The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a ...

Iran, Russia, and China target water systems through weak passwords and exposed PLCs/HMIs, aiming for psychological impact ...

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...

Cisco's recent acquisitions of Astrix Security and WideField Security will help enterprises secure AI agents and non-human ...

After a global lull, ransomware gangs are setting sights on a rich new arena: attacking EU organizations and their suppliers.

OpenClaw removed five packages from ClawHub, its skills marketplace, that bypassed security even though they included ...

The latest reporters' notebook explores educational institutions, edtech vendors, and the challenges schools are up against ...

The threat actors used a Golang-based sniffer to target 430,000 FortiGate firewalls and identify 110 million credentials in ...

Robinhood built SERA to speed approvals without compromising security, cutting wait times and enabling faster incident ...

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...

SocGholish uses traffic distribution systems (TDSs) to provide initial access into victims' networks for cybercrime groups ...