Microsoft unveils four-pillar Driver Quality Initiative at WinHEC 2026, enforcing stricter power, thermal, and security standards for Windows 11 drivers starting this year.
Attackers published malicious Nx Console 18.95.0 to VS Code Marketplace, stealing developer credentials via triple-channel exfiltration and Sigstore-signed npm package poisoning.
REMUS, a 64-bit Lumma Stealer successor, now offers session theft, EtherHiding blockchain C2, and full MaaS infrastructure targeting browser credentials and auth tokens.
SHub Reaper macOS infostealer bypasses Tahoe 26.4 defenses using applescript:// URLs, spoofs Apple, Google, and Microsoft to steal credentials and backdoor systems.
OpenAI's Daybreak initiative brings GPT-5.5 variants to defensive security. Partners include Cisco, CrowdStrike, and Fortinet. Red team model available for authorized testing.
DEVCORE claims Master of Pwn with $505K across three days. VMware ESXi and SharePoint exploits highlight Day 3 as Pwn2Own Berlin 2026 awards $1.29M total.
Chaotic Eclipse drops working exploit for Windows Cloud Filter driver flaw allegedly patched in 2020. Race condition in cldflt.sys spawns SYSTEM shell on Windows 11.
AI-enabled device code phishing campaigns hit hundreds of Microsoft 365 accounts daily since mid-March. Criminal toolkits proliferate as attacks bypass MFA at scale.
Internal database of #2 ransomware group leaked after 4VPS hosting breach exposes chat logs, affiliate rosters, and operational playbooks from 400+ attacks.
Attackers exploit unauthenticated vulnerability in Funnel Builder plugin to inject payment skimmers on 40,000+ WordPress stores. Patch to 3.15.0.3 immediately.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.