Threat Intelligence Feed
Aggregating 8220 articles from trusted cybersecurity sources
Latest News
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patche...
Next.js Security Flaw Leaks Cloud Credentials, API Keys, and Admin Interfaces
Next.js, one of the most widely used React frameworks, has been hit by a high-severity vulnerability that could allow attackers to extract sensitive cloud cr...
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the ...
Microsoft Exposes Kazuar Malware’s Modular P2P Botnet Architecture
Microsoft has revealed new technical insights into Kazuar, a long-running malware linked to the Russian state-backed group Secret Blizzard, highlighting its ...
Deepfake detection is losing ground to generative models
Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic?
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.
Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall
Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Ber...
Palo Alto Firewalls Hit by Zero-Day Allowing Arbitrary Code Execution as Root
A devastating zero-day vulnerability in Palo Alto Networks firewalls is under active exploitation by suspected state-sponsored hackers, allowing unauthentica...
Hackers Exploit Scheduled Tasks for Persistence in FrostyNeighbor Attacks
Hackers linked to the long-running FrostyNeighbor cyber‑espionage group have intensified attacks against Ukrainian government organizations, deploying update...
Dell SupportAssist Update Forces Windows Systems Into BSOD Loop
A faulty update to Dell’s SupportAssist Remediation service is triggering widespread system crashes, forcing thousands of Dell and Alienware devices into con...
Zombie linkages are keeping expired domains trusted for years
Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long aft...
Data Breaches
Ernst & Young (EY) Investigates Data Breach Involving Third-Party Support Tickets
Ernst & Young (EY) disclosed a data breach after attackers compromised a third-party IT support system containing client documents and tax information. Ernst...
Ernst & Young data breach exposes client tax information
Abbott reports cyberattack on cancer diagnostics business
The medical device company stated that the breach did not affect other Abbott businesses, sites, or systems.
GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft
Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine.
Ernst & Young discloses data breach after support system hack
Ernst & Young is notifying customers of a data breach caused by the compromise of a third-party support ticket system used by its IT personnel. [.
23andMe Faces New Security Mandates in $18m Data Breach Settlement
23andMe has agreed to an $18m settlement with 42 US attorneys general over its 2023 data breach, including enhanced data protection requirements
In Other News: Iran Tracks US Military Phones, CrashStealer macOS Malware, CVD Blueprint
Noteworthy stories that might have slipped under the radar: OpenClaw AI agents exploited via WhatsApp, ransomware hits naval defense firm TKMS, Lidl disclose...
TriWest Healthcare confirms data breach affecting 12,000 TRICARE beneficiaries
The breach allowed an unauthorized individual to access and download data, including names, DoD Benefits numbers, and ZIP codes.
23andMe agrees to $18 million settlement over data breach
The breach, which occurred between April and September 2023, was the result of credential-stuffing attacks that compromised the data of 6.9 million customers...
23andMe to pay $18 million in new genetics data breach settlement
Genetic testing company 23andMe has agreed to pay $18 million to settle claims from a coalition of 43 attorneys general that it failed to protect customers' ...
23andMe reaches $18 million settlement with states for massive breach
A coalition of 42 state attorneys general reached an $18 million settlement with 23andMe for cybersecurity failings that led to a data breach.
Synopsys denies data breach claims by new ransomware group D1R
The ransomware group D1R claimed to have accessed a database of 40,000 entries from Synopsys and subsequently used this information to target Bosch, alleging...