U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog
U.S.
Aggregating 7486 articles from trusted cybersecurity sources
U.S.
Version 8.14.
Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by ...
Binarly found six U-Boot flaws, including two that enable code execution during boot image verification, impacting 50+ releases. Binarly’s research team has ...
Multiple campaigns are using ghost accounts to map GitHub organizations, including their repositories and members. The post Ghost Accounts Abuse GitHub API i...
The Australian Cyber Security Centre (ACSC) issued an alert about a global exploitation campaign targeting vulnerable content management systems (CMS) and pl...
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of an internal security incident involving exposed AWS GovCloud credentials...
A sophisticated Windows Trojan that compromises software development projects to distribute a multi-stage backdoor, data stealer, clipboard hijacker, cryptom...
Wireshark release 4.6.
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers...
Zimbra has released its Daffodil v10.1.
A newly disclosed Dell BIOS password-storage flaw can allow attackers with physical access to recover administrator and user passwords from SPI flash dumps i...
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French pub...
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their l...
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it ...
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit.
The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion w...
Poor Software Testing can expose hidden flaws, vulnerable dependencies and weak controls, increasing breach risks, downtime and costly fixes after release.
The ShinyHunters hacker group has taken credit for the attack, leaking more than 450,000 email addresses and other information. The post University of Nottin...
The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current stude...
The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on...
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows are acceleratin...
The notice, submitted on June 8, 2026, presents several anomalies that suggest it may not be an officially verified incident.
The compromised projects, many of which are related to Microsoft's Azure cloud service and AI development tools, allowed attackers to steal user passwords an...