Latest News

Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.

Other noteworthy stories that might have slipped under the radar: Pentagon orders accelerated move to PQC, US shuts down scheme to smuggle GPUs to China, DroidLock Android ransomware.

Threat actors have hacked at least nine organizations by exploiting the recently patched Gladinet CentreStack flaw.

The Akira ransomware group took credit for the Fieldtex Products hack in November, claiming to have stolen 14 Gb of data.

Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request.

XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25.

All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services.

Notepad++ found a vulnerability in the way the software updater authenticates update files. 

Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.

Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful technology.

Day two of the Cyber AI & Automation Summit kicks off at 11AM ET. If you weren't able to attend yesterday, all Day One sessions are already available on-demand.

Danielle Hillmer allegedly concealed the fact that her employer’s cloud platform did not meet DoD requirements.

Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates.

In April 2025, hackers stole personal information belonging to patrons and employees and their family members.

Security firms have seen cryptocurrency miners, Linux backdoors, botnet malware, and various post-exploitation implants in React2Shell attacks.