Cyber Security
CVE Vulnerability Alerts
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Three zero-day flaws in Microsoft Defender, dubbed BlueHammer, RedSun, and UnDefend, are being actively exploited to gain elevated system access.
Cybersecurity
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Vercel's recent security breach exposes unauthorized data access as threat actors intend to sell compromised information from their systems.
Cybersecurity
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
AI vendors promote AI for security while denying its flaws. This raises questions about their maturity and transparency.
Cybersecurity
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
NIST plans to halt severity scoring for lower-priority vulnerabilities due to high submission volumes.
News
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Apple account change alerts misused for phishing, mimicking legitimate iPhone purchase notices.
Cybersecurity
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Hackers linked to organized crime infiltrate logistics companies, posing rising threats of cargo theft and payment diversion.
CVE Vulnerability Alerts
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Nginx servers vulnerable to attacks via a flaw (CVE-2026-33032) that allows authentication bypass.
Application Security
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
A system-level adware attack compromises antivirus protection on thousands of endpoints across various sectors.
Application Security
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Threat actors are exploiting n8n, an AI workflow platform, to launch advanced phishing attacks.
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Microsoft awarded $2.3 million to researchers during this year's Zero Day Quest for discovering vulnerabilities.
Cybersecurity
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Swedish authorities attribute a cyberattack on a heating plant to a pro-Russian group, laying bare vulnerabilities in national energy infrastructure.
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Autovista enlists external support to tackle a ransomware attack impacting its systems in Europe and Australia.
Cybersecurity
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
CISA adds critical vulnerabilities in Microsoft SharePoint, Office Excel, Apple, Laravel, and Craft CMS to exploited vulnerabilities list.
Cybersecurity
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
A newly discovered flaw in Anthropic's Model Context Protocol allows unsanitized command execution, endangering AI environments.
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Capsule Security emerges from stealth with $7 million funding to secure AI agents.
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
French mother and child rescued after 20-hour kidnap, exposing extortion threats tied to crypto wealth.
Application Security
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Over 100 Chrome extensions are stealing user data and creating backdoor vulnerabilities, posing significant threats to cybersecurity.
Cybersecurity
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Trucks transformed into digital networks face cybersecurity risks.
Application Security
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Microsoft addresses critical Windows 10 vulnerabilities with its April 2026 security patches.
Application Security
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Fake Ledger Live app drains $9.5 million from 50 victims via Apple's App Store. Investigating infiltration tactics.
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
TOP CYBERSECURITY HEADLINES
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
This Week’s Security Spotlight
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
NIST plans to halt severity scoring for lower-priority vulnerabilities due to high submission volumes.
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Apple account change alerts misused for phishing, mimicking legitimate iPhone purchase notices.
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Hackers linked to organized crime infiltrate logistics companies, posing rising threats of cargo theft and payment diversion.
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Nginx servers vulnerable to attacks via a flaw (CVE-2026-33032) that allows authentication bypass.
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
A system-level adware attack compromises antivirus protection on thousands of endpoints across various sectors.
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Threat actors are exploiting n8n, an AI workflow platform, to launch advanced phishing attacks.
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Microsoft awarded $2.3 million to researchers during this year's Zero Day Quest for discovering vulnerabilities.
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Swedish authorities attribute a cyberattack on a heating plant to a pro-Russian group, laying bare vulnerabilities in national energy infrastructure.
Autovista Battles Ransomware Attack Across Europe and Australia
Autovista enlists external support to tackle a ransomware attack impacting its systems in Europe and Australia.
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
CISA adds critical vulnerabilities in Microsoft SharePoint, Office Excel, Apple, Laravel, and Craft CMS to exploited vulnerabilities list.
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
A newly discovered flaw in Anthropic's Model Context Protocol allows unsanitized command execution, endangering AI environments.
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Capsule Security emerges from stealth with $7 million funding to secure AI agents.
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
French mother and child rescued after 20-hour kidnap, exposing extortion threats tied to crypto wealth.
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Over 100 Chrome extensions are stealing user data and creating backdoor vulnerabilities, posing significant threats to cybersecurity.
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Trucks transformed into digital networks face cybersecurity risks.
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Microsoft addresses critical Windows 10 vulnerabilities with its April 2026 security patches.
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Fake Ledger Live app drains $9.5 million from 50 victims via Apple's App Store. Investigating infiltration tactics.
Basic-Fit Data Breach Exposes Personal Information of One Million Members
A data breach at Basic-Fit has exposed sensitive data of one million members, including names, birth dates, and bank details.
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
McGraw-Hill's data breach involved a Salesforce misconfiguration, exposing sensitive information.
Critical Security Flaws in Composer Put PHP Applications at Risk
Two severe security vulnerabilities identified in PHP's Composer might allow arbitrary command execution.