website Fiverr were left open for anyone to view online. The leaked data...

This article is the result of a collaboration with Indian media outlet Newslaundry. You can find Newslaundry’s editorially independent coverage here. Indian companies have shipped more than 320...

On 13 April 2026, 21 countries joined forces in a coordinated action week that focused on enforcement and prevention measures against over 75,000 criminal users engaging in distributed...

The suspect accused of attempting to murder OpenAI CEO Sam Altman expressed interest in “Luigi’ing” technology leaders in an online chat late last year, referring to Luigi Mangione, the man...

Authorities take down W3LL phishing ring, AgingFly malware steals Ukrainian government data, and actors exploit Nginx flaw to hijack servers.

TBK DVRs targeted by Nexcorium: exploiting, persisting, brute-force attacks, and multi-architecture Mirai-style DDoS in a single campaign. From CVE-2024-3721 exploitation to CVE-2017-17215 reuse,...

Strategic debate in Washington often focuses on the possibility of a future kinetic war over Taiwan, yet Midshipman Second Class Alejandro D. Tilley argues in a paper at the U.S. Naval Institute...

The House unanimously passed a short-term extension of the nation’s spy powers early Friday morning after GOP rebels dramatically rejected a late-night, last-minute deal to extend the measure for...

The U.S. Secret Service is moving to embrace kinetic mitigation technologies to counter the threats posed by unmanned aerial systems — or drones — ahead of multiple upcoming large-scale events,...

The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability...

America and China are racing for technological supremacy, and the margin is razor thin. Today, tech supremacy is increasingly synonymous with artificial intelligence (AI) leadership. And China has...

A Chinese ship has tested a new device capable of slicing through submarine data cables thousands of meters beneath the ocean surface. That demonstration may exacerbate security concerns over a...

Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-5131) has been found in GREENmod software.

An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more...

Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence agencies. [...]

Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to...

The U.S. Department of Homeland Security, through its Transportation Security Administration (TSA), published a 60-day notice inviting public... The post TSA seeks stakeholder input on...

In cybercrime markets, trust isn't assumed, it's verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data quality, reputation, and survivability. [...]

University student says he plans to move to Android, but concedes iOS engineers acting fast Apple is finally working on a fix for a bug that has locked some users out of their iPhones for months,...

Famously vengeful Knicks owner Jim Dolan has long spied on people at his iconic arenas. WIRED goes deep inside the operation that allegedly tracked a trans woman, lawyers, protesters, and more.

The U.S. National Institute of Standards and Technology (NIST) is moving to modernize one of the most critical... The post NIST advances CMVP modernization to close gap between cryptographic...

Critical infrastructure cybersecurity firm OPSWAT and global automation company Emerson announced a global strategic reseller agreement that will bring... The post Emerson partners with OPSWAT to...

Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.

A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To...

Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today's cybercrime. Join our upcoming webinar to learn how to combine security and...

Pause your Mythos panic because mainstream models anyone can use already pick holes in popular software Anthropic withheld its Mythos bug-finding model from public release due to concerns that it...

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years. [...]