Latest News

Noteworthy stories that might have slipped under the radar: Google fined €325 million, City of Baltimore sent $1.5 million to scammer, Bridgestone targeted in cyberattack.

The hackers were seen actively monitoring cyber threat intelligence to discover and rebuild exposed infrastructure.

Proofpoint, SpyCloud, Tanium, and Tenable confirmed that hackers accessed information stored in their Salesforce instances.

A critical SAP S/4HANA code injection flaw tracked as CVE-2025-42957 and allowing full system takeover has been exploited in the wild.

Security researchers interested in participating in the 2026 Apple Security Research Device program can apply until October 31.

An AI supply chain issue named Model Namespace Reuse can allow attackers to deploy malicious models and achieve code execution.

Marat Tyukov, Mikhail Gavrilov, and Pavel Akulov targeted US critical infrastructure and over 500 energy companies in 135 countries.

The Israeli startup’s AI-powered no-code platform helps security teams design and deploy custom apps in minutes—tackling tool sprawl without heavy engineering.

SBOM adoption will drive software supply chain security, decreasing risks and costs, and improving transparency.

Wytec’s website was defaced twice by unknown threat actors more than a week ago and it has yet to be brought back online.

Google has observed ViewState deserialization attacks leveraging a sample machine key exposed in older deployment guides.

Elevation of privilege flaws in Android Runtime (CVE-2025-48543) and Linux kernel (CVE-2025-38352) have been exploited in targeted attacks.

Co-founded by former MITRE experts, the startup will use the funding to accelerate product innovation and fuel company growth.

Flaw allows attackers to reset and hijack TP-Link TL-WA855RE devices; CISA urges users to retire discontinued extenders.

Chrome's latest release addresses a high-severity use-after-free vulnerability in the V8 JavaScript engine that could be exploited for remote code execution.