CERT Polska has received a report about 3 vulnerabilities (from CVE-2026-40550 to CVE-2026-40552) found in mpGabinet software.
A vulnerability has been discovered in OpenSSH which could allow for authentication bypass. OpenSSH (Open Secdure Shell) is an open-source suite of secure networking utilities based on the SSH...
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider...
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in...
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert...
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
A vulnerability has been identified in the popular open-source text editor, Notepad++, with the release of CVE-2026-3008. The vulnerability, discovered and reported by CSA under its Responsibility...
A U.S. Senator introduced legislation aimed at strengthening defenses against drone threats targeting critical infrastructure, proposing to grant... The post US bill allows critical infrastructure...
The National Motor Freight Traffic Association (NMFTA) announced the promotion of Ben Wilkens to director of cybersecurity, where... The post NMFTA names Ben Wilkens director of cybersecurity to...
The OT Cybersecurity Information Sharing and Analysis Center (OT-ISAC) published an energy sector threat advisory covering public reporting... The post OT-ISAC flags rising energy sector cyber...
Linux vendor touts European independence at SUSECON as majority stakeholder quietly explores its options European-based SUSE devoted much of the annual SUSECON event to its sovereignty-focused...
Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. [...]
Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies. [...]
Inaugural global study finds more than half of organizations are not fully confident their AI security controls would detect compromised AI
But if you didn’t see a red-flag signal during a scan of the network, you’re not alone: Almost 7,500 organizations around the world were hit by ransomware last year—and there are lots of ways into...
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. [...]
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and...
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump
Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests. The post Chinese...
Explore the 2026 Claude Mythos breach, supply chain risks, and the $2B+ crypto theft pipeline.
Learn how mule account intelligence — not tactic-tracking — is the most effective lever for preventing APP fraud before funds move.
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on...
Relax, the data's been recovered. Continue with your vibe coding
A pro-Iran hacking group claimed responsibility for an eBay outage that began Sunday and said it will “continue to rapid fire assaults and destroy their backends” if the group’s demands went...
In April 2026, the hacking collective ShinyHunters claimed to have obtained data from Pitney Bowes as part of a broader extortion campaign that also named several other organisations. After...
M3rx is a new ransomware name with a leak site, a Tox contact, and a Windows encryptor that is already doing real work. . It carries an embedded config, writes RECOVERY_NOTES.TXT, renames...
Itron, Medtronic disclose breaches in Friday filings
Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web....
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had...
The suspected shooter at Saturday night's White House Correspondents' Dinner faces three felony charges. He currently remains in custody following Monday's hearing.