Aggregating 4933 articles from trusted cybersecurity sources
The initiative, named CI Fortify, focuses on isolation and recovery efforts that would see critical infrastructure organizations proactively disconnect from ...
On May 5, 2026, DENIC published broken DNSSEC signatures for the .de TLD, making millions of domains unreachable.
An Iranian state-sponsored espionage group is pretending to be a regular ransomware gang in a new wave of ransomware attacks targeting enterprises. APT group...
Disc Soft Limited, the maker of DAEMON Tools Lite, confirmed that the software had been trojanized in a supply chain attack and released a new, malware-free ...
On April 18th, 2026, we received a submission for an Authenticated Arbitrary File Upload vulnerability in Slider Revolution, a WordPress plugin. Although the...
Microsoft is excited to be named an Overall Leader, and the Market Leader in the Kuppinger Cole Analyst’s 2026 Emerging AI Security Operations Center (SOC) r...
Key Takeaways The Problem with Calling QA “Non-Production” Most security conversations begin at the wrong end of the problem. We start with the breach, the a...
Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to execute arbitrary code on or conduct server-side request forgery (SSRF) a...
A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based att...
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to bypass authorization mechanisms or examine error messages t...
A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log ...
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked.
Attackers gained access to Novo Nordisk's internal IT systems, copying non-public data without authorization.
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, prompting a review...
Argentina's World Cup squad had their passport numbers leaked before a ball was kicked - not by hackers, but by someone who failed to redact a document prope...
About 7 million customers of the genetics testing company had their data stolen by hackers starting in April 2023, and many had their information posted on t...
The penalty is the largest ever issued by the commission for a personal data breach, surpassing the record 134.8 billion won ($88.
Security debt sounds like a tidy metaphor until the first breach turns it into a billing department with teeth. Technical debt behaves like clutter.
On April 27, Kyushu Electric Power Co. utilized an external storage device for data backups due to capacity constraints.
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose earl...
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant an...
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical t...
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French pub...