Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by...

An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical...

An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle...

Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. [...]

FBI cyber chief Brett Leatherman told CyberScoop the Russian GRU campaign was unique in how it could propagate from routers to beyond. The post Inside the FBI’s router takedown that cut off...

UK and US customers stuck waiting after fleet management SaaS vendor took affected environments offline A cybersecurity incident has knocked FleetWave into a "major outage" across the UK and US...

Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. [...]

Malicious PDFs abuse legit features to harvest system data and decide which victims get a 2nd-stage payload Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat...

No emails, no warnings, no humans – just bots, catch-22s, and a 60-day appeals queue Microsoft says that it will work on how it communicates with developers after two leading open source figures...

Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April 2024 announcement, Device Bound Session Credentials (DBSC)...

Edge devices are prime targets — learn how attackers exploit the perimeter to gain access, persist, and pivot to identity.

Wash your mouth out with digital soap Apple Intelligence, the personal AI system integrated into newer Macs, iPhones, and other iThings, can be hijacked using prompt injection, forcing the model...

TLP: AMBER+STRICT The LevelBlue SpiderLabs team examined the latest version of ErrTraffic, which emerged in early 2026. In a recently observed campaign, the team found that ErrTraffic primarily...

Insights from public incidents, cloud telemetry, and investigations into how cloud risk evolved in 2025

Iranian-affiliated threat actors are actively targeting internet-exposed ICS (industrial control systems), with new Censys research highlighting how widely... The post Censys warns systemic...

Companies caught in the storm of false or misleading online narratives often say they never saw it coming. In reality, many reputational attacks are foreseeable. You cannot predict the precise...

Companies caught in the storm of false or misleading online narratives often say they never saw it coming. In reality, many reputational attacks are foreseeable. You cannot predict the precise...

OpenAI is finalizing a model with advanced cybersecurity capabilities that it plans to release only to a small set of companies, similar to Anthropic’s limited roll out of Mythos, a source...

OpenAI is finalizing a model with advanced cybersecurity capabilities that it plans to release only to a small set of companies, similar to Anthropic’s limited roll out of Mythos, a source...

Space security has become an increasingly salient policy issue. Over the last several years, there has been growing concern from multiple governments over the reliance on vulnerable space...

Space security has become an increasingly salient policy issue. Over the last several years, there has been growing concern from multiple governments over the reliance on vulnerable space...

Quantum power parity is a strategic situation in which rival great powers, in this case the United States and China, have amassed quantum capabilities to the point that neither side can grant the...

Quantum power parity is a strategic situation in which rival great powers, in this case the United States and China, have amassed quantum capabilities to the point that neither side can grant the...

Laura Cress reports: A former Meta employee suspected of downloading around 30,000 private images of Facebook users is being investigated by the Metropolitan Police. The engineer, who lives in...

Yonhap News reports: Lotte Card has been notified by the financial watchdog that it is liable for around 5 billion won ($3.38 million) in financial penalties and a business suspension of over four...

Two firms recently told DataBreaches that about 30% or more of their clients pay ransom after a cyberattack. But you may get a different impression from other findings. The Actuary reports:...

The CIA late last year raised the status of its elite cyber espionage division, providing it more resources to analyze and disrupt digital threats, as well as amp up the agency’s own technological...

The CIA late last year raised the status of its elite cyber espionage division, providing it more resources to analyze and disrupt digital threats, as well as amp up the agency’s own technological...

Rob White reports: A major pensions administrator is under investigation after admitting its second data breach in three years, the Government has confirmed. Capita, which runs the Civil Service...

Upasana Sajeev reports an update to a case previously noted on this site: The Madras High Court has dismissed an appeal filed by cybersecurity specialist Himanshu Pathak against a single judge’s...