This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open. The noise is not all noise, either....
Apple security advisory (AV26-641)
Police must get a warrant to request geofence data involving individual cellphones, the U.S. Supreme Court ruled in what represents a victory for privacy advocates.
IBM security advisory (AV26-639)
Microsoft Edge security advisory (AV26-640)
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development...
Dell security advisory (AV26-638)
Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no...
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian...
The GitHub Advisory Database is processing more vulnerability reports than ever before. Here's what's driving the surge, how we're responding, and how the community can help. The post Inside the...
Interesting research on a new class of weak RSA keys: keys with lots of zeros. It turns out that these keys are out in the wild. The badkeys project is an open-source service that checks public...
You don't need Mythos or GPT-5.5-Cyber to find a vuln to exploit when the world's password habits are so sloppy
Russia-linked hacking groups tracked as UNC5792 and UNC4221 have socially engineered their way into the messaging accounts of government officials.
In the Azure Edition, of course
NASA researchers are testing an AI clinical decision support system to help astronauts diagnose and treat medical symptoms during deep-space missions. The Crew Medical Officer Digital Assistant...
Stack-based Buffer Overflow vulnerability (CVE-2026-11979) has been found in libxml2 software.
The U.S. Department of Health and Human Services is preparing new guidance to help accelerate the adoption of artificial intelligence across healthcare, with federal officials signaling that...
As cyber threats against critical infrastructure continue to rise globally, the Dubai Electricity and Water Authority (DEWA) says it is successfully blocking around 3,000 cyberattacks every day...
he Department of Homeland Security is continuing to explore ways to bolster its defenses against drones, according to DHS Secretary Markwayne Mullin, who testified on Thursday before the House...
Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal...
Written by: James Sadowski, Alden Wahlstrom Introduction Four years into Russia’s full-scale invasion of Ukraine, the pro-Russia influence ecosystem has evolved from a tool of war back into a...
The Federal Risk and Authorization Management Program (FedRAMP) on June 25 finalized its Consolidated Rules for 2026, giving agencies, cloud service providers, independent assessors, and advisors...
Unrestricted Upload of File with Dangerous Type vulnerability (CVE-2026-13165) has been found in SzafirHost software.
The Security Service of Ukraine (SSU), working jointly with the FBI, has formally exposed a sustained Russian intelligence campaign targeting the messaging accounts of government officials,...
The number of Iranian cyberattacks against Israel has shot up since the launch of the US-Israeli war with Iran this year, Yossi Karadi, director general of the National Cyber Directorate, was...
[Control systems] CISA ICS security advisories (AV26-637)
A new white paper on global governance presents Chinese leader Xi Jinping’s flagship foreign policy initiative as a bid to reform international governance in its favor. Both the white paper itself...
Ubuntu security advisory (AV26-635)
Red Hat security advisory (AV26-636)
Move beyond chasing vulnerabilities to a unified hybrid risk strategy. The Sensor Workload Scanner is now GA and extends our risk prioritization engine to on-premise environments to identify the...