Aggregating 4914 articles from trusted cybersecurity sources
Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new auth...
Imagine you build a massive corporate campus with every security control money can buy. Blast resistant doors.
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. The post Defense in dep...
Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network ...
Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update...
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under ce...
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber...
Business cash flow is often harder to manage than revenue.
AI has blown up role-based access – here’s how teams can change their mindset in this new era.
The MDASH system, developed by Microsoft's Autonomous Code Security team, utilizes over 100 specialized AI agents to find and validate exploitable bugs.
The vulnerability, a user-after-free flaw, occurs during the TLS shutdown process when handling chunked SMTP traffic.
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked.
Attackers gained access to Novo Nordisk's internal IT systems, copying non-public data without authorization.
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, prompting a review...
Argentina's World Cup squad had their passport numbers leaked before a ball was kicked - not by hackers, but by someone who failed to redact a document prope...
About 7 million customers of the genetics testing company had their data stolen by hackers starting in April 2023, and many had their information posted on t...
The penalty is the largest ever issued by the commission for a personal data breach, surpassing the record 134.8 billion won ($88.
Security debt sounds like a tidy metaphor until the first breach turns it into a billing department with teeth. Technical debt behaves like clutter.
On April 27, Kyushu Electric Power Co. utilized an external storage device for data backups due to capacity constraints.
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose earl...
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant an...
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical t...
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French pub...