Canadian authorities arrest 23-year-old Jacob Butler for operating the KimWolf IoT botnet. The DDoS-for-hire operation enslaved nearly 2 million devices and set volumetric attack records.
China-linked Calypso group targets telecoms across Middle East and Asia Pacific with new Linux and Windows malware. Showboat provides SOCKS5 proxy access; JFMBackdoor enables full system control.
Leaked Shai-Hulud malware source code fuels new npm supply chain attack. Four malicious packages steal credentials and deploy DDoS bot with TCP/UDP flood capabilities.
Cisco patches CVE-2026-20223, a maximum-severity REST API vulnerability in Secure Workload enabling unauthenticated attackers to gain Site Admin privileges across tenants.
A Chromium bug reported in 2022 that turns browsers into silent botnets was accidentally exposed on Google's issue tracker. No patch exists despite 'fixed' status.
ESET exposes Webworm's EchoCreep and GraphWorm backdoors targeting European governments. The China-aligned APT uses Discord and OneDrive for C2, hitting Belgium, Italy, Poland, and Spain.
CISA's May 20 KEV update includes two actively exploited Microsoft Defender vulnerabilities and five legacy flaws from 2008-2010. Federal agencies have until June 3 to patch.
Security researchers disclose nginx-poolslip, an unpatched zero-day in NGINX 1.31.0 that defeats ASLR protection. Millions of servers at risk with no CVE or fix available yet.
Grafana Labs confirms hackers stole source code through a GitHub token that slipped through rotation after the TanStack supply chain compromise. The company refused to pay the ransom demand.
Verizon's 2026 Data Breach Investigations Report reveals vulnerability exploitation surpassed credential theft as the leading breach vector for the first time in 19 years. Only 26% of KEV flaws get patched.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.