Spring security advisory (AV26-574)
Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations. [...]
OpenSSL security advisory (AV26-572)
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment...
For the past several years, the technology sector has remained the most targeted sector by eCrime and state-sponsored adversaries. The persistent volume of hands-on-keyboard intrusions targeting...
The ACLU is suing two Florida police departments over the arrest of a Fort Myers man in a child-abduction case, saying officers treated a flawed face recognition match as a near-certain ID.
In the latest sign that unmanned vehicles are an increasingly pivotal part of a modern military, a drone boat rescued the two-person crew from the U.S. Apache helicopter gunship that went down...
The Cybersecurity and Infrastructure Security Agency is extending nearly 200 job offers this month, as CISA looks to reinforce its depleted ranks amid a wave of new artificial intelligence...
Anthropic is releasing a straitjacketed version of Mythos that researchers believe is safe for widespread use and relies on older technology for some of what it does, the company said on Tuesday....
Trump administration officials have asked a government artificial intelligence testing unit to stop issuing public reports, the latest signal that the White House is tightening control over AI...
On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by...
Remote, unauthenticated RCE with root privileges is about as bad as it gets
The release comes after Microsoft’s security leadership acknowledged last month that AI tools are driving a surge in vulnerability discovery across the industry.
ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. "On June 5, 2026, ServiceNow applied...
Missing Authentication for Critical Function vulnerability (CVE-2026-8335) has been found in Aix-DB software.
New research from CYFIRMA identified that energy and utilities organizations remain firmly in the sights of nation-state cyber... The post Energy and utilities sector targeted in 66% of observed...
New data from Fortinet‘s 2025 State of Operational Technology and Cybersecurity Report found that industrial organizations are steadily... The post OT cybersecurity becomes a board-level priority...
The European Network for Cyber Security (ENCS) announced on Wednesday that SSEN Transmission has joined the organisation as... The post SSEN Transmission joins ENCS to strengthen cybersecurity...
DNV Cyber and CyberOwl, a DNV company, have partnered with The Swedish Club, a provider of marine insurance,... The post The Swedish Club teams with DNV Cyber and CyberOwl to deliver cyber threat...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Tuesday the winners of the seventh annual President’s... The post CISA names winners of seventh annual President’s Cup...
WhatsApp has caught the NSO Group phishing its users, in violation of a court order.
The JDY botnet, a malware network previously associated with Chinese threat actors like Volt Typhoon, has significantly expanded its targeting scope and reconnaissance efforts. [...]
The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named...
Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited,...
Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down five best practices for stronger identity...
Magic correlation, NASA-sized budgets, and why SIEM lost the plot
From anti-drone tech to face recognition, 2026 World Cup stadiums in the US, Canada, and Mexico are subjecting fans to an array of surveillance tech. Here’s what you need to know.
Most US World Cup stadiums are surrounded by surveillance cameras. Want to know if you’re being watched on your way to a match? These maps will help you.
The organization claims that the FIFA tournament could have impacts on the rights of local people and visiting soccer fans in all three host countries.
Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web...