Modula-based source code resurfaces after nearly four decades
France is accelerating its transition to post-quantum encryption: France’s cybersecurity agency ANSSI said on Tuesday it would stop certifying security products that lack quantum-resistant...
The Office of Professional Responsibility has opened more than 100 cases over what ICE officials call “incidents of doxing and threats” against ICE employees.
The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.
Financial institutions are putting their clients at risk in the name of convenience.
We are currently witnessing a quiet but profound shift in how the next generation seeks to manage emotional regulation. We see a new mental health behavior has firmly established itself within a...
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the...
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google...
Attested TLS: the handshake that can't prove who's on the other end
Attested TLS: the handshake that can't prove who's on the other end
Plus: Alleged Scattered Spider hacking member extradited, dozens of license plate reader errors, and Indian officials are concerned about WhatsApp’s username rollout.
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The...
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and...
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of a multi-stage phishing chain capable of bypassing...
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to...
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and...
GitHub security advisory (AV26-650)
Erlang security advisory (AV26-651)
A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while...
Third-party contractor compromise exposed health information and insurance billing passwords
In June 2026, Moody Bible Institute was targeted by a ShinyHunters "pay or leak" extortion campaign. Over 2.3M unique email addresses and other personal data were later published publicly,...
WatchGuard security advisory (AV26-649)
Other residential proxy brands may rely on the same network
Kubota North America Corporation disclosed that hackers had access to some of its network systems for more than a month earlier this year. Following an investigation into the incident, the company...
McAfee researchers are warning cryptocurrency users worldwide about a malicious browser extension that hides behind the name “Google Notes” while changing wallet addresses during transactions. In...
During a recent conference on the People’s Liberation Army, I heard the same question posed to attendees and paper writers: “How would China react to U.S. force posture change X, Y, or Z?” or “How...
Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered...
An investigation into a June 11 cyber attack claimed by an Iranian-linked hacker group found that hackers accessed one California Water Service customer’s online account using stolen credentials,...
Nebraska Rep. Don Bacon revealed on social media that his Signal chat had been hacked by Russia months ago. Posting on X, Bacon said he had been notified of the breach by law enforcement and House...
A Trump administration-dominated U.S. Federal Trade Commission took aim Wednesday at “undisclosed ideological objectives” embedded in the responses of large language models, warning that anything...