Drawing on lessons from the Iran war, a study shows how Russia could force Lithuania into capitulation in 90 days with no soldiers crossing the border. Drafted by the Baltic Defense Initiative, a...
Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. [...]
Education company McGraw-Hill has confirmed in a statement to BleepingComputer that hackers exploited a Salesforce misconfiguration and accessed its internal data. [...]
Why didn’t China’s rise trigger containment sooner? For three decades, Beijing’s economic weight expanded dramatically, its military modernized at speed, and its diplomatic footprint widened...
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with...
AI isn’t creating new classes of vulnerabilities, according to research from Wiz – but it is expanding the range of where well-known risks can appear. Analysis from the cloud security firm found...
[Control systems] Siemens security advisory (AV26-347)
Samsung mobile security advisory (AV26-348)
OpenAI is requiring all macOS users to update their OpenAI apps after a supply chain attack compromised a third-party developer library and exposed certificates used to verify the authenticity of...
8Critical154Important1Moderate0LowMicrosoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild.Microsoft...
A look at 2025 state-sponsored threats, exploring how actors linked to China, Russia, North Korea, and Iran use vulnerabilities, identity, and trusted access paths to achieve their goals.
A proposed federal class action lawsuit alleges two California healthcare organizations violated patient privacy laws in their use of an artificial intelligence-enabled tool that records,...
Microsoft has released Windows 11 KB5083769 and KB5082052 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution.FortiAnalyzer is a unified security operations platform that...
Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities. [...]
Spring Lake Park Schools has cancelled all classes for a second straight day as it works to restore critical systems following a suspected ransomware attack. According to an initial release from...
New data from Black & Veatch-Takepoint Research finds a persistent execution gap in the manner cybersecurity is integrated... The post Black & Veatch-Takepoint Research finds fragmented ownership...
Videos circulating on dark web forums have pulled crypto exchange Kraken into an extortion attempt, but the exchange says no systems were compromised and client funds remain secure. The firm...
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe Acrobat Reader is a free, widely used software application...
Vaccines are at risk from Chinese hackers who can break into internet-connected refrigerators, a cross-party group of MPs and experts has warned. The Coalition on Secure Technology, the...
A GAO review has found that selected agencies were not systematically collecting lessons learned from AI acquisitions — a necessary first step to share knowledge about AI acquisitions in...
The United States Army is undergoing the Transformation in Contact initiative to prepare for large-scale combat operations against peer and near-peer threats. The Secretary of the Army has...
The U.S.-Israeli war with Iran, now in an unstable ceasefire, has exposed a structural failure in the global semiconductor memory supply chain, and it is not the one analysts seem to be tracking....
Cloudflare is introducing scannable API tokens, enhanced OAuth visibility, and GA for resource-scoped permissions. These tools help developers implement a true least-privilege architecture while...
We share Cloudflare's internal strategy for governing MCP using Access, AI Gateway, and MCP server portals. We also launch Code Mode to slash token costs and recommend new rules for detecting...
Managed OAuth for Cloudflare Access helps AI agents securely navigate internal applications. By adopting RFC 9728, agents can authenticate on behalf of users without using insecure service accounts.
Gain a unified view of AI application endpoints and DNS exposure across your environment, including which are protected by Cloudflare and which need to be secured
Honey, the skids are fighting again Two rival ransomware gangs have locked horns after 0APT threatened to expose people affiliated with Krybit.…
The performance gap between United States and Chinese artificial intelligence (AI) models has “effectively closed,” even as the United States maintains a strong lead in data center infrastructure...
The U.S. Environmental Protection Agency is seeking FY 2027 budget authority to expand its Drinking Water Infrastructure Resilience... The post EPA proposes $19 million information security...