Cisco Talos reports China-linked APT UAT-8837 targeting North American critical infrastructure via a Sitecore zero-day, ...
Cisco released fixes for CVE-2025-20393, a CVSS 10.0 zero-day RCE flaw in AsyncOS exploited by a China-linked APT via email ...
A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
Microsoft shut down RedVDS, a crimeware subscription service used for phishing and BEC fraud, linked to $40M U.S. losses and ...
AI security risks are shifting from models to workflows after malicious extensions stole chat data from 900,000 users & ...
This week's stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old ...
Enterprise AI agents boost automation but often run with broad permissions, allowing actions beyond user access and weakening ...
A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.
Palo Alto Networks fixed CVE-2026-0227, new GlobalProtect flaw that lets unauthenticated attackers trigger firewall DoS & ...
Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...
Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...
Microsoft’s January 2026 Patch Tuesday fixes 114 Windows flaws, including an actively exploited Desktop Window Manager bug ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback