In today’s hyperconnected digital landscape, a brand’s reputation can be damaged within minutes. Customers, partners, and stakeholders increasingly interact with businesses through websites,...
A vulnerability has been discovered in Cisco products that could allow for Server-Side Request Forgery. Cisco Unified Communications Manager (Unified CM) / Cisco Unified Communications Manager...
EU telecommunications ministers are set to review progress on a proposed cybersecurity package at the Transport, Telecommunications and... The post EU Council to examine cybersecurity package...
Ransomware activity edged higher in May 2026, with researchers at Comparitech recording 661 attacks worldwide, a 3% increase... The post Global ransomware activity rises modestly in May as Qilin,...
In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from BCD was subsequently...
Powys County Council is responding to a cyber security incident affecting some school systems, which has resulted in unauthorised access to some personal data. The incident was initially...
Lyne compared the underground landscape to a bar where threat actors can "get everything but a good drink." "It felt like cyber threats were all quite stovepiped. You had hacktivists, you had...
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. [...]
A familiar tactic popularized by chaotic crime crew Lapsus$
Future’s Intelligence Grap® uses holistic sourcing across 1M+ sources for complete threat intelligence and proactive defense.
TeamPCP has leveraged a compromised GitHub account to inject malicious code into at least 42 repositories and 236 branches across the Azure, Azure-Samples and Microsoft GitHub organizations. They...
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as...
Codex drops an HTTP/2 Bomb
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub...
Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic's Claude Mythos...
Shyam Sankar, the chief technology officer at Palantir Technologies, has emerged as a lead contender for the long vacant Cybersecurity and Infrastructure Security Agency (CISA) director role,...
Docker security advisory (AV26-550)
On June 2, 2026, the White House signed an Executive Order directing federal agencies to harden their systems with AI-enabled cyber defenses and to stand up a new AI cybersecurity clearinghouse —...
It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is...
Overview The "ClickFix" threat landscape has undergone a significant architectural shift, transitioning from legacy Windows-based execution to sophisticated macOS-targeted campaigns. These...
SolarWinds security advisory (AV26-549)
The LevelBlue OpsIntel CTI team examined the latest version of the ClickFix campaign, which emerged in early May 2026. The campaign employs a multi-stage phishing delivery chain that impersonates...
Joe’s on-the-ground report from Cisco Live U.S. is here, complete with therapy dog pictures and tips on handling conference overstimulation.
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been...
Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused features. [...]
Code reviewed by WIRED uncovered an unreleased face-recognition system embedded in Meta’s smart glasses platform. It’s designed to identify people via biometric data stored on users’ phones.
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit...
A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [...]
By participating in Project Glasswing and working with Claude Mythos Preview, Tenable can help customers better understand how emerging frontier AI models behave, their evolving risks and benefits...