Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...

Authorities dismantled LeakBase, a cybercrime forum with 142,000 members trading stolen credentials and financial data in a global crackdown.

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via ...

In all, a total of 149 hacktivist DDoS claims were recorded targeting 110 distinct organizations across 16 countries. The attacks were carried out by 12 different groups, including Keymous+, DieNet, ...

New RFP guide helps CISOs evaluate AI governance tools, focusing on interaction-level security and vendor accountability.

CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches released by Broadcom.

Google’s March 2026 Android update patches 129 vulnerabilities, including exploited Qualcomm flaw CVE-2026-21385 and critical ...

SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025–2026.

In addition to abusing identity dark matter, left unchecked, MCP agents (AI Agents that use the MCP protocol to connect to ...

Fake IT support calls delivered Havoc C2, enabling credential theft, lateral movement, and ransomware prep across five ...