Threat actors are exploiting CVE-2026-42945, a critical NGINX vulnerability that leads to remote code execution if ASLR is ...

Several major healthcare data breaches, affecting millions of individuals, have been added to the tracker maintained by the ...

A threat actor started using the Shai-Hulud worm in attacks only days after the malware’s source code was released.

Grafana confirmed suffering a data breach, two days after a cybercrime group listed the company on its leak website.

Pwn2Own Berlin 2026 has come to an end, and participants earned a total of nearly $1.3 millon for exploits targeting Windows, Linux, VMware, Nvidia, and AI products. According to TrendAI’s Zero Day ...

The hackers claimed to have stolen more than 600,000 Salesforce records, including personal information and corporate data. 7-Eleven, the world’s largest convenience store chain, has confirmed ...

Four vulnerabilities in the OpenClaw AI assistant can be chained together to plant backdoors on the underlying host, cybersecurity firm Cyera warns. The bugs, collectively known as Claw Chain, allow ...

A security researcher has released an exploit targeting a Windows vulnerability disclosed in 2020, warning that it might have never been patched. The flaw, tracked as CVE-2020-17103 (CVSS score of 7.0 ...

Depthfirst has published technical details and proof-of-concept (PoC) exploit code targeting a critical NGINX vulnerability.

Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. SecurityWeek’s weekly ...

Microsoft is working to patch CVE-2026-42897, an Exchange Server zero-day vulnerability that has been exploited in attacks.

American Lending Center this week revealed that a data breach discovered last year has impacted more than 123,000 individuals ...