Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE
Apache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution.
Aggregating 7651 articles from trusted cybersecurity sources
Apache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution.
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their ...
Intel 471 has announced Retroactive Threat Detections (RTD), a new capability within its Verity471 platform. RTD helps security teams quickly understand the ...
Security operations centers (SOCs) operate under a difficult reality where there are far more security alerts than human analysts available to investigate th...
A new rowhammer attack gives complete control of NVIDIA CPUs. On Thursday, two research teams, working independently of each other, demonstrated attacks agai...
Extreme Networks has introduced Extreme Agent ONE, a new class of AI agents for enterprise networking. Moving beyond generic, prompt-based AI, Extreme Agent ...
UiPath has announced the release of agentic AI capabilities on UiPath Automation Suite. The Automation Suite updates help government agencies and regulated i...
Agency issued guidance and calls on operators to build resilient OT environments capable of surviving extended isolation and cyber compromise. The post CISA ...
8×8 has released a set of platform updates to the 8×8 Platform for CX that target the operational gaps most commonly stalling organizations, including AI dep...
Post-quantum protection is now available as an optional feature in Proton Mail across all plans, including the free tier. How post-quantum protection works O...
The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities. The post Sophisticated Quasar Linux RAT Targe...
Security researcher Tom Jøran Sønstebyseter Rønning, posting as @L1v1ng0ffTh3L4N, has revealed that Microsoft Edge decrypts every saved password at startup a...
In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers no...
The "Breach at the Beach" CTF, created by Varonis researchers Doron Kapah and Mark Vaitsman, simulates attacks within Entra ID, focusing on how threat actors...
The compromised data includes customer salutations, first and last names, phone numbers, email addresses, dates of birth, and customer numbers.
The breach was discovered after mass emails were sent from legitimate AFA domains, claiming Argentina "stole" the win from Egypt.
Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed.
Following the breach of several of her Telegram channels, controversial Russian journalist Ksenia Sobchak claimed published screenshots of her correspondence...
German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA cr...
Here are five steps defenders can take in the wake of the Canvas breach.
German discount supermarket chain Lidl notified customers in Germany, Belgium, and the Netherlands that attackers stole their personal information in a breac...
Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigat...
For the latest discoveries in cyber research for the week of 13th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES U.