Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and ...

Adversaries weaponized recruitment fraud to steal cloud credentials, pivot through IAM misconfigurations, and reach AI ...

A decade-old critical security vulnerability affects over 800,000 internet-exposed telnet servers, with reports of active ...

Hackers are increasingly targeting macOS users with social engineering and infostealers, Microsoft warns.

As if January didn't feel long enough (546 days and counting, it seems), we ended the month with the death of someone who ...

KEV Collider combines data from multiple open source vulnerability frameworks to help cybersecurity teams assess which issues ...

Elizabeth Warren presses Google for clarity on Gemini checkout privacy as the Universal Commerce Protocol expands AI-led ...

JFrog security researchers have exposed two critical vulnerabilities (CVE-2026-1470, rated 9.9; and CVE-2026-0863, rated 8.5) in the n8n workflow automation platform.

Discover the top 10 AI red teaming tools of 2026 and learn how they help safeguard your AI systems from vulnerabilities.

Businesses are being warned about a new cyber campaign targeting Windows environments where getting in is only the beginning – not the end – of the attack.