Chinese APT Velvet Ant compromised PAM and OpenSSH on a critical infrastructure network, remaining undetected from 2016 to 2026. Here's how they did it.
Qilin's affiliate network hit healthcare, manufacturing, and critical infrastructure across nine countries in early June. The gang maintains 12-month dominance.
WatchTowr Labs published technical details and exploit code for CVE-2026-50751, the auth bypass flaw already used by Qilin ransomware. TCP 443 bypass works too.
Check Point researchers chained SQL injection and unsafe deserialization flaws to achieve RCE on AI workflow platforms. Patch langgraph to 1.0.10+ immediately.
Attackers compromised France's secure messaging platform via social engineering, allegedly stealing 650,000 messages and 13.5GB of data from civil servants.
CISA orders federal agencies to patch CVSS 10.0 Ivanti Sentry flaw within 3 days—the first application of BOD 26-04. Exploitation is automated and widespread.
Attackers adopted orphaned AUR packages to push credential-stealing malware with kernel-level rootkit capabilities. Here's what Arch users need to do now.
GitHub announces breaking changes for npm 12 releasing next month. Install scripts, Git dependencies, and remote URLs now require explicit approval to combat malicious packages.
11-nation operation shuts down €336M cryptocurrency laundering service. Two operators arrested in Georgia, 25 domains seized, and over 6,000 money mule accounts exposed.
BlackFog researchers detail OnyxC2 MaaS stealer pricing at $250/month. Targets browsers, crypto wallets, password managers with DLL sideloading delivery that bypasses VirusTotal detection.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.