Latest News

Written in C++ and Python, the malware exfiltrates system information, browser data, and steals files.

Broadcom has patched several vulnerabilities in VMware Aria Operations, including high-severity flaws.

Timothy Youngblood was CISO at Dell, CISO at Kimberley-Clark, VP & CISO at McDonald’s, and SVP, CSO & Product Security Officer at T-Mobile.

The malicious code propagates like a worm, poisons AI assistants, exfiltrates secrets, and contains a destructive dead switch.

Attackers can inject malicious instructions in a GitHub Issue that are automatically processed by Copilot when launching a Codespace from that issue.

The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog.

The group’s administrator and moderator were arrested last year, and two other members were arrested this month.

The Everest ransomware group has taken credit for a hacker attack on Vikor Scientific, now called Vanta Diagnostics.

Oleksandr Didenko sold the stolen identities of US citizens, allowing North Koreans to get hired using freelance work platforms.

While this campaign targets crypto wallets and steals money, the methodology has far wider potential that could be used by other attackers. 

Catalin Dragomir admitted in a US court to selling access to an Oregon state government office’s network.

Threat actors relying on AI have been exploiting exposed ports and weak credentials to take over FortiGate devices.

Patched in December 2025, the exploited flaw leads to XSS attacks via the animate tags in SVG documents.

A ransomware attack forced the University of Mississippi Medical Center to close all of its roughly three dozen clinics around the state and cancel elective procedures.

PayPal blamed an application error for the exposure of customer personal information for nearly 6 months.