Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
Exploit for "Bad Epoll" Linux kernel vulnerability (CVE-2026-46242) can lead to root access on desktops, servers, and Android ...
Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences.
Zscaler found attackers using SEO poisoning and hidden prompts in malicious websites to manipulate AI agents into making cryptocurrency payments.
Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in the US over ATM jackpotting. SecurityWeek’s cybersecurity news weekly roundup ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Medtronic is notifying 3.8 million individuals that their personal and medical information was compromised in an April 2026 data breach.
Alleged Scattered Spider hacker Peter Stokes has been extradited to the US to face charges tied to a 2025 cyberattack and a cryptocurrency ransom demand.
A joint Google and FBI operation disrupted the NetNut residential proxy network, which leveraged millions of malware-infected Android devices to hide cyberattacks.
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
A comprehensive audit of AI-assisted software development gives CISOs the visibility needed to quantify risk, strengthen ...
FortiBleed campaign targeting FortiGate firewalls is tied to INC and Lynx ransomware, with over 110 million stolen credentials linked to attacks.