Latest News

AI and other technologies “are a catalyst for crime, and drive criminal operations’ efficiency by amplifying their speed, reach, and sophistication,” the report said.

A critical vulnerability affecting baseboard management controller (BMC) firmware made by AMI could expose many devices to remote attacks.

Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers.

ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.

Google has confirmed reports that it’s buying cloud security giant Wiz and says it’s prepared to pay $32 billion in cash.

Cloudflare launches Cloudforce Threat Events Feed, a service designed to provide security teams with real-time threat intelligence.

Exploit and vulnerability intelligence provider VulnCheck has raised $12 million in a Series A funding round.

The personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p’s hacking of the Cleo file transfer tool.

US representatives and senators have reintroduced a bipartisan bill to support the cybersecurity of small water and wastewater utilities.

A year-old vulnerability in a third-party ChatGPT tool is being exploited against financial entities and US government organizations.

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

First choices for both KEMs and DSAs are already standardized, and organizations should not wait for the backups to be available before migrating to PQC. 

Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.

Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns.

The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise.