Prinz Eugen ransomware prioritizes recently modified files for encryption, maximizing business disruption. Learn how this Go-based threat works and who's at risk.
Spyder and MaXSS vulnerabilities in popular AI browser extensions allow full session hijacking. Exploitation requires only visiting a malicious webpage.
Symantec reveals ransomware group used Teams TURN relay infrastructure to mask command-and-control. First documented abuse of Teams relay for malware C2.
Texas Parks & Wildlife discloses third-party breach affecting 3 million fishing and hunting license holders. Driver's licenses, passports exposed.
CVE-2025-20701 lets attackers hijack unpaired Beats, Sony, JBL earbuds to eavesdrop via microphone. CVSS 8.8 flaw affects 29 products from 10 brands.
ESET unmasks GentleKiller, an 8-variant EDR killer framework targeting 400+ security processes. The gang ships updates to affiliates like a software vendor.
CVE-2026-20266 in Splunk AI Toolkit allows authenticated admins to execute arbitrary OS commands. CVSS 9.1 flaw affects versions below 5.7.4—upgrade or uninstall immediately.
Attackers exploited a compromised Klue Battlecards integration to steal Salesforce CRM data from enterprises including Huntress. Salesforce has disabled the app connection.
Microsoft warns of CryptoBandits campaign spreading clipboard-hijacking malware through USB drives. The worm uses Tor C2, steals seed phrases, and replaces wallet addresses mid-transaction.
Security researchers disclose usbliter8, an unpatchable BootROM vulnerability affecting Apple A12 and A13 chips. Physical access enables full boot chain compromise on millions of devices.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.