Threat IntelligenceGlobal Cybersecurity Outlook 2026 finds executives prioritizing cyber-enabled fraud as top risk. Report warns of 'three-front war' against crime, AI misuse, and supply chain threats.
Alex Kowalski
Huntress researchers discover 'MAESTRO' toolkit exploiting three VMware vulnerabilities. Attackers chained SonicWall VPN access with hypervisor escape to deploy persistent backdoors.
January 2026 Patch Day addresses 17 flaws including four HotNews vulnerabilities. CVE-2026-0501 allows authenticated attackers to compromise S/4HANA financial systems.
North Korean APT embeds malicious QR codes in spear-phishing emails to bypass corporate email security and compromise mobile devices.
Attackers claim 98 million records from the car rental insurance provider. Stolen data includes license photos, policy documents, and personal details.
Chinese state hackers accessed email accounts of House staffers working on China, foreign affairs, and defense. The intrusion was discovered in December.
Scraped data from 2024 API misconfiguration resurfaces on dark web. Attackers weaponize leaked emails to flood users with legitimate password reset requests.
CVE-2026-20029 lets authenticated admins read restricted system files through XML parsing weakness. Trend Micro ZDI researcher found the bug; no workarounds available.
The agency retired directives spanning SolarWinds to Microsoft Exchange in the largest bulk closure ever. KEV catalog now handles most vulnerability mandates.
Get the latest cybersecurity news delivered to your inbox.