45
CVEs
200
Threats
0
News
1
Critical
1
CISA KEV
🛡 Security Vulnerabilities (CVE)
CVE-2026-33017
Langflow Code Injection Vulnerability Allows Unauthenticated Flow Execution
01:52 KSA
Langflow Langflow — CVE-2026-33017
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or di…
CVE-2026-20631
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate
23:54 KSA
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate privileges.
CVE-2026-23514
Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerabili
11:08 KSA
Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch.
CVE-2026-33348
OpenEMR is a free and open source electronic health records and medical practice management application. Users with the
11:08 KSA
OpenEMR is a free and open source electronic health records and medical practice management application. Users with the `Notes - my encounters` role can fill Eye Exam forms in patient encounters. The answers to the form are displayed on the encounter page and in the visit history…
CVE-2026-20698
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4
23:54 KSA
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2026-33913
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio
11:08 KSA
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can upload a crafted CCDA document containing `<xi:include href="file:///etc/passwd"…
CVE-2026-2995
GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.1
11:08 KSA
GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper sanitization of HTML content.
CVE-2026-24750
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attac
11:08 KSA
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation as Stored XSS when modifying forms. Upgrade Kiteworks to version 9.2.1 or later…
CVE-2026-33247
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1
11:08 KSA
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv (the command-line), then those credentials are visible to any us…
CVE-2025-36258
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive informat
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user.
CVE-2026-33217
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1
11:08 KSA
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the `$MQTT.>` namespace, allowing MQTT clients to bypass ACL checks for MQTT s…
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could prov
11:08 KSA
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.
CVE-2026-3119
Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affec
11:08 KSA
Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key declared in the `named` configuration.
This issue affect…
CVE-2025-14790
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials.
CVE-2025-14807
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper v
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, c…
CVE-2026-23635
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of
11:08 KSA
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of the security attributes could potentially lead to Unprotected Transport of Credentials under certain circumstances. Upgrade Kiteworks to version 9.2.1 or later …
CVE-2026-20110
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of se
11:08 KSA
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability exists because incorrect privileges are associated with the start maintenance command. An att…
CVE-2026-27496
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user
11:08 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain …
CVE-2026-20083
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated,
11:08 KSA
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper handling of a ma…
CVE-2025-14915
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affecte
11:08 KSA
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.
CVE-2026-32120
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio
11:08 KSA
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference (IDOR) vulnerability in the fee sheet product save logic (`library/FeeSheet.class.php`) allows any authenticated …
CVE-2026-1014
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation.
CVE-2026-33223
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1
11:08 KSA
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header `Nats-Request-Info:` is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from i…
CVE-2026-33246
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a
11:08 KSA
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a `Nats-Request-Info:` message header, providing information about a request. This is supposed to provide enough information to allow for account/user identifica…
CVE-2026-4825
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /up
11:08 KSA
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /update_sales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. …
CVE-2025-14810
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been mod
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CWE: CWE-613: Insufficient…
CVE-2025-64646
IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not
11:08 KSA
IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources.
CVE-2025-12708
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user.
11:08 KSA
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user.
CVE-2026-20104
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS93
11:08 KSA
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenti…
CVE-2026-20115
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confide
11:08 KSA
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information.
This vulnerability is due to a device configuration upload being performed over an insecure tunnel. An attacker could exploit this …
CVE-2025-40842
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if exp
11:08 KSA
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to
unauthorized disclosure and modification of certain information.
CVE-2025-64648
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive informatio
11:08 KSA
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.
CVE-2026-27656
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate
11:08 KSA
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate user identity in the OpenID {{IsSameUser()}} comparison logic, which allows an attacker to take over arbitrary user accounts via an overly permissive substring …
CVE-2026-20114
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated,
11:08 KSA
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users.
This vulnerability e…
CVE-2026-2483
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability al
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus…
CVE-2026-4816
A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows a
11:08 KSA
A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/artic…
CVE-2026-3591
A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a spec
11:08 KSA
A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default-allow ACL (denying only specific IP addr…
CVE-2025-14912
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2026-1015
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma
11:08 KSA
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2026-1561
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnera
11:08 KSA
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumerat…
CVE-2026-20108
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, rem
11:08 KSA
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability is due to insufficient …
CVE-2026-33722
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without
11:08 KSA
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. T…
CVE-2026-20113
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software
11:08 KSA
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user.
This vulnerability is due to …
CVE-2025-36438
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restrictio
11:08 KSA
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints.
CVE-2025-36440
IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level a
11:08 KSA
IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level access control.
⚠️ Threat Intelligence
200 threats
rss:The Hacker News
—
20:02 KSA
<strong>Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse</strong>
Active device code phishing campaign targeting Microsoft 365 identities across 340+ organizations in five countries including U.S., Canada, Australia, New Zealand, and German…
rss:The Hacker News
—
19:00 KSA
<strong>LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace</strong>
Russian law enforcement arrested the alleged administrator of LeakBase cybercrime forum in Taganrog. LeakBase operated as a major marketplace for stolen credentials and compromised data…
rss:Dark Reading
—
17:58 KSA
<strong>Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam</strong>
Phishing campaigns starting in August 2024 impersonate Palo Alto Networks recruiters to defraud job seekers. Attackers use psychological manipulation and LinkedIn-scraped data to target …
rss:Dark Reading
—
17:58 KSA
<strong>Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks</strong>
Four former NSA directors discussed offensive cyber operations and US Cyber Command's role in national security. The debate covered strategic boundaries and ethical considerations for gover…
rss:Dark Reading
—
17:58 KSA
<strong>CSA Launches CSAI Foundation for AI Security</strong>
Cloud Security Alliance established CSAI Foundation, a nonprofit dedicated to securing autonomous AI agent ecosystems. The initiative focuses on risk intelligence and certification frameworks to address emerging AI se…
rss:Dark Reading
—
16:54 KSA
<strong>Blame Game: Why Public Cyber Attribution Carries Risks</strong>
Public attribution of cyberattacks to specific entities carries significant risks and potential negative consequences. Organizations should carefully evaluate diplomatic, legal, and operational implications …
rss:BleepingComputer
—
08:00 KSA
<strong>Bubble AI app builder abused to steal Microsoft account credentials</strong>
Cybercriminals are exploiting the Bubble no-code platform to create and host malicious web applications that bypass phishing detection systems. These fraudulent apps are specifically designed to…
rss:BleepingComputer
—
08:00 KSA
<strong>New Torg Grabber infostealer malware targets 728 crypto wallets</strong>
A newly discovered infostealer malware named Torg Grabber is targeting 850 browser extensions, with over 700 specifically designed for cryptocurrency wallets. The malware steals sensitive data inclu…
rss:BleepingComputer
—
08:00 KSA
<strong>Citrix urges admins to patch NetScaler flaws as soon as possible</strong>
Citrix has released patches for two critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. One vulnerability bears significant similarities to the previously exploited CitrixBlee…
rss:SecurityWeek
—
04:37 KSA
<strong>FCC Bans New Routers Made Outside the US Over National Security Risks</strong>
The FCC has banned new routers manufactured outside the United States following a White House determination that foreign-produced routers pose national security threats. This regulatory action…
rss:SecurityWeek
—
04:37 KSA
<strong>RSAC 2026 Conference Announcements Summary (Day 2)</strong>
Summary of cybersecurity vendor announcements from the second day of RSA Conference 2026. The conference showcases new security products, technologies, and industry developments relevant to enterprise cybersecur…
rss:SecurityWeek
—
04:37 KSA
<strong>From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI</strong>
TeamPCP hackers compromised multiple open-source software platforms including GitHub Actions, NPM, Docker Hub, VS Code, and PyPI in a coordinated supply chain attack. The group collaborat…
rss:SecurityWeek
—
03:33 KSA
<strong>Onit Security Raises $11 Million for Exposure Management Platform</strong>
Cybersecurity startup Onit Security has raised $11 million in funding to develop its exposure management platform. The company plans to invest in product development and expand into new sectors to…
rss:Malwarebytes Lab
—
12:38 KSA
<strong>Hackers claim to have accessed data tied to millions of crime tipsters</strong>
A hacktivist group claims unauthorized access to sensitive information about crime tipsters and reported individuals spanning from 1987 to present. The breach exposes personally identifiable …
rss:The Hacker News
—
12:24 KSA
<strong>GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data</strong>
GlassWorm campaign has evolved to deliver a multi-stage malware framework that steals comprehensive data and installs a remote access trojan (RAT). The malware deploys a malic…
rss:The Hacker News
—
12:24 KSA
<strong>The Kill Chain Is Obsolete When Your AI Agent Is the Threat</strong>
Anthropic disclosed in September 2025 that a state-sponsored threat actor used an AI coding agent to conduct autonomous cyber espionage against 30 global targets. The AI agent independently handled 80-9…
rss:The Hacker News
—
12:24 KSA
<strong>Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks</strong>
Russian national Ilya Angelov, 40, was sentenced to two years in prison and fined $100,000 by U.S. Department of Justice for managing the TA551 botnet used to launch ransomware attack…
rss:SecurityWeek
—
12:23 KSA
<strong>Russian Cybercriminal Gets 2-Year Prison Sentence in US </strong>
Russian cybercriminal Ilya Angelov, member of TA-551/Shathak cybercrime group, sentenced to 2 years in US prison. The group is known for malware distribution campaigns and has been tracked under multiple t…
rss:SecurityWeek
—
12:23 KSA
<strong>AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link</strong>
PwC research reveals AI is accelerating the speed and scale of cyberattacks, while identity theft has evolved into an organized cybercriminal supply chain. Identity management remains the most …
rss:SecurityWeek
—
12:23 KSA
<strong>iOS, macOS 26.4 Roll Out With Fresh Security Patches</strong>
Apple released security patches for iOS 26.4 and macOS 26.4, along with updates for older devices including iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5. Updates address multiple se…
rss:Recorded Future
—
12:23 KSA
<strong>Practitioners Reveal What Makes Threat Intelligence Programs Mature</strong>
Cybersecurity practitioners from major organizations share strategies for maturing threat intelligence programs by transforming overwhelming data into actionable business insights. Key focus are…
rss:Recorded Future
—
12:23 KSA
<strong>GRU-Linked BlueDelta Evolves Credential Harvesting</strong>
Russian military intelligence (GRU)-linked threat group BlueDelta has evolved its credential harvesting techniques in targeted campaigns against government, energy, and research sectors across Europe and Eurasia…
rss:Recorded Future
—
12:23 KSA
<strong>New ransomware tactics to watch out for in 2026</strong>
Ransomware groups earned less revenue in 2025 despite a 47% surge in attacks, forcing evolution of tactics including bundled DDoS extortion services, active insider recruitment within target organizations, and expl…
rss:Malwarebytes Lab
—
12:23 KSA
<strong>New FCC router ban could leave home networks less secure</strong>
The FCC has announced a ban on routers manufactured outside the United States, raising concerns that this policy could inadvertently reduce home network security. The restriction may limit access to secure…
rss:Dark Reading
—
12:22 KSA
<strong>SANS: Top 5 Most Dangerous New Attack Techniques to Watch</strong>
SANS Institute identifies the top five most dangerous attack techniques, all leveraging artificial intelligence for the first time. This marks a significant shift in the threat landscape as AI becomes the…
rss:Dark Reading
—
12:22 KSA
<strong>Why a 'Near Miss' Database Is Key to Improving Information Sharing</strong>
Organizations typically share attack information only after successful breaches occur. Establishing a 'near miss' database for close-call incidents could significantly improve threat in…
rss:Dark Reading
—
12:22 KSA
<strong>AI-Native Security Is a Must to Counter AI-Based Attacks</strong>
AI-powered attacks are now a reality requiring defenders to adopt AI-native security solutions. Nvidia GTC conference experts emphasize that organizations must leverage the same AI technologies used by att…
rss:BleepingComputer
—
12:22 KSA
<strong>Paid AI Accounts Are Now a Hot Underground Commodity</strong>
Premium AI service accounts are being sold on underground cybercrime markets as commodities, similar to compromised email accounts and VPS access. Flare Systems research reveals organized criminal operations b…
rss:BleepingComputer
—
12:22 KSA
<strong>Kali Linux 2026.1 released with 8 new tools, new BackTrack mode</strong>
Kali Linux 2026.1 has been released with 8 new penetration testing tools, theme updates, and a new BackTrack mode for Kali-Undercover. This release enhances capabilities for security professionals a…
rss:BleepingComputer
—
12:22 KSA
<strong>TP-Link warns users to patch critical router auth bypass flaw</strong>
TP-Link has released security patches for multiple vulnerabilities in its Archer NX router series, including a critical authentication bypass flaw that could allow attackers to upload malicious firmwa…
rss:The Hacker News
—
08:03 KSA
<strong>Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems</strong>
Threat actors are actively exploiting a critical severity vulnerability (CVSS 10.0) in Quest KACE Systems Management Appliance. Arctic Wolf detected malicious activity starting…
rss:The Hacker News
—
08:03 KSA
<strong>FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks</strong>
Russian Intelligence Services are conducting large-scale phishing campaigns targeting Signal and WhatsApp users with high intelligence value. The FBI warns these attacks aim to compromise…
rss:The Hacker News
—
08:03 KSA
<strong>Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager</strong>
Oracle released critical security patches for a vulnerability (CVE-2026-21992, CVSS 9.8) in Identity Manager and Web Services Manager. The flaw allows unauthenticated remote …
rss:Recorded Future
—
08:03 KSA
<strong>Threat and Vulnerability Management in 2026</strong>
Organizations must evolve their threat and vulnerability management approaches as traditional tools prove inadequate. Intelligence-driven TVM solutions are becoming essential for identifying and prioritizing security r…
rss:Recorded Future
—
08:03 KSA
<strong>Best Ransomware Detection Tools</strong>
Intelligence-driven ransomware detection tools focus on identifying precursor behaviors before encryption occurs. These advanced solutions reduce false positives and enable faster incident response by detecting early-stage ransomw…
rss:Recorded Future
—
08:03 KSA
<strong>December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity</strong>
December 2025 witnessed a 120% surge in critical CVEs with 22 actively exploited vulnerabilities. React2Shell (CVE-2025-55182) emerged as the dominant…
rss:Malwarebytes Lab
—
08:03 KSA
<strong>Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw</strong>
Security researcher Khaled Mohamed discovered a vulnerability in Microsoft Authenticator, transitioning from amateur to professional bug bounty hunter. The flaw represents a potential security risk i…
rss:Dark Reading
—
08:03 KSA
<strong>SideWinder Espionage Campaign Expands Across Southeast Asia</strong>
India-linked APT group SideWinder targets government, telecom, and critical infrastructure across Southeast Asia using spear-phishing and exploiting old vulnerabilities. The group maintains persistent a…
rss:Dark Reading
—
08:03 KSA
<strong>More Attackers Are Logging In, Not Breaking In</strong>
Credential theft surged dramatically in late 2025 driven by industrialized infostealer malware operations and AI-powered social engineering attacks. Attackers increasingly use stolen credentials for initial access r…
rss:Dark Reading
—
08:03 KSA
<strong>Clear Communication: The Missing Link in Cybersecurity Success</strong>
Effective cybersecurity requires bridging the gap between technical expertise and clear communication across teams. Building trust and collaboration through improved communication practices enhances …
rss:The Hacker News
—
06:58 KSA
<strong>We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them</strong>
Security researchers discovered eight attack vectors in AWS Bedrock, Amazon's AI application platform. The platform's connectivity to enterprise data and systems, while…
rss:The Hacker News
—
06:58 KSA
<strong>Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware</strong>
Microsoft detected phishing campaigns exploiting U.S. tax season, affecting 29,000 users. Attackers send fake IRS refund and payroll notices to steal credentials and deploy Remote Monitoring and…
rss:The Hacker News
—
06:58 KSA
<strong>Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper</strong>
Researchers uncovered a supply chain attack on Trivy security scanner distributed via Docker Hub. Malicious versions (0.69.4, 0.69.5) contain infostealer malware, worm capabilities, an…
rss:SecurityWeek
—
06:58 KSA
<strong>US Prisons Russian Access Broker for Aiding Ransomware Attacks</strong>
Russian national Aleksei Volkov sentenced to 81 months in US prison for facilitating Yanluowang ransomware attacks as an initial access broker. This case highlights international law enforcement effo…
rss:Recorded Future
—
06:57 KSA
<strong>Rublevka Team: Anatomy of a Russian Crypto Drainer Operation</strong>
Rublevka Team represents the industrialization of cryptocurrency scams through organized traffer teams and wallet drainer operations. The group demonstrates sophisticated methods for high-volume crypto…
rss:Recorded Future
—
06:57 KSA
<strong>Autonomous Threat Operations in action: Real results from Recorded Future’s own SOC team | Recorded Future</strong>
Recorded Future tested its Autonomous Threat Operations solution internally as Customer Zero before public release. The technology addresses inconsistent a…
rss:Recorded Future
—
06:57 KSA
<strong>PurpleBravo’s Targeting of the IT Software Supply Chain</strong>
PurpleBravo, a North Korean APT group, conducts supply chain attacks using fake job offers to compromise software developers. The group deploys remote access trojans (RATs) and infostealers like BeaverTail …
rss:Mandiant Blog
—
06:57 KSA
<strong>Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue</strong>
Despite US government sanctions, Intellexa continues operating its Predator spyware platform with ongoing zero-day exploits. The commercial surveillance vendor remains active in mercena…
rss:Mandiant Blog
—
06:57 KSA
<strong>Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks</strong>
Chinese state-sponsored threat actor APT24 has evolved its tactics over three years, moving beyond traditional watering hole attacks to multi-vector approaches. The group deploys BADAUDIO malwa…
rss:Dark Reading
—
06:57 KSA
<strong>DarkSword: iPhone Exploit Kit Serves Spies &amp; Thieves Alike</strong>
A sophisticated iOS exploit kit called DarkSword is actively targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine using multiple zero-day vulnerabilities. This advanced threat poses sig…
rss:Dark Reading
—
06:57 KSA
<strong>'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft</strong>
Three vulnerabilities dubbed 'Claudy Day' affecting Claude AI can be exploited through prompt injection combined with other flaws. A simple Google search can trigger a full attack chain threateni…
rss:Dark Reading
—
06:57 KSA
<strong>Researchers: Meta, TikTok Steal Personal &amp; Financial Info When Users Click Ads</strong>
Research reveals that Meta and TikTok use tracking pixels to collect sensitive user data including credit card information and geolocation even after users navigate to adverti…
rss:Recorded Future
—
06:31 KSA
<strong>Fragmentation Defined 2025's Threat Landscape. Here's What It Means for 2026</strong>
Recorded Future's 2026 State of Security report analyzes the fragmented global threat landscape of 2025, providing comprehensive threat intelligence based on proprietary data …
rss:Recorded Future
—
06:31 KSA
<strong>State of Security Report | Recorded Future</strong>
Recorded Future's 2026 State of Security report covers critical threat intelligence topics including geopolitical fragmentation, state-sponsored cyber operations, ransomware evolution, and emerging technology risks. The…
rss:Recorded Future
—
06:31 KSA
<strong>From 27 Steps to 5: How Recorded Future Reimagined Threat Hunting with Autonomous Threat Operations</strong>
Recorded Future introduces Autonomous Threat Operations that dramatically reduces threat hunting complexity from 27 manual steps to just 5 largely automated steps…
rss:Mandiant Blog
—
06:31 KSA
<strong>Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation</strong>
Mandiant released comprehensive Net-NTLMv1 rainbow tables to accelerate migration from this deprecated protocol. Net-NTLMv1 has been known as insecure for over two decade…
rss:Mandiant Blog
—
06:31 KSA
<strong>AuraInspector: Auditing Salesforce Aura for Data Exposure</strong>
Mandiant released AuraInspector, an open-source tool for auditing access control misconfigurations in Salesforce Aura framework. The tool helps defenders identify data exposure risks in Salesforce Experie…
rss:Mandiant Blog
—
06:31 KSA
<strong>Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)</strong>
Multiple threat actors are exploiting CVE-2025-55182 (React2Shell), a critical unauthenticated remote code execution vulnerability in React Server Components disclosed on December 3, 2025. The vulnerabi…
rss:Malwarebytes Lab
—
06:30 KSA
<strong>Hacked sites deliver Vidar infostealer to Windows users</strong>
Compromised WordPress sites are hosting fake CAPTCHA verification pages that deceive Windows users into downloading and executing the Vidar information-stealing malware. This social engineering attack explo…
rss:Malwarebytes Lab
—
06:30 KSA
<strong>Zombie ZIP method can fool antivirus during the first scan</strong>
Security researchers disclosed the Zombie ZIP technique that can evade initial antivirus detection by exploiting how AV engines scan compressed files. This method allows malicious payloads to bypass firs…
rss:Dark Reading
—
06:30 KSA
<strong>Post-Quantum Web Could be Safer, Faster</strong>
Major technology providers are implementing quantum-resistant HTTPS protocols that reduce certificate sizes by 90%, improving both security against future quantum computing threats and network performance. This advancement…
rss:Dark Reading
—
06:30 KSA
<strong>EU Sanctions Companies in China, Iran for Cyberattacks</strong>
The European Union has imposed sanctions on entities in China and Iran for conducting cyberattacks, prohibiting them from entering or conducting business within EU territories. This represents escalating int…
rss:Dark Reading
—
06:30 KSA
<strong>C2 Implant 'SnappyClient' Targets Crypto Wallets</strong>
A sophisticated C2 implant named SnappyClient has been discovered targeting cryptocurrency wallets with capabilities for remote access, data exfiltration, and surveillance. The malware poses significant …
rss:CISA Advisories
—
06:30 KSA
<strong>Siemens Heliox EV Chargers</strong>
Siemens Heliox EV chargers contain an improper access control vulnerability allowing attackers to reach unauthorized services through the charging cable. Siemens has released security updates and recommends immediate patching to preven…
rss:CISA Advisories
—
06:30 KSA
<strong>Trane Tracer SC, Tracer SC+, and Tracer Concierge</strong>
Multiple vulnerabilities in Trane Tracer SC, SC+, and Concierge building management systems could allow attackers to disclose sensitive information, execute arbitrary commands, or cause denial-of-service. These f…
rss:CISA Advisories
—
06:30 KSA
<strong>Siemens SIMATIC</strong>
Siemens SIMATIC S7-1500 industrial controllers contain a code injection vulnerability exploitable through social engineering, where attackers trick users into importing malicious trace files via the web interface. Siemens has released patches for…
rss:Malwarebytes Lab
—
06:29 KSA
<strong>90% of people don’t trust AI with their data</strong>
A privacy survey reveals that 90% of respondents do not trust AI systems with their personal data, leading many to reduce their AI usage. This widespread distrust poses significant challenges for organizations impleme…
rss:Malwarebytes Lab
—
06:29 KSA
<strong>How searching for a VPN could mean handing over your work login details</strong>
Cybercriminals are using SEO poisoning techniques to make malicious VPN downloads appear legitimate in search results, specifically targeting corporate login credentials. Organizations face …
rss:Malwarebytes Lab
—
06:29 KSA
<strong>Google cracks down on Android apps abusing accessibility</strong>
Google has implemented stricter controls on Android apps that abuse accessibility features, which malware has exploited for years to gain elevated permissions and control devices. This security enhancement…
rss:Mandiant Blog
—
06:29 KSA
<strong>Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft</strong>
Mandiant identified expansion of ShinyHunters-branded extortion operations using sophisticated voice phishing (vishing) and credential harvesting techniques. These attacks target …
rss:Mandiant Blog
—
06:29 KSA
<strong>No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network</strong>
Google and partners disrupted IPIDEA, believed to be one of the world's largest residential proxy networks used by threat actors. These proxy infrastructures enable cybercr…
rss:Mandiant Blog
—
06:29 KSA
<strong>Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088</strong>
Google Threat Intelligence identified widespread active exploitation of critical WinRAR vulnerability CVE-2025-8088 by diverse threat actors. The vulnerability, patched in July 2025, is…
rss:Dark Reading
—
06:29 KSA
<strong>AI Conundrum: Why MCP Security Can't Be Patched Away</strong>
Model Context Protocol (MCP) introduces architectural security vulnerabilities in Large Language Model environments that cannot be resolved through traditional patching methods. Researchers warn these ris…
rss:Dark Reading
—
06:29 KSA
<strong>With Government's Role Uncertain, Businesses Unite to Combat Fraud</strong>
Major industry leaders are forming collaborative partnerships to share threat intelligence and strengthen defenses against increasing online fraud and scams. This private sector initiative e…
rss:Dark Reading
—
06:29 KSA
<strong>Native Launches With Security Control Plane for Multicloud</strong>
Cloud security startup Native launches a unified security control plane that translates and enforces consistent security policies across multiple cloud providers including AWS, Azure, Google Cloud, and O…
rss:Malwarebytes Lab
—
06:29 KSA
<strong>Apple patches WebKit bug that could let sites access your data</strong>
Apple released a silent security update fixing WebKit vulnerability CVE-2026-20643 that could allow malicious websites to access user data. The patch was deployed as a Background Security Improvement…
rss:Malwarebytes Lab
—
06:29 KSA
<strong>Inside a network of 20,000+ fake shops</strong>
Security researchers uncovered a massive network of over 20,000 fake e-commerce websites designed to steal payment card details and personal information from unsuspecting shoppers. The fraudulent operation represents a sign…
rss:Malwarebytes Lab
—
06:29 KSA
<strong>Fake Pudgy World site steals your crypto passwords</strong>
A phishing website impersonating Pudgy World is targeting cryptocurrency users by mimicking the legitimate Pudgy Penguins brand. The fake site is designed to steal crypto wallet passwords and credentials from un…
rss:Dark Reading
—
06:29 KSA
<strong>Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw</strong>
Oracle Fusion Middleware contains a critical remote code execution vulnerability affecting Identity and Web Services Managers. Attackers can exploit this flaw without authentication when these serv…
rss:Dark Reading
—
06:29 KSA
<strong>Cyber OpSec Fail: Beast Gang Exposes Ransomware Server</strong>
The Beast ransomware gang inadvertently exposed their central cloud server, revealing files that document their systematic tactics targeting network backups. This operational security failure provides insigh…
rss:Dark Reading
—
06:29 KSA
<strong>Interlock Ransomware Targets Cisco Enterprise Firewalls</strong>
Interlock ransomware group exploited a critical Cisco firewall vulnerability weeks before public disclosure, demonstrating zero-day access capabilities. The gang specializes in double-extortion attacks and …
rss:CISA Advisories
—
06:29 KSA
<strong>Siemens RUGGEDCOM APE1808 Devices</strong>
Fortinet discovered vulnerabilities in FORTIOS affecting Siemens RUGGEDCOM APE1808 industrial devices. Siemens has released security updates and strongly recommends immediate patching to address these vulnerabilities in their in…
rss:CISA Advisories
—
06:29 KSA
<strong>Siemens SIDIS Prime</strong>
Multiple vulnerabilities discovered in SIDIS Prime versions before V4.0.800 affecting OpenSSL, SQLite, and Node.js components. Siemens released security patches addressing these critical infrastructure vulnerabilities and urges immediate upda…
rss:CISA Advisories
—
06:29 KSA
<strong>Inductive Automation Ignition Software</strong>
Critical vulnerability in Inductive Automation Ignition Software allows authenticated attackers to execute malicious code with elevated OS service account permissions. This privilege escalation flaw poses significant risk t…
rss:CISA Advisories
—
06:28 KSA
<strong>Schneider Electric EcoStruxure Data Center Expert</strong>
Schneider Electric disclosed a hard-coded credentials vulnerability in EcoStruxure IT Data Center Expert (DCE) affecting the SOCKS Proxy feature. The vulnerability requires administrator credentials and the featu…
rss:CISA Advisories
—
06:28 KSA
<strong>CISA Adds Two Known Exploited Vulnerabilities to Catalog</strong>
CISA added two actively exploited vulnerabilities to its KEV Catalog: CVE-2026-3909 affecting Google Skia (out-of-bounds write) and CVE-2026-3910 in Chromium V8 engine. These browser-based vulnerabilities …
rss:BleepingComputer
—
06:28 KSA
<strong>Crunchyroll probes breach after hacker claims to steal 6.8M users' data</strong>
Crunchyroll anime streaming platform is investigating a data breach affecting approximately 6.8 million users. Hackers claim to have stolen personal information of subscribers, raising …
rss:US-CERT Alerts
—
06:13 KSA
<strong>#StopRansomware: Medusa Ransomware</strong>
US-CERT has issued a joint cybersecurity advisory on Medusa ransomware as part of the #StopRansomware initiative. The advisory details tactics, techniques, and procedures used by this ransomware variant to help network defender…
rss:Threatpost
—
06:13 KSA
<strong>Google Patches Chrome’s Fifth Zero-Day of the Year</strong>
Google patched 11 vulnerabilities in Chrome including a critical zero-day flaw involving insufficient input validation that enables arbitrary code execution. The vulnerability is actively being exploited in the …
rss:The Hacker News
—
06:13 KSA
<strong>Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks</strong>
Citrix released security updates for two vulnerabilities in NetScaler ADC and Gateway, including CVE-2026-3055 (CVSS 9.3), a critical input validation flaw allowing unauthenticated…
rss:The Hacker News
—
06:13 KSA
<strong>North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware</strong>
North Korean threat actors (WaterPlum/Contagious Interview campaign) are exploiting Visual Studio Code's tasks.json auto-run feature to deploy StoatWaffle malware. This supply chain …
rss:The Hacker News
—
06:13 KSA
<strong>⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More</strong>
Weekly cybersecurity recap covering multiple threats including supply chain attacks targeting CI/CD pipelines, shutdown of long-exploited IoT devices, and various securit…
rss:SecurityWeek
—
06:12 KSA
<strong>Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool</strong>
Israel successfully hijacked Iran's extensive street surveillance camera network and weaponized it for targeted operations, including the assassination of Iran's supreme …
rss:Recorded Future
—
06:12 KSA
<strong>ClickFix Campaigns Targeting Windows and macOS</strong>
Five ClickFix social engineering clusters targeting Windows and macOS systems have been identified, exploiting QuickBooks, Booking.com, and Birdeye brands. Threat actors use obfuscated commands through native system…
rss:Recorded Future
—
06:12 KSA
<strong>GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack</strong>
GrayCharlie threat actor compromises WordPress sites of law firms to deliver malware through fake browser updates and ClickFix techniques. The campaign deploys NetSupport RAT, Stealc stealer, an…
rss:Recorded Future
—
06:12 KSA
<strong>Network Intelligence: Your Questions, Global Answers</strong>
Network intelligence solutions provide security teams with global visibility and active threat investigation capabilities. This approach offers more control compared to passive, generic threat feeds for enhanc…
rss:Mandiant Blog
—
06:12 KSA
<strong>Beyond the Battlefield: Threats to the Defense Industrial Base</strong>
State-sponsored cyber actors are conducting persistent cyber operations targeting the defense industrial base and its supply chains. Modern warfare has extended beyond physical battlefields into the …
rss:Mandiant Blog
—
06:12 KSA
<strong>UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering</strong>
North Korean threat group UNC1069 is using advanced tooling and AI-enabled social engineering to target cryptocurrency and decentralized finance (DeFi) organizations. Mandia…
rss:Mandiant Blog
—
06:12 KSA
<strong>Guidance from the Frontlines: Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaS</strong>
Mandiant is tracking significant expansion in ShinyHunters-branded extortion operations targeting SaaS platforms through vishing and social engineering tactics…
rss:Malwarebytes Lab
—
06:11 KSA
<strong>A DarkSword hangs over unpatched iPhones</strong>
State-sponsored attackers are exploiting DarkSword, a vulnerability chain targeting unpatched iPhones. Organizations using iOS devices face critical risk from these advanced persistent threats requiring immediate patching…
rss:Malwarebytes Lab
—
06:11 KSA
<strong>Your tax forms sell for $20 on the dark web</strong>
Cybercriminals are actively trading stolen tax records on dark web forums for as little as $20 during tax season. This represents significant identity theft risk for individuals and potential fraud exposure for financi…
rss:Malwarebytes Lab
—
06:11 KSA
<strong>Researchers found font-rendering trick to hide malicious commands</strong>
Security researchers discovered a font-rendering technique that can deceive AI assistants into overlooking malicious commands embedded in websites. This social engineering method poses risks to or…
rss:Krebs on Securit
—
06:11 KSA
<strong>Please Don’t Feed the Scattered Lapsus ShinyHunters</strong>
The Scattered Lapsus ShinyHunters (SLSH) data ransom gang employs aggressive extortion tactics including harassment, threats, and swatting of executives and their families. The group simultaneously notifies jou…
rss:Dark Reading
—
06:11 KSA
<strong>CISOs Debate Human Role in AI-Powered Security</strong>
Security executives at RSAC 2026 debated the necessity of human oversight in AI-powered security systems. The discussion challenges traditional 'human in the loop' approaches as AI capabilities advance in cybersecur…
rss:Dark Reading
—
06:11 KSA
<strong>Attackers Hide Infostealer in Copyright Infringement Notices</strong>
A sophisticated phishing campaign targets healthcare, government, hospitality, and education sectors globally using fake copyright infringement notices. Attackers deploy infostealer malware while emplo…
rss:Dark Reading
—
06:11 KSA
<strong>AI Dominates RSAC Innovation Sandbox</strong>
Ten cybersecurity startups compete in RSAC Innovation Sandbox, with AI-focused solutions dominating the competition. Each finalist presents their innovative security technology in a three-minute pitch to demonstrate emerging …
rss:CISA Advisories
—
06:11 KSA
<strong>Schneider Electric SCADAPack and RemoteConnect</strong>
Schneider Electric disclosed a vulnerability affecting its SCADAPack x70 RTU products, including SCADAPack 47xi, 47x, and 57x models used for remote monitoring and control in industrial environments. Organizations u…
rss:CISA Advisories
—
06:11 KSA
<strong>Siemens SICAM SIAPP SDK</strong>
Multiple vulnerabilities discovered in Siemens SICAM SIAPP SDK could enable attackers to disrupt customer-developed SIAPP applications or their simulation environments. Potential impacts include denial of service, data corruption within S…
rss:CISA Advisories
—
06:11 KSA
<strong>CODESYS in Festo Automation Suite</strong>
Vulnerabilities identified in CODESYS components within Festo Automation Suite versions prior to 2.8.0.138, affecting the CODESYS Development System 3.0. Organizations using Festo automation solutions should upgrade to the lates…
rss:BleepingComputer
—
06:10 KSA
<strong>Manager of botnet used in ransomware attacks gets 2 years in prison</strong>
Russian national sentenced to 2 years for managing phishing botnet used in BitPaymer ransomware attacks against 72 U.S. companies. The botnet infrastructure enabled widespread ransomware deploym…
rss:BleepingComputer
—
06:10 KSA
<strong>Tycoon2FA phishing platform returns after recent police disruption</strong>
Tycoon2FA phishing-as-a-service platform has resumed full operations shortly after Europol disruption on March 4. The platform's rapid recovery demonstrates resilience of cybercrime infrastructur…
rss:BleepingComputer
—
06:10 KSA
<strong>TeamPCP deploys Iran-targeted wiper in Kubernetes attacks</strong>
TeamPCP hacking group targeting Kubernetes clusters with destructive wiper malware that activates when detecting Iran-configured systems. The attacks represent geopolitically-motivated cyber operations ag…
rss:US-CERT Alerts
—
05:43 KSA
<strong>Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations</strong>
FBI and CISA issued a joint advisory on LummaC2 malware being deployed by threat actors to exfiltrate sensitive organizational data. The advisory provides known tactics, techniq…
rss:US-CERT Alerts
—
05:43 KSA
<strong>Russian GRU Targeting Western Logistics Entities and Technology Companies</strong>
Russian state-sponsored GRU actors are conducting cyber campaigns targeting Western logistics entities and technology companies involved in coordinating and delivering foreign assistance t…
rss:US-CERT Alerts
—
05:43 KSA
<strong>Fast Flux: A National Security Threat</strong>
A cybersecurity advisory warns that Fast Flux technique represents a significant national security threat, allowing malicious actors to consistently evade detection. Many networks lack adequate defenses to detect and block t…
rss:Threatpost
—
05:43 KSA
<strong>Firewall Bug Under Active Attack Triggers CISA Warning</strong>
CISA has issued an urgent warning about active exploitation of a vulnerability in Palo Alto Networks' PAN-OS firewall system. Organizations using PAN-OS are advised to apply security patches immediately to p…
rss:Threatpost
—
05:43 KSA
<strong>Fake Reservation Links Prey on Weary Travelers</strong>
Cybercriminals are exploiting travel disruptions by sending fake reservation links to travelers affected by flight cancellations and hotel overbookings. These phishing attacks aim to steal personal and financial inf…
rss:Threatpost
—
05:43 KSA
<strong>iPhone Users Urged to Update to Patch 2 Zero-Days</strong>
Apple has released critical security updates for iOS and macOS to patch two zero-day vulnerabilities in the kernel and WebKit that are actively exploited. These flaws allow attackers to execute arbitrary code and…
rss:The Hacker News
—
05:43 KSA
<strong>Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials</strong>
Researchers discovered malicious npm packages in the Ghost campaign designed to steal cryptocurrency wallets and sensitive credentials. Seven packages published by user 'mikilanjillo' tar…
rss:The Hacker News
—
05:43 KSA
<strong>TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials</strong>
Threat actor TeamPCP compromised two GitHub Actions workflows maintained by Checkmarx using credential-stealing malware. This attack follows their previous Trivy supply chain compromise, demonstr…
rss:The Hacker News
—
05:43 KSA
<strong>U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage</strong>
A 26-year-old Russian national received a 6.75-year prison sentence in the U.S. for assisting major cybercrime groups, including Yanluowang ransomware operators, in attacks against U.S…
rss:SecurityWeek
—
05:42 KSA
<strong>Chrome 146 Update Patches High-Severity Vulnerabilities</strong>
Google Chrome 146 update addresses eight memory safety vulnerabilities across seven components with high severity ratings. Organizations using Chrome should prioritize immediate deployment to prevent potent…
rss:SecurityWeek
—
05:42 KSA
<strong>Webinar Today: Putting CIS Controls and Benchmarks into Practice</strong>
Educational webinar focusing on implementing CIS Critical Security Controls and CIS Benchmarks for secure configuration management at enterprise scale. Provides guidance on standardizing security c…
rss:SecurityWeek
—
05:42 KSA
<strong>3.1 Million Impacted by QualDerm Data Breach</strong>
QualDerm suffered a major data breach affecting 3.1 million individuals with hackers stealing personal information, medical records, and health insurance data from internal systems. This healthcare sector breach highl…
rss:Recorded Future
—
05:42 KSA
<strong>Preparing for Russia’s New Generation Warfare in Europe</strong>
Russia is conducting a coordinated full-scale hybrid warfare campaign against NATO combining cyber attacks, sabotage operations, and influence campaigns. This New Generation Warfare approach poses significa…
rss:Recorded Future
—
05:42 KSA
<strong>January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day</strong>
January 2026 recorded 23 actively exploited critical vulnerabilities, marking a 5% increase in threat activity. Russian APT28 group exploited a zer…
rss:Recorded Future
—
05:42 KSA
<strong>2025 Cloud Threat Hunting and Defense Landscape</strong>
Threat actors are intensifying attacks on cloud infrastructure by exploiting misconfigurations, abusing native cloud services, and pivoting through hybrid environments. Attack patterns show evolution across exploit…
rss:Mandiant Blog
—
05:42 KSA
<strong>Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign</strong>
Google Threat Intelligence Group and Mandiant disrupted a global espionage campaign by UNC2814, a suspected Chinese threat actor, targeting telecommunications and government organ…
rss:Mandiant Blog
—
05:42 KSA
<strong>From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day</strong>
Mandiant and GTIG identified zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual Machines by threat actor UNC6201. The vulnerability…
rss:Mandiant Blog
—
05:42 KSA
<strong>GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use</strong>
GTIG observed threat actors increasingly integrating AI in Q4 2025 to accelerate attack lifecycles, achieving productivity gains in reconnaissance, socia…
rss:Malwarebytes Lab
—
05:41 KSA
<strong>This is all it takes to stop a train (Lock and Code S07E06)</strong>
Simple network vulnerabilities in Bay Area transit systems can cause major train outages. The podcast discusses how basic network security problems pose significant risks to critical transportation infr…
rss:Malwarebytes Lab
—
05:41 KSA
<strong>Could your face change what you pay? NYC wants limits on biometric tracking</strong>
NYC lawmakers propose regulations to limit biometric tracking technologies that could enable surveillance-based pricing and customer profiling. This addresses privacy concerns and potent…
rss:Malwarebytes Lab
—
05:41 KSA
<strong>That “job brief” on Google Forms could infect your device</strong>
Cybercriminals are using fake job offers distributed through Google Forms to deliver PureHVNC malware. This remote access trojan allows attackers to take complete control of infected devices, posing serio…
rss:Krebs on Securit
—
05:41 KSA
<strong>‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA</strong>
A new phishing-as-a-service platform called 'Starkiller' enables cybercriminals to bypass traditional detection methods by proxying real login pages instead of using static copies. This sophisticated se…
rss:Krebs on Securit
—
05:41 KSA
<strong>Kimwolf Botnet Swamps Anonymity Network I2P</strong>
The Kimwolf IoT botnet has been actively disrupting the I2P anonymity network for over a week, targeting the decentralized encrypted communications infrastructure. This attack demonstrates the vulnerability of privacy-…
rss:Krebs on Securit
—
05:41 KSA
<strong>Patch Tuesday, February 2026 Edition</strong>
Microsoft released patches for over 50 security vulnerabilities in Windows and other software, including critical fixes for six zero-day vulnerabilities actively exploited by attackers. Organizations must prioritize immediate…
rss:Dark Reading
—
05:41 KSA
<strong>AI in the SOC: What Could Go Wrong?</strong>
Two cybersecurity leaders conducted a six-month pilot testing AI integration in their Security Operations Centers. The study reveals practical challenges and lessons learned from implementing AI-driven security automation in r…
rss:Dark Reading
—
05:41 KSA
<strong>Trivy Supply Chain Attack Targets CI/CD Secrets</strong>
Threat actors weaponized the open-source Trivy security scanning tool to deploy an infostealer malware into CI/CD pipelines. The attack successfully exfiltrated cloud credentials, SSH keys, authentication tokens, a…
rss:Dark Reading
—
05:41 KSA
<strong>Ransomware's New Era: Moving at AI Speed</strong>
Ransomware operators are leveraging AI technologies to accelerate attack speeds and evade security controls. Attackers exploit legitimate credentials and focus on data exfiltration, using AI to automate reconnaissanc…
rss:CISA Advisories
—
05:40 KSA
<strong>CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization</strong>
CISA issued guidance on hardening endpoint management systems following a March 11, 2026 cyberattack against Stryker Corporation that compromised their Microsoft environmen…
rss:BleepingComputer
—
05:40 KSA
<strong>Dutch Ministry of Finance discloses breach affecting employees</strong>
The Dutch Ministry of Finance confirmed a cyberattack that breached some of its systems, detected last week. The incident affected employee data and represents a significant breach of a critical gove…
rss:BleepingComputer
—
05:40 KSA
<strong>OpenAI rolls out ChatGPT Library to store your personal files</strong>
OpenAI introduced a new 'Library' feature for ChatGPT that enables users to store personal files and images on OpenAI's cloud storage for future reference. This raises data privacy and security consid…
rss:BleepingComputer
—
05:40 KSA
<strong>Mazda discloses security breach exposing employee and partner data</strong>
Mazda Motor Corporation disclosed a security incident detected in December that exposed information belonging to employees and business partners. The breach affects a major automotive manufacture…
rss:CISA Advisories
—
05:40 KSA
<strong>Automated Logic WebCTRL Premium Server</strong>
Critical vulnerabilities discovered in Automated Logic WebCTRL Premium Server that could allow attackers to read, intercept, or modify communications. The vulnerabilities pose significant risks to building automation and HV…
rss:CISA Advisories
—
05:40 KSA
<strong>Schneider Electric EcoStruxure PME and EPO</strong>
Schneider Electric disclosed vulnerabilities in EcoStruxure Power Monitoring Expert (PME) and Power Operation (EPO) products. These on-premises software solutions are used in power-critical and energy-intensive faciliti…
rss:CISA Advisories
—
05:40 KSA
<strong>CTEK Chargeportal</strong>
Multiple vulnerabilities in CTEK Chargeportal could allow attackers to gain unauthorized administrative control over electric vehicle charging stations or launch denial-of-service attacks. This threatens the availability and security of EV char…
rss:CISA Advisories
—
05:39 KSA
<strong>Schneider Electric Modicon M241, M251, and M262</strong>
Critical vulnerability in Schneider Electric Modicon controllers (M241, M251, M262) versions prior to 5.4.13.12 allows attackers to cause denial-of-service conditions. This affects industrial control systems used i…
rss:CISA Advisories
—
05:39 KSA
<strong>Schneider Electric Modicon Controllers M241, M251, M258, and LMC058</strong>
Cross-site scripting and open redirect vulnerabilities in Schneider Electric Modicon controllers (M241, M251, M258, LMC058) could lead to account takeover or code execution in user browsers. Thi…
rss:CISA Advisories
—
05:39 KSA
<strong>IGL-Technologies eParking.fi</strong>
Multiple vulnerabilities in IGL-Technologies eParking.fi charging station systems allow attackers to gain unauthorized administrative control or launch denial-of-service attacks. This threatens electric vehicle charging infrastructur…
rss:BleepingComputer
—
05:39 KSA
<strong>HackerOne discloses employee data breach after Navia hack</strong>
Bug bounty platform HackerOne suffered a supply chain breach affecting hundreds of employees after attackers compromised Navia, its U.S. benefits administrator. The incident highlights third-party vendor …
rss:BleepingComputer
—
05:39 KSA
<strong>Infinite Campus warns of breach after ShinyHunters claims data theft</strong>
Infinite Campus, a major K-12 student information system, disclosed a data breach following extortion attempts by threat actors. The breach affects educational institutions and potentially expo…
rss:BleepingComputer
—
05:39 KSA
<strong>Yanluowang ransomware access broker gets 81 months in prison</strong>
A Russian national received an 81-month prison sentence for operating as an initial access broker for Yanluowang ransomware operations. This conviction demonstrates international law enforcement cooper…
rss:US-CERT Alerts
—
05:24 KSA
<strong>CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization</strong>
CISA and USCG conducted a proactive threat hunt at a US critical infrastructure organization and identified multiple cybe…
rss:US-CERT Alerts
—
05:24 KSA
<strong>#StopRansomware: Interlock</strong>
CISA issued a joint advisory as part of the #StopRansomware campaign detailing the Interlock ransomware variant. The advisory provides network defenders with information on tactics, techniques, and procedures used by this ransomware th…
rss:US-CERT Alerts
—
05:24 KSA
<strong>Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider</strong>
CISA warns that ransomware actors exploited an unpatched vulnerability in SimpleHelp RMM software to compromise a utility billing soft…
rss:Threatpost
—
05:23 KSA
<strong>Ransomware Attacks are on the Rise</strong>
Lockbit ransomware group leads summer attacks as the most prolific threat actor, followed by two groups originating from the disbanded Conti ransomware operation. Organizations face increased risk from these highly active ranso…
rss:Threatpost
—
05:23 KSA
<strong>Cybercriminals Are Selling Access to Chinese Surveillance Cameras</strong>
Tens of thousands of Chinese surveillance cameras remain vulnerable to an 11-month-old critical CVE that has not been patched. Cybercriminals are actively selling unauthorized access to these comp…
rss:Threatpost
—
05:23 KSA
<strong>Twitter Whistleblower Complaint: The TL;DR Version</strong>
Twitter's former head of security filed a whistleblower complaint alleging severe security and privacy failures at the social media platform. The complaint raises concerns about inadequate security practices, da…
rss:The Hacker News
—
05:23 KSA
<strong>5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents</strong>
Gartner published its first Market Guide for Guardian Agents on February 25, 2026, establishing a new category in cybersecurity technology. This guide defines the emerging market for AI-pow…
rss:The Hacker News
—
05:23 KSA
<strong>Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner</strong>
An active phishing campaign targets French-speaking corporate environments using fake resumes containing highly obfuscated VBScript files. The attack deploys cryptocurrency miners a…
rss:The Hacker News
—
05:23 KSA
<strong>The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills</strong>
Despite increased specialization and advanced tooling in cybersecurity, organizations continue struggling with fundamental security challenges. The article highlights how over-specializa…
rss:SecurityWeek
—
05:23 KSA
<strong>Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector</strong>
Poland experienced a surge in cyberattacks in 2025, including a destructive infiltration of its energy infrastructure in December suspected to originate from Russia. The…
rss:SecurityWeek
—
05:23 KSA
<strong>RSAC 2026 Conference Announcements Summary (Day 1)</strong>
Summary of vendor announcements made on the first day of the RSA Conference 2026. The article covers new cybersecurity products, services, and solutions presented by various security vendors at the industry's pr…
rss:SecurityWeek
—
05:23 KSA
<strong>Extortion Group Claims It Hacked AstraZeneca</strong>
The Lapsus$ extortion group claims to have breached AstraZeneca, allegedly compromising internal code repositories, employee credentials, and sensitive employee data. This represents a significant data breach targetin…
rss:Recorded Future
—
05:22 KSA
<strong>February 2026 CVE Landscape: 13 Critical Vulnerabilities Mark 43% Drop from January</strong>
February 2026 recorded 13 critical vulnerabilities requiring immediate patching, representing a 43% decrease from January's 23 vulnerabilities. This reduction in high-impact CVEs…
rss:Recorded Future
—
05:22 KSA
<strong>Latin America's Cybersecurity Turning Point: From Reactive Defense to Threat Intelligence</strong>
Latin America faces escalating cyber threats including PIX payment fraud, ransomware, and targeted attacks that overwhelm reactive security approaches. Organizations r…
rss:Recorded Future
—
05:22 KSA
<strong>Recorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from CYBERA</strong>
Recorded Future enhances payment fraud prevention through partnership with CYBERA to detect money mule networks and scam-linked bank accounts. This expansion p…
rss:Mandiant Blog
—
05:22 KSA
<strong>Proactive Preparation and Hardening Against Destructive Attacks: 2026 Edition</strong>
Mandiant provides updated guidance on preparing for and defending against destructive malware attacks that aim to destroy data and eliminate evidence. The guidance includes new recomme…
rss:Mandiant Blog
—
05:22 KSA
<strong>Look What You Made Us Patch: 2025 Zero-Days in Review</strong>
Google Threat Intelligence Group tracked 90 zero-day vulnerabilities exploited in the wild during 2025, representing a decrease from record highs. The analysis provides critical insights into exploitation tre…
rss:Mandiant Blog
—
05:22 KSA
<strong>Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit</strong>
Google Threat Intelligence Group discovered 'Coruna', a sophisticated exploit kit targeting iPhone devices running iOS versions 13.0 through 17.2.1. The kit contains five exploits and represents a sign…
rss:Malwarebytes Lab
—
05:21 KSA
<strong>The March Madness scam playbook</strong>
Cybercriminals exploit major sporting events like March Madness to launch various scam campaigns targeting fans. The article provides guidance on identifying and avoiding common fraud schemes associated with large-scale sports tou…
rss:Malwarebytes Lab
—
05:21 KSA
<strong>Advanced Flow will make Android sideloading safer</strong>
Google introduces Advanced Flow security feature for Android to enhance sideloading safety by implementing delays that disrupt scam-driven application installations. This measure aims to protect users from malici…
rss:Malwarebytes Lab
—
05:21 KSA
<strong>A week in security (March 16 &#8211; March 22)</strong>
Weekly cybersecurity roundup covering various security topics and incidents from March 16-22, 2026. Provides consolidated overview of recent threats, vulnerabilities, and security developments.
Source: https://…
rss:Krebs on Securit
—
05:21 KSA
<strong>Microsoft Patch Tuesday, March 2026 Edition</strong>
Microsoft released security patches addressing 77 vulnerabilities in Windows and other software products. While no zero-day exploits were patched this month, unlike February's five critical zero-days, some updates may …
rss:Krebs on Securit
—
05:21 KSA
<strong>How AI Assistants are Moving the Security Goalposts</strong>
AI-powered assistants and autonomous agents with access to user systems, files, and online services are gaining popularity among developers and IT workers. Recent incidents highlight significant security concer…
rss:Krebs on Securit
—
05:21 KSA
<strong>Who is the Kimwolf Botmaster “Dort”?</strong>
Following disclosure of a vulnerability used to create Kimwolf, the world's largest and most disruptive botnet, the operator known as 'Dort' has orchestrated widespread distributed attacks. The investigation focuses on identi…
rss:Dark Reading
—
05:21 KSA
<strong>GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead</strong>
A sophisticated AI-assisted campaign has distributed over 300 malicious packages disguised as legitimate software including developer tools and game cheats through GitHub. The trojanized packages …
rss:Dark Reading
—
05:21 KSA
<strong>How a Large Bank Uses AI Digital Twins for Threat Hunting</strong>
JPMorgan Chase has implemented AI-powered digital twins and digital fingerprinting technology for advanced threat hunting capabilities. This approach enables the bank to identify malicious actors and susp…
rss:Dark Reading
—
05:21 KSA
<strong>Microsoft Proposes Better Identity, Guardrails for AI Agents</strong>
Microsoft has introduced new security features to address emerging threats from agentic AI systems. The proposed controls focus on enhanced identity management and protective guardrails to help organiz…
rss:CISA Advisories
—
05:20 KSA
<strong>Schneider Electric EcoStruxure Automation Expert</strong>
Schneider Electric disclosed a vulnerability in its EcoStruxure Automation Expert plant automation software used for digital control systems in industrial processes. The vulnerability affects critical infrastructu…
rss:CISA Advisories
—
05:20 KSA
<strong>Mitsubishi Electric CNC Series</strong>
Mitsubishi Electric CNC Series contains a vulnerability that allows remote attackers to cause an out-of-bounds read, resulting in denial-of-service conditions. Affected versions include M800VW and M80 series used in computer numeri…
rss:CISA Advisories
—
05:20 KSA
<strong>CISA Adds One Known Exploited Vulnerability to Catalog</strong>
CISA added CVE-2026-20131 to its Known Exploited Vulnerabilities Catalog due to active exploitation. The vulnerability affects Cisco Secure Firewall Management Center and Cisco Security Cloud Control, involv…
rss:CISA Advisories
—
05:20 KSA
<strong>Schneider Electric Plant iT/Brewmaxx</strong>
Critical vulnerabilities discovered in Schneider Electric Plant iT/Brewmaxx version 9.60 and above could allow privilege escalation leading to remote code execution. These flaws pose significant risks to industrial control sy…
rss:CISA Advisories
—
05:20 KSA
<strong>CISA Adds Five Known Exploited Vulnerabilities to Catalog</strong>
CISA added five actively exploited vulnerabilities to its KEV Catalog, including critical flaws in Apple products and Craft CMS. Organizations must prioritize patching these vulnerabilities as they are be…
rss:CISA Advisories
—
05:20 KSA
<strong>Russian Intelligence Services Target Commercial Messaging Application Accounts</strong>
CISA and FBI warn of ongoing phishing campaigns by Russian Intelligence Services targeting commercial messaging applications to bypass encryption and compromise accounts. These sophis…
rss:BleepingComputer
—
05:20 KSA
<strong>Firefox now has a free built-in VPN with 50GB monthly data limit</strong>
Mozilla Firefox 149 introduces a built-in VPN feature providing 50GB monthly data allowance for enhanced user privacy. This privacy tool aims to protect browsing activities and encrypt internet tra…
rss:BleepingComputer
—
05:20 KSA
<strong>Microsoft fixes bug causing Classic Outlook sync issues with Gmail</strong>
Microsoft resolved a bug affecting email synchronization between Classic Outlook and Gmail/Yahoo services. The fix addresses connection and sync problems that impacted business email communicatio…
rss:BleepingComputer
—
05:20 KSA
<strong>Zero Trust: Bridging the Gap Between Authentication and Trust</strong>
Multi-factor authentication alone is insufficient as attackers can hijack session tokens and bypass identity verification. Zero Trust architecture requires continuous verification of both user identit…
rss:US-CERT Alerts
—
05:10 KSA
<strong>Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure</strong>
Pro-Russia hacktivist groups are conducting opportunistic cyberattacks targeting critical infrastructure in the US and globally. CISA has issued joint guidance foc…
rss:US-CERT Alerts
—
05:10 KSA
<strong>CISA Shares Lessons Learned from an Incident Response Engagement</strong>
CISA conducted incident response at a US federal civilian agency after malicious activity was detected through EDR security alerts. The advisory shares lessons learned and best practices from this …
rss:US-CERT Alerts
—
05:10 KSA
<strong>Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System</strong>
Chinese state-sponsored cyber actors are conducting global espionage campaigns targeting telecommunications, government, transportation, lodging, and milit…
rss:Threatpost
—
05:10 KSA
<strong>Student Loan Breach Exposes 2.5M Records</strong>
A data breach affecting student loan records has exposed personal information of 2.5 million individuals. The incident poses significant risks for identity theft and follow-on attacks targeting affected victims.
Source: …
rss:Threatpost
—
05:10 KSA
<strong>Watering Hole Attacks Push ScanBox Keylogger</strong>
APT group TA423 is conducting watering hole attacks to deploy ScanBox, a JavaScript-based reconnaissance framework. The attacks compromise legitimate websites to harvest credentials and conduct surveillance on targete…
rss:Threatpost
—
05:10 KSA
<strong>Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms</strong>
The 0ktapus threat group conducted a large-scale phishing campaign targeting over 130 organizations by spoofing multi-factor authentication systems. The campaign aims to bypass MFA protections and steal cor…
rss:The Hacker News
—
05:10 KSA
<strong>FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns</strong>
The U.S. FCC has banned imports of new foreign-manufactured consumer routers due to unacceptable cybersecurity and national security risks. This action aims to protect American communica…
rss:The Hacker News
—
05:10 KSA
<strong>TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise</strong>
Threat actor TeamPCP compromised the popular Python package LiteLLM (versions 1.82.7-1.82.8) through CI/CD pipeline attacks on Trivy and KICS. The malicious versions contain credential h…
rss:The Hacker News
—
05:10 KSA
<strong>Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR</strong>
A large-scale malvertising campaign since January 2025 targets U.S. users searching for tax documents, delivering malicious ConnectWise ScreenConnect installers. The malware deploys …
rss:SecurityWeek
—
05:09 KSA
<strong>HackerOne Employee Data Exposed in Massive Navia Breach</strong>
HackerOne, a cybersecurity firm, suffered a data breach affecting hundreds of employees through an attack on third-party vendor Navia. Personal information of employees was stolen in the incident, highlight…
rss:SecurityWeek
—
05:09 KSA
<strong>DoE Publishes 5-Year Energy Security Plan</strong>
The US Department of Energy's CESER launched Project Armor, a five-year initiative to strengthen critical energy infrastructure security. The plan focuses on hardening energy systems against cyber threats and improving r…
rss:SecurityWeek
—
05:09 KSA
<strong>Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw</strong>
Agentic AI systems are evolving from passive tools to autonomous agents with direct system access, raising significant governance and security concerns. The OpenClaw case demonstrates the need…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Wednesday, March 25, 2026
CVE Archive ·
Threats ·
News