Latest Security News

CISA adds cPanel auth bypass and SonicWall SMA buffer overflow to KEV catalog, mandating federal patching.

CISA, FBI, NSA joint advisory on Russian state-sponsored operations targeting critical infrastructure.

Emergency Directive 26-02 requiring enhanced monitoring and mitigations across actively exploited zero-days.

Explaining the widespread shift in tactics, techniques and procedures (TTPs) towards networks of compromised infrastructure, and how to defend against it

Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers.

New advisory highlights how to defend against attacker tactics believed to be used by China-linked actors to hide malicious cyber activity.

Organisations should map and baseline their edge device traffic, especially VPN and remote access connections, and adopt dynamic threat feed filtering that includes known covert network indicators.

SilentGlass, a plug-and-play device, actively blocks any unexpected or malicious HDMI and Display Port connections.

As the technology landscape develops, the definition of cyber security is expanding with it.

Critical pre-authentication bypass in cPanel & WHM. Exploited in ransomware campaigns since February 2026.

Elevation of privilege in Windows Kerberos KDC. Actively exploited. Patch included in May 2026 update.

Pre-authentication heap-based buffer overflow in SonicWall SMA 1000 series allowing unauthenticated RCE.

SonicWall Capture Labs published their Q1 2026 threat report highlighting 98 new malware variants and 22% increase in ransomware targeting SMBs.

Critical pre-authentication buffer overflow in SMA 1000 series SSLVPN appliances. Update to firmware 12.4.3 immediately.

Network Security Manager update introduces ML-based anomaly detection and automated policy recommendations.

Critical heap-based buffer overflow in FortiOS SSL-VPN pre-authentication. Affects 7.2.x through 7.4.x. Upgrade to 7.4.3+.

New managed SOC service combining AI-driven threat detection with human analysts for mid-market enterprises.

FortiManager 7.6 introduces zero-trust policy templates, improved multi-tenancy, and FortiCNAPP integration.

In this roundup, Tony looks at attacks against Polish water treatment facilities, how AI-directed attacks failed in Mexico, and what Google believes is the first AI-generated zero-day exploit

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026

Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe.

The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise

Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data

ESET researchers describe new tools and techniques that the Webworm APT group recently added to its arsenal

Zscaler research shows phishing attacks up nearly 50%, with AI tools and phishing kits enabling large-scale campaigns.

ThreatLabz identifies new ransomware group exploiting unpatched vulnerabilities in enterprise collaboration platforms.

Latest platform update introduces AI-driven security posture assessment and automated policy tuning.

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating the a...

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation. Tracked as CVE-2025-48595 (CVSS score: 8....

The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path trav...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182 (C...

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a vulnerability being disc...

Most organizations now recognize that endpoint protection alone is no longer sufficient. That's why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations understand that modern attacks move faster, evade traditional preventio...

Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts. [...]

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. [...]

Microsoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. [...]

OpenAI says it's rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. [...]

Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]

A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]

The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. The post <a href="https://www.securityweek.com/trump-signs-executive-order-that-invites-vetting-of-top...

As AI shortens the path from vulnerability disclosure to exploitation, researchers disagree on whether the problem is inadequate security tools or inadequate operational control. The post <a href="https://www.securityweek.com/two-new-reports-offer-competing-explanations-for-cy...

A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations. The post <a href="https://www.securityweek.com/exclusive-how-one-line-of-code-put-billions-of-microsoft-...

Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities</a

Only approximately 50 companies have had access to Mythos until now and they have found thousands of vulnerabilities in their products. The post Anthropic Expanding Mythos Access to 150 New O

AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. The post The Zero-Knowled

Gangs moving from encryption to pure data extortion, reducing technical complexity while increasing pressure.

67% of CISOs find CSPM tools overwhelming due to alert fatigue and lack of integration.

Energy, water, and transportation sectors face increasingly sophisticated state-sponsored cyber attacks.