Aggregating 2410 articles from trusted cybersecurity sources
November 20, 2025: Date this information was first published. We’re pleased to announce the availability of the latest sample security baseline from Landing ...
The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineer...
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransom...
The U.S.
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.
Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year.
Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wil...
Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information. The post European Commission Confirms Data Breach Lin...
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targ...
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commi...
In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and malicious...
In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become the foundational pilla...
People are filling their homes with internet-connected cameras, speakers, locks, and routers. When one of those devices is compromised, the next steps are of...
ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet.
The European Commission has allegedly been breached by ShinyHunters, with reported data dumps including content from mail servers. The European Commission ha...
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S.
A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitat...
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword expl...
The European Commission has confirmed a cybersecurity incident affecting its cloud-based infrastructure after attackers gained access to an Amazon Web Servic...
Iran-linked Handala hackers breached FBI Chief Kash Patel’s Gmail, leaking photos and documents. Officials say no classified data was exposed.
Other noteworthy stories that might have slipped under the radar: Heritage Bank data breach, new State Department unit tackles cyber threats, LA Metro disrup...
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud ...
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud ...
AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email addresses ...