Thousands of publicly exposed Google Cloud API keys may have silently gained access to Gemini AI services after organizations enabled the Generative Language API, according to new security research....
In a significant cybersecurity incident, the University of Hawaiʻi Cancer Center fell victim to a ransomware attack that compromised sensitive personal information belonging to potentially over a...
Security researchers have identified a new malware campaign attributed to APT37, a North Korean state-linked threat actor, targeting air-gapped environments. The operation demonstrates increasingly...
The U.S. Department of Defense (DoD) has reportedly designated AI developer Anthropic as a “supply chain risk,” a move that signals heightened scrutiny in federal procurement processes and...
Meta has launched a new wave of legal action against scam advertisers operating across multiple continents, signaling a more aggressive stance against fraud networks abusing its advertising...
When Anthropic unveiled Claude Code Security, markets reacted instantly. A tool capable of scanning full codebases, identifying vulnerabilities, and proposing fixes directly inside developer...
Juniper Networks has issued an out-of-band security update for Junos OS Evolved on PTX series routers after identifying a critical vulnerability that can hand an attacker root-level code execution...
Darktrace reported detecting more than 32 million high-confidence phishing emails in 2025, highlighting a significant rise in automated, identity-driven cyberattacks. The findings indicate that...
In the ever-evolving landscape of cybersecurity threats, a new vulnerability has emerged as a stark reminder of the vulnerabilities inherent in even the most robust network infrastructures. On...
Broadcom has released security updates addressing multiple vulnerabilities in VMware Aria Operations, including a critical command injection flaw that could allow remote code execution (RCE) by...
The ShinyHunters extortion group has published a 6.1GB archive allegedly containing data from 12.4 million CarGurus user accounts. The dataset includes a broad range of personal and account-related...
Microsoft is strengthening data protection controls for Microsoft 365 Copilot by expanding Microsoft Purview Data Loss Prevention (DLP) enforcement across all storage locations. The update ensures...
In a significant development within the cybersecurity landscape, the notorious North Korean state-sponsored hacking collective known as the Lazarus Group has been linked to the deployment of Medusa...
When defenders talk about “living off the cloud,” this is what they mean. Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners moved to disrupt a long-running espionage...
SolarWinds has released Serv-U version 15.5.4 to address four critical vulnerabilities affecting Serv-U 15.5 installations. The flaws, tracked as CVE-2025-40538 through CVE-2025-40541, each carry a...
Researchers at Check Point have disclosed critical vulnerabilities in Anthropic’s Claude Code that could allow attackers to achieve remote code execution and silently exfiltrate API credentials...
Marquis Software Solutions has filed a lawsuit against cybersecurity vendor SonicWall, alleging that security failures within the vendor’s cloud backup infrastructure enabled a ransomware attack that...
In the ever-evolving landscape of digital threats, healthcare organizations remain prime targets for cybercriminals seeking to exploit sensitive patient data for profit. One such incident that has...
A new report by independent threat researcher @goyaramen outlines how a likely lone operator integrated large language models (LLMs) directly into a malicious intrusion workflow, enabling...
Researchers at S2 Grupo’s LAB52 have attributed a spear-phishing campaign dubbed “Operation MacroMaze” to the Russia-linked threat group APT28. Active between September 2025 and January 2026, the...