Cybersecurity
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild. The vulnerabilities in que
Cybersecurity
C2 Implant 'SnappyClient' Targets Crypto Wallets
In addition to enabling remote access, the malware supports a wide range of capabilities, including data theft and spying.
Cybersecurity
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.
Cybersecurity
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for their involvement in the Democratic People's Republic of Korea (DPRK) information technology (IT) worker scheme with an aim to defraud U.S. businesses and generate illici
Cybersecurity
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software. The vulnerability in question is CVE-2026-20131 (CVSS score: 10.0), a case of insecure deserializa
Cybersecurity
'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft
A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could threaten enterprise networks.
Cybersecurity
SideWinder Espionage Campaign Expands Across Southeast Asia
The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access.
Cybersecurity
Researchers: Meta, TikTok Steal Personal & Financial Info When Users Click Ads
Tracking pixels let social media companies spy on their users even after they click over to advertiser sites, gleaning credit card info, geolocations, and more, according to an analysis.
Cybersecurity
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746, carries a CVSS score o
Cybersecurity
Claude Code Security and Magecart: Getting the Threat Model Right
When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo. As teams adopt Claude Code Security for static analysis, this is the exact technical boundary where AI co
Cybersecurity
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can grant attackers extensive control over compromised hosts. The nine vulnerabilities, discovered by Eclypsium, span four different products from GL-iNet Com
Cybersecurity
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understand context: Q: Which exposures, misconfigurations, and vulnerabilities chain together to create viable
Cybersecurity
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level. Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system. "This flaw (CV
Cybersecurity
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit's Navigation API that could be
Cybersecurity
More Attackers Are Logging In, Not Breaking In
Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.
Cybersecurity
Clear Communication: The Missing Link in Cybersecurity Success
When technical expertise meets clear communication, cybersecurity teams thrive. Learn how to foster trust and collaboration across diverse working groups.
Cybersecurity
Less Lucrative Ransomware Market Makes Attackers Alter Methods
Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.
Cybersecurity
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish
In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up his credentials.
Cybersecurity
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter's s
_Tithi_Luadthong_alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Cybersecurity
Warlock Ransomware Group Augments Post-Exploitation Activities
In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools.