The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a ...

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...

Iran, Russia, and China target water systems through weak passwords and exposed PLCs/HMIs, aiming for psychological impact ...

Cisco's recent acquisitions of Astrix Security and WideField Security will help enterprises secure AI agents and non-human ...

After a global lull, ransomware gangs are setting sights on a rich new arena: attacking EU organizations and their suppliers.

OpenClaw removed five packages from ClawHub, its skills marketplace, that bypassed security even though they included ...

The threat actors used a Golang-based sniffer to target 430,000 FortiGate firewalls and identify 110 million credentials in ...

The latest reporters' notebook explores educational institutions, edtech vendors, and the challenges schools are up against ...

Robinhood built SERA to speed approvals without compromising security, cutting wait times and enabling faster incident ...

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...

In a report this week, ESET tracks 35 separate Gamaredon spear-phishing campaigns against Ukraine carried out last year. In ...