A key recent addition to the website is the new email alerts feature, allowing users to sign up for notifications

The coordinated operation targeted several High Value Targets (HVTs) residing in Germany, who are believed to be key figures within

Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities. The post $320,000 Paid

Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for

I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature.

Researchers have found Android malware that holds your files and your device hostage until you pay the ransom.MalwarebytesRead More

Day two of the Cyber AI & Automation Summit kicks off at 11AM ET. If you weren’t able to attend

Say hello to the upgraded Malwarebytes for Mac, with stronger protection and more control.MalwarebytesRead More

Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates. The post MITRE Posts

Danielle Hillmer allegedly concealed the fact that her employer’s cloud platform did not meet DoD requirements. The post Former Accenture

In April 2025, hackers stole personal information belonging to patrons and employees and their family members. The post Pierce County

If we’re lucky, this update will close out 2025’s run of Chrome zero-days. This one is a V8 type-confusion issue

The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution. The post Unpatched Gogs

Cybersecurity companies have been seeing a wide range of malware being delivered in attacks exploiting the critical React vulnerability dubbed

Most of the 100 vulnerabilities resolved this week, including critical flaws, were in third-party dependencies. The post IBM Patches Over

The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects.

On this week’s show we learn that AI really can be a stalker’s best friend, as we explore a strange

A new report from the United States’s Financial Crimes Enforcement Network (FinCEN) has shone a revealing light on the state

The update patches three zero-days and introduces a new PowerShell warning meant to help you avoid accidentally running unsafe code

Join to access sessions aimed at educating, inspiring, and provoking new ways of thinking about the hype and promise surrounding

Victoria Dubranova faces over 25 years in prison for links to Russia-backed CARR and NoName hacktivist groups. The post US

EU-US Data Transfers: Time to prepare for more trouble to come As instability in the US legal system becomes undeniable

GhostFrame uses dynamic subdomains and hidden iframes to help attackers slip past basic security tools.MalwarebytesRead More

GeminiJack is a zero-click Gemini attack that could have been exploited using specially crafted emails, calendar invites, or documents. The

The XSS vulnerability could allow remote attackers to execute arbitrary JavaScript code with administrator privileges. The post Ivanti EPM Update

Remember when a notorious ransomware gang hit the Irish Health Service back in May 2021? Four years on, and it

The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming

Affecting Solution Manager, Commerce Cloud, and jConnect SDK, the bugs could lead to code injection and remote code execution. The

Dozens of vulnerabilities have been patched by the industrial giants across their products. The post ICS Patch Tuesday: Vulnerabilities Fixed

The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS. The post

Britain and its allies face escalating “hybrid threats … designed to weaken critical national infrastructure, undermine our interests and interfere

Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This

Huntress is seeing threat actors exploit React2Shell (CVE-2025-55182) to deploy a Linux backdoor, a reverse proxy tunnel, and a Go-based

Promotions across Microsoft’s security organization reinforce the company’s shift toward AI-driven defense and tighter operational oversight under Global CISO Igor

Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches

The Experience Manager security update resolves 117 vulnerabilities, including 116 identified as cross-site scripting (XSS) bugs. The post Adobe Patches

The AI-powered platform autonomously conducts security design reviews and proactively identifies design flaws across development work. The post Prime Security

In episode 80 of The AI Fix, your hosts look at DeepSeek 3.2 “Speciale”, the bargain-basement model that claims GPT-5-level

When you spend half a million dollars in a single night at a nightclub, purchase exotic cars worth millions, and

Learn how GRC and SOC teams can turn shared threat intelligence into faster action, clearer communication, and stronger organizational resilience.

The funding round was led by KKR, with participation from Sixth Street Growth, TenEleven, and Carrick Capital Partners. The post

North Korean threat actors are believed to be behind CVE-2025-55182 exploitation delivering EtherRAT. The post React2Shell Attacks Linked to North

The NCSC warns that prompt injection is unlikely to be mitigated in the same way SQL injection was. How do

The core problem persists: anyone can still buy a ‘verified’ checkmark from X, so don’t take their authenticity for granted.MalwarebytesRead

The botnet attempts to steal credentials from infected TBK DVR devices, in addition to abusing them to launch DDoS attacks.

Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an

Attackers are blending automation, impersonation, and social engineering to get inside organizations. Here’s how to spot the signs.MalwarebytesRead More

Enterprise cybersecurity giant Proofpoint has completed the acquisition of Germany-based Microsoft 365 security solutions provider Hornetsecurity. Financial details were not

The US seeks information on the leader of Emennet Pasargad, Mohammad Bagher Shirinkar, and long-time employee Fatemeh Sedighian Kashi. The

The Italian startup will use the investment to build proprietary AI models, accelerate global expansion, and hire new talent. The