Mozilla security advisory (AV26-409)

HPE security advisory (AV26-408)

One alleged cyber contractor was extradited to the US over the weekend China's "hacker-for-hire ecosystem has gotten out of control," according to Brett Leatherman, assistant director of the FBI's...

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into...

This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows

AL26-009 - Vulnerability Affecting Linux - CVE-2026-31431

The vulnerability deluge is coming. The industry’s response cannot leave most defenders behind.

Two computer crime allegations follow up to 18M lines of data surfacing online

Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range...

In this week’s newsletter, Hazel uses International Superhero Day as a springboard to explore why empathy — rather than just technical prowess — is the most essential, underrated superpower for...

OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks.

This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows If you use Gemini CLI, watch out: Google has patched a CVSS 10.0 vulnerability in its command-line...

Delivering enterprise-grade continuous AI-powered risk assessment to hundreds of customers through the combined power of Wiz and Anthropic

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional...

Infrastructure mapping,EtherHiding C2,ASN analysis & blockchain pivoting (pt2)

Two computer crime allegations follow up to 18M lines of data surfacing online French prosecutors say police detained a 15-year-old on April 25 over the alleged theft of millions of records from...

For MSSPs, the rapid business adoption and deployment of AI assistants and agents are both a challenge and an opportunity.

Bridge the gap between AI-driven vulnerability discovery and prioritized remediation. Learn how to integrate Claude Security’s deep-logic analysis into Tenable One to unify your attack surface,...

GNU security advisory (AV26-407)

CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion. The post Two new extortion crews...

A new phishing kit named Bluekit offers more than 40 templates targeting popular services and includes basic AI features for generating campaign drafts. [...]

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability...

Vect ransomware, a new group that emerged in January 2026, has recently begun attracting attention in the cybersecurity space for its strategic partnerships, which are helping it expand. One...

GitLab security advisory (AV26-406)

Cloudflare IPsec now has generally available support for post-quantum encryption via hybrid ML-KEM. We’ve confirmed interoperability with Cisco and Fortinet.

A Romanian national who led an online swatting ring that targeted more than 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison. [...]

Turns out the real problem is not AI but staff still clicking on dodgy emails from 'IT support'

When AI meets CI/CD: permission bypasses, prompt injection, and what to do about it.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and government partners have released a new guide to accelerate... The post New CISA guidance outlines zero trust roadmap for OT...

Healthcare organizations recorded 120 ransomware attacks in the first quarter of this year, marking a 14% decline compared... The post Comparitech assesses healthcare ransomware decline in volume...