Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Microsoft reports a surge in phishing attacks exploiting email misconfigurations, with over 13 million malicious emails blocked in October 2025.
Read more
AI NewsCybersecuritySoftware Updates
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions
n8n disclosed CVE-2026-21877, a critical authenticated RCE flaw with a CVSS score of 10.0, impacting versions prior to 1.121.3.
Read more
AI NewsCybersecurityIoT Security
Active Exploitation of Critical RCE in Legacy D-Link DSL Routers
A critical remote code execution vulnerability (CVE-2026-0625) in D-Link DSL routers is under active exploitation, allowing attackers to hijack DNS.
Read more
AI NewsCybersecurityIAM
The Future of Cybersecurity Includes Non-Human Employees
Non-Human Identities (NHIs) are redefining how organizations secure access, with 51% of respondents now considering NHI security as critical as human account security.
Read more
AI NewsCybersecurityVulnerability Management
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication
Veeam addressed CVE-2025-59470, a critical remote code execution flaw (CVSS 9.0) in Backup & Replication, requiring updates to version 13.0.1.1071.
Read more
AI NewsCybersecurityZero Trust
AI-Powered Zero Trust Detects Fileless Attacks
Webinar reveals how AI addresses the increasing threat of fileless attacks abusing trusted tools, representing a critical blind spot for traditional security.
A critical CVSS 9.2 vulnerability in AdonisJS bodyparser allows attackers to write arbitrary files via path traversal when uploads are misconfigured.
Read more
AI NewsCybersecurityMalware
PHALT#BLYX Campaign Targets European Hotels with DCRat Malware
A new PHALT#BLYX campaign is exploiting European hotels with fake Booking.com emails leading to DCRat malware deployment.
Read more
AI NewsCybersecurityThreat Intelligence
Scattered Lapsus$ Hunters Snared in Cyber Researcher Honeypot
Scattered Lapsus$ Hunters were lured into a honeypot using synthetic data, revealing their tactics and leading to information shared with law enforcement.
Read more
AI NewsCybersecurityBrowser Extensions
Two Chrome Extensions Stole ChatGPT & DeepSeek Chats from 900,000 Users
Security researchers discovered two malicious Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and browsing data.
An unpatched firmware flaw in the TOTOLINK EX200 allows authenticated attackers to enable unauthenticated root telnet access, granting full device control.
Read more
AI NewsCybersecuritySoftware Supply Chain
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
AI-powered VS Code forks recommended non-existent extensions in Open VSX, leading to over 500 installs of a placeholder extension.
Read more
AI NewsCybersecurityIAM
What is Identity Dark Matter?
Unmanaged identities create 'identity dark matter,' contributing to 27% of cloud breaches in 2024.
Read more
AI NewsCybersecurityFinTech
Advisor360 Automates Shadow AI Detection, Reducing Risk Assessment Time from Days to Seconds
Advisor360 reduced AI risk assessment from a week to seconds by implementing Harmonic Security's automated Shadow AI detection.
Read more
AI NewsCybersecurityLegal
Bitfinex Hack Convict Gains Early Release Via First Step Act
Ilya Lichtenstein, convicted in the $71 million 2016 Bitfinex hack, was released to home confinement, highlighting the impact of the First Step Act.
Read more
AI NewsCybersecurityInsurance
CISOs Face a Tighter Insurance Market in 2026
Cyber insurance rates are stabilizing after a period of softening, with experts predicting a 15% increase in global cyber premiums in 2026.
Read more
AI NewsCybersecurityMalware
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
Kimwolf is an Android botnet that infected 2M+ devices via exposed ADB, using proxy networks to run DDoS attacks and sell residential bandwidth.
Read more
AI NewsCybersecurityMalware
VVS Stealer Malware Targets Discord Accounts with Python Obfuscation
VVS Stealer, a Python-based malware sold for as little as $11.69, steals Discord tokens, browser data, and credentials using Pyarmor obfuscation.
Read more
AI NewsCybersecurityIoT
RondoDox Botnet Expands Scope With React2Shell Exploitation
The RondoDox botnet is exploiting the React2Shell vulnerability (CVE-2025-55182) to compromise Next.js servers, resulting in cryptomining and botnet payloads.
Read more
AI NewsCybersecurityThreat Intelligence
Russia-Aligned Hackers Abuse Viber for Ukrainian Espionage
Russia-aligned UAC-0184 leverages Viber to deliver Hijack Loader and Remcos RAT, impacting Ukrainian military and government systems.
Read more
AI NewsCybersecurityCloud Security
Startup Trends Shaking Up Browsers, SOC Automation, AppSec
Emerging startups are redefining browser security with MV3 extensions, pioneering application security for AI-generated code, and challenging the economics of human SOC analysts.
Read more
AI NewsCybersecurityCloud Security
Cybersecurity in 2025: Shift to Hardware Trust and AI-Driven Defense
Cybersecurity is evolving to prioritize hardware-backed authentication and AI-driven defense, responding to faster attacker velocity across cloud and endpoint environments.
Read more
AI NewsCybersecurityRansomware
US Cyber Pros Plead Guilty Over BlackCat Ransomware Activity
Two US cybersecurity professionals pleaded guilty to ransomware activity as ALPHV/BlackCat affiliates in 2023, highlighting an insider threat.
Read more
AI NewsCybersecurityIncident Response
4 Outdated Habits Destroying Your SOC's MTTR in 2026
In 2026, leading SOCs reduce MTTR by 21 minutes per incident by using automated, behavior-based analysis.