African organizations have seen fewer cyberattacks so far in 2026, compared to the previous year, as cybercriminal and espionage activity shifts to other regions, such as Latin America, according...
Medical data belonging to 500,000 British citizens was listed for sale on the Chinese e-commerce website Alibaba, the UK government said Thursday. The data is held by the UK Biobank charity and...
The U.S. capital’s primary law enforcement agency has reported “unauthorized access” on its computer network. “We are aware of unauthorized access on our server,” the Metropolitan Police...
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. [...]
When South Korea’s biggest online retailer revealed last year that a data breach had compromised tens of millions of customer accounts, it appeared to be a corporate crisis. But five months later...
The National Institute of Standards and Technology’s cybersecurity hub is organizing a new project focused on helping critical infrastructure organizations gain better visibility into their...
One way to deal with bug hunting LLMs: ditch the old drivers One tactic to deal with LLM-powered vulnerability detection is simple – just speed up the removal of old code. If it's gone, it no...
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. [...]
A U.S. agency was breached by sophisticated hackers in September through a vulnerability in Cisco firewalls. The Cybersecurity and Infrastructure Security Agency (CISA) said the unnamed department...
Joint Chiefs Chairman Gen. Dan Caine said Thursday that autonomous weapons are going to be a “key and essential part of everything we do” when asked about how such tools would fit into the future...
The Trump administration on Thursday accused Chinese entities of waging “industrial-scale campaigns” to rip off U.S. artificial intelligence systems, and said it will explore ways to hold the...
OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. [...]
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public...
Chipzilla hopes agents, robots, and edge devices make CPUs cool again... now it has to build the chips Intel is betting on AI to reverse its fortunes, wagering that inference and agentic workloads...
Cross-site Scripting vulnerability (CVE-2026-4313) has been found in AdaptiveGRC software.
Ailing scaling blamed by Windows-maker for unreadable missives Microsoft's update to harden Remote Desktop against phishing attacks has arrived. When users open a Remote Desktop (.rdp) file, they...
OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs Black Hat Asia Open source models can find bugs as effectively as...
Missed flights and more means something has got to give at the border
It was used to track a Dutch naval ship: Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch government website and...
In the region, there are countries with very different industrial cybersecurity situations. Yemen ranked second in the world by percentage of ICS computers on which malicious objects were blocked,...
Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are...
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw. [...]
Missed flights and more means something has got to give at the border Greece is taking a flexible approach to introducing the European Union's biometric Entry/Exit System (EES), after some British...
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability
FAST16 could be the first cyberweapon, and its effects could be with us today
Nothing says 'We want honest opinions' like a 36,000-letter mailshot with no awkward questions allowed Members of the UK government’s People’s Panel on Digital ID will spend two weekends in...
The Outpost24 Threat Intelligence team research Handala Hack Team, the group claiming responsibility for several high-profile cyber-attacks. The post Handala Hack Team: Threat Actor Profile...
Kaspersky researcher discovered a vulnerability in RPC architecture that enables an attacker to create a fake RPC server and escalate their privileges.
Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April...