Microsoft reports a multi-stage AitM phishing and BEC campaign abusing SharePoint, inbox rules, and stolen session cookies to ...

Researchers uncovered a two-stage phishing attack stealing email logins to install LogMeIn Resolve RMM for persistent, hidden Windows access.

Experts uncovered a new Osiris ransomware strain that used a custom POORTRY driver in a BYOVD attack to disable security tools & steal data in 2025.

A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions ...

Google Workspace provides a strong baseline, yet default settings expose gaps in email security, access control, and data ...

A newly patched SmarterMail flaws is being exploited in the wild, allowing attackers to reset admin passwords and gain SYSTEM ...

Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal ...

Experts say the VoidLink Linux malware was largely built using AI, reaching 88,000 lines of code in days and highlighting ...

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...

AI is transforming MSSPs in 2026 by automating assessments, boosting margins, and enabling CISO-level services without added ...

North Korean PurpleBravo hackers targeted 3,136 IPs and 20 companies using fake interviews, malicious VS Code projects, and ...