AI tools are compressing vulnerability exploitation timelines to hours, forcing organizations to rethink patching strategies and adopt more proactive defense approaches.
Microsoft patched a privilege escalation flaw in Azure Backup for AKS that let users with the 'Backup Contributor' role gain…
An overlooked debug flag in six Microsoft 365 Android apps allowed any untrusted app on the device to silently steal…
A single attacker on a home connection can exhaust tens of gigabytes of server memory in seconds by combining HPACK…
A functional npm package for OpenAI Codex secretly exfiltrates authentication tokens to an attacker-controlled server, granting persistent account access without…
Attackers planted 384 versions of malicious code across three package registries, automatically stealing cloud keys, SSH credentials, and blockchain wallet…
Researchers analyzed over 200 VIP Keylogger scripts active between March and April 2026, revealing a persistent campaign using obfuscated script…
Russia's FSB says it disrupted a foreign intelligence operation that planted spyware on phones of high ranking officials, capable of…
A permission oversight in Claude Code's GitHub Actions workflow allowed unauthenticated bot accounts to trigger supply chain attacks against any…
The flaw enables remote attackers to bypass authentication and establish unauthorized VPN access on Palo Alto firewalls, with active exploitation…
The expansion adds 150 organizations across critical infrastructure sectors, including power, water, healthcare, and communications, to Anthropic's defensive AI initiative.
The Miasma campaign uses obfuscated install hooks in legitimate npm packages to steal credentials and secrets from developer machines while…
Leading organizations are moving beyond simply deploying EDR platforms to building sustainable response workflows that close the operational gap between…
Armur AI's new open-source platform uses swarm intelligence to coordinate penetration testing tools like nmap and Metasploit through decentralized agent…
IBM discloses a critical unauthenticated remote code execution vulnerability in WebSphere Application Server's Web Server Plug-ins component affecting versions 8.5 and 9.0.
Dashlane automatically locked user accounts after detecting a coordinated brute force attack that attempted to bypass two factor authentication by guessing codes, but fewer than 20 users had encrypted vault…
The Android Framework vulnerability allows remote privilege escalation without user interaction, impacting devices running Android 14 through 16 QPR2.
MSPs are adopting integrated Security Growth Platforms that combine program management, decision intelligence, and revenue tools as an alternative to traditional vCISO and GRC software.
The Operation Dragon Weave campaign targets Czech and Taiwanese officials through spear phishing emails that deploy an AdaptixC2 agent using…
The flaw allows attackers to bypass origin restrictions through DNS rebinding, potentially exposing enterprise database connectors to unauthorized access.
An unauthenticated PHP object injection flaw in Mirasvit Cache Warmer allows attackers to execute arbitrary code on any public Magento…
Iran-linked hackers destroyed IT, backup, and recovery systems at LA Metro, South Florida transit, and a GPS tracking firm in…
Threat actors manipulated Meta's AI assistant on Instagram to reset passwords and steal premium account handles, selling them on Telegram…
Threat group GREYVIBE is using ChatGPT and Google Gemini to craft phishing lures, develop malware, and target Ukrainian government and…
