Compliance
Microsoft Enforces Mandatory MFA for Microsoft 365 Admin Center as Credential Attacks Surge
Microsoft is now actively enforcing mandatory multi-factor authentication for all accounts accessing...
Loading...
Cybersecurity
Real-time threat intelligence, data breach reports, vulnerability disclosures, and security advisories
ShadowLeak and ZombieAgent: Critical ChatGPT Flaws Enable Zero-Click Data Exfiltration from Gmail, Outlook, and GitHub
Security researchers have disclosed critical vulnerabilities in ChatGPT that allowed attackers to silently exfiltrate sensitive data from connected services including Gmail, Outlook, and GitHub withou...
Read article
Vulnerability
Cisco ISE XXE Vulnerability Exposes Sensitive Files to Authenticated Attackers After Public PoC Release
Cisco has patched a medium-severity XML External Entity (XXE) vulnerability in Identity Services Eng...
Malware
PHALT#BLYX: Fake Booking.com Emails and ClickFix BSoD Trap Deploy DCRat Malware on Hotel Systems
Threat actors are weaponizing fake Booking.com reservation cancellations and simulated Blue Screen o...
Malware
Phantom Shuttle: Fake VPN Chrome Extensions Steal Credentials from 170+ High-Value Domains
Two identically-named Chrome extensions masquerading as legitimate VPN services have been secretly i...
Threat Report
Non-Human Identities: The Silent Attack Surface Expanding Across Enterprise Infrastructure
As AI agents, service accounts, and automation scripts proliferate across enterprise environments, a...
Vulnerability
Ni8mare: Critical n8n Automation Platform Flaw Enables Complete System Takeover Without Authentication
Security researchers have uncovered a devastating vulnerability in n8n workflow automation software...
Vulnerability
CISA Mandates Emergency Patches for Critical Microsoft Office and HPE OneView Flaws
Federal agencies face a January 28 deadline as CISA escalates two actively exploited vulnerabilities...
Vulnerability
Critical jsPDF Vulnerability Lets Attackers Steal Server Files via Generated PDFs
A critical path traversal flaw in the popular jsPDF library allows attackers to read arbitrary files...
Data Breach
GoBruteforcer Botnet Targets Crypto and Blockchain Projects in New Attack Wave
Security researchers have uncovered an evolved version of the GoBruteforcer botnet actively targetin...
Vulnerability
New Veeam Vulnerabilities Expose Backup Servers to RCE Attacks
Veeam releases critical security update addressing four vulnerabilities including CVE-2025-59470 (CV...
Data Breach
ownCloud Warns of Massive Credential Theft: Enable MFA Immediately
ownCloud has issued an urgent security advisory following a Hudson Rock report revealing that dozens...
Vulnerability
Kimwolf Botnet Weaponizes Residential Proxies to Infiltrate Your Home Network
A massive new botnet is rewriting the rules of network security. Kimwolf exploits a vulnerability in...
Malware
Two US Cybersecurity Professionals Plead Guilty to BlackCat Ransomware Attacks: The Insider Threat That Shook the Industry
In a shocking case that highlights the growing insider threat, two cybersecurity professionals from...
Incident
Ransomware Without Encryption: The Invisible Threat Reshaping Cybersecurity in 2026
No encryption. No ransom note. No obvious signs of compromise. Modern ransomware groups are stealing...
Incident
Lynx Ransomware Group Claims Attack on French City of Dunkirk
The City of Dunkirk - historic home of the famous WWII evacuation and legendary privateer Jean Bart...
Industry News
Copilot Prompt Injection: Security Vulnerability or Inherent AI Limitation?
The security industry is grappling with a fundamental question as AI assistants proliferate across e...
Malware
ClickFix Malware Uses Fake Windows Update Screens to Infect PCs
New variants of ClickFix social engineering attacks are evolving to use fake Windows Update and BSOD...
Data Breach
Ledger Customers Affected by Third-Party Global-e Data Breach
Ledger has confirmed that some customers’ personal information was exposed following a data breach a...