Active threats, vulnerabilities, and cyber incidents worldwide.
Real-time cybersecurity intelligence with full source verification.
A binding operational directive from CISA will require federal agencies to remediate critical vulnerabilities within days based on a new prioritization framework.
Anthropic releases Claude Fable 5, its most capable model, with two variants: a public version with safety classifiers and a vetted Mythos 5 variant for offensive security testing.
Microsoft has released a security update for an Exchange Server zero-day vulnerability (CVE-2026-42897) that was being actively exploited in cross-site scripting attacks targeting Outlook Web Access users.
A coalition of state attorneys general is investigating OpenAI regarding the impact of its ChatGPT technology on young users.
A former IT employee was sentenced to 21 months in prison for a prolonged cyberattack against an Iowa school district that disrupted operations and caused tens of thousands of dollars in damages.
Cybersecurity findings from Amazon spurred a government directive restricting foreign national access to Anthropic’s advanced AI models.
Anthropic has disabled its Fable 5 and Mythos 5 AI models globally to comply with a Trump administration order aimed at preventing access by foreign nationals.
More than 400 packages in the Arch User Repository are distributing a Linux rootkit and infostealer targeting credentials and access tokens.
The tech giant accuses a Chinese cybercrime network of using its Gemini AI to craft phishing text messages targeting Americans.
A critical vulnerability in Splunk Enterprise could let unauthenticated attackers achieve remote code execution, with a CVSS score of 9.8.
The U.S. government has ordered Anthropic to abruptly suspend access to its most advanced AI models, Claude Fable 5 and Mythos 5, for foreign nationals citing national security concerns.
A vulnerability in the phpBB forum software has been resolved after allowing attackers to log in as any user for 10 years.
Hackers leveraged a critical Oracle ERP vulnerability to steal large volumes of data from US universities, with no patch yet available.
Operation targeted Outsider cybercrime platform that enabled scams using fake package delivery and toll alerts.
Ukrainian national Oleksii Lytvynenko admits role in Conti ransomware conspiracy, faces up to two decades in U.S. prison.
Maine took its public data breach reporting portal offline following fraudulent disclosures, while 23andMe victims move closer to a $47 million settlement.
A roundup of overlooked cybersecurity stories includes Google restructuring its security team, persistent ICS device exposure, and a new Microsoft incident response playbook for AI.
CISA mandates a three-day patch timeline under BOD 26-04 for an Ivanti Sentry vulnerability being actively exploited in attacks.
An amendment by Senator Kirsten Gillibrand to establish a new military service branch for cyber operations under the Army failed in the Senate.
The Personal Information Protection Commission levied the largest-ever penalty for a personal data breach against the e-commerce giant.
Managed detection and response services face mounting challenges as adversaries leverage AI to accelerate attacks, demanding a fundamental rethinking of the model.
Attackers are actively targeting a critical-severity OS command injection flaw in Ivanti Sentry, with exploitation attempts detected on honeypots.
Researchers disclosed three patched vulnerabilities in LangChain's open-source LangGraph framework, including an SQL injection chain leading to remote code execution in self-hosted AI agent deployments.
An AI hacker says they bypassed Fable 5's guardrails, but Anthropic argues the method does not constitute a true jailbreak.
A breach of France's encrypted messaging platform Tchap has compromised the accounts of over 73,000 government employees.
Law enforcement in Europe has disrupted a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks.
Coinbase's quantum advisory council urges crypto developers to begin post-quantum migration work immediately, warning that unresolved questions around vulnerable coins could pose one of Bitcoin's biggest challenges.
Threat actors are actively exploiting a critical unauthenticated remote code execution vulnerability in Oracle PeopleSoft Suite, with attacks targeting universities for data theft.
Oracle has alerted customers to a critical vulnerability in its PeopleSoft software following claims by the hacking group ShinyHunters that it breached over 100 organizations using the product.
An amendment to establish a dedicated cyber military service failed in a narrow committee vote.
New analysis reveals The Gentlemen ransomware group, linked to LockBit, Qilin, and Medusa, has infected 478 victims with worm-like capabilities.
Developers report the new model blocks benign prompts due to aggressive safety classifiers, raising tensions between security and usability.
A maximum-severity Ivanti Sentry vulnerability is being actively exploited, as CISA orders federal agencies to patch it within three days.
A new exploit called GreatXML leverages a Windows recovery partition XML parsing flaw to bypass BitLocker encryption.
Hackers are reducing phishing volumes but leveraging AI to craft more targeted and convincing attacks, increasing overall risk.
OpenAI banned two clusters of ChatGPT accounts linked to China that conducted covert influence campaigns targeting U.S. tech and policy debates, including backlash over data center energy costs.
The credential-stealing Miasma attack framework was briefly open-sourced, while separate research shows OpenClaw AI agents can be tricked into leaking secrets.
Denis Obrezko, 36, accused of compromising at least 11 U.S. companies in Kremlin-linked espionage operation, appeared in Boston court after extradition from Thailand.
A PowerShell script in patch files for Siemens' building automation platform is causing widespread false positive detections across multiple security engines.
New directive BOD 26-04 mandates faster remediation of vulnerabilities listed in the Known Exploited Vulnerabilities catalog, driven by accelerating AI-powered attacks.
Multiple critical vulnerabilities, including a command injection flaw in FortiSandbox, allow remote code execution and information disclosure.
AI's rapid exploitation capabilities have erased the traditional time buffer between vulnerability discovery and weaponization, driving CISOs to redirect budgets toward breach and attack simulation (BAS) platforms.
ShinyHunters leaks email addresses and other data after accessing student records system.
GitHub is making security-focused changes to npm version 12, disabling install scripts by default to thwart supply-chain attacks.
A developer argues that insecure AI code completions in JetBrains' PyCharm could introduce vulnerabilities.
North Korean cybercriminal groups are boosting state revenues through targeted attacks on business and financial firms in the region.
A new CISA directive requires federal agencies to patch the most dangerous vulnerabilities within three days, with 180 days to adopt the new timeline.
OpenAI reported a suspected Chinese influence operation that attempted to use its AI chatbot ChatGPT to generate debate around data center policies, though evidence of real-world impact remains minimal.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation.
Researchers report Anthropic's new model Claude Fable is rejecting routine tasks like reading blog posts and conducting code reviews, citing overly strict safety filters.
Microsoft is barring internal use of Anthropic's Claude Fable 5 over new 30-day data retention rules, though the model remains available to customers via GitHub Copilot and Foundry.
Researchers warn of a resurgent China-linked botnet using compromised SOHO and IoT devices for large-scale reconnaissance, with a focus on US military networks.
A deepfake campaign attack ad in Minnesota raises ethical and transparency concerns over AI-generated political content.
Cyera becomes one of the most valuable private cybersecurity firms globally with a $600 million funding round.
Devices upgraded to Windows 11 24H2 or 25H2 may encounter installation failures for monthly security patches, Microsoft confirmed.
Two Russia-linked threat groups are actively exploiting a year-old path traversal vulnerability in WinRAR to target Ukrainian military and government organizations.
A new Rust-based container runtime, Nucleus, offers enhanced isolation and reproducibility for ephemeral AI workloads and NixOS services.
AI company launches Fable 5, a restricted version of its most advanced AI system, over cybersecurity concerns.
Attackers exploited an unauthenticated access flaw in a ServiceNow API endpoint, exposing customer data.
A Ukrainian officer details a mid-range drone campaign using artificial intelligence to disrupt Russian supply chains far from the front.
Meta asked a federal court to hold NSO Group in contempt for alleged links to phishing attempts targeting WhatsApp users.
A security test reveals OpenClaw's AI email agent can be tricked by phishing tactics, potentially leaking user data.
The U.S. Space Force has selected Viasat and Intelsat to build the first of a new generation of protected, anti-jam communication satellites.
A new worm, Miasma, has burrowed into 73 Microsoft repositories via a previously compromised GitHub account, escalating a months-long supply chain campaign.
A newly disclosed flaw in Veeam Backup & Replication enables authenticated domain users to achieve remote code execution on domain-joined backup servers.
Meta will leverage business-shared data to personalize user feeds and AI chatbot responses, extending data use beyond targeted ads.
An attacker seized governance control of the low-cap Token of Power, minting billions of tokens and draining a Balancer V1 liquidity pool.
A FIDO Alliance survey finds five billion passkeys now in use and 90% awareness, driven by security gains over traditional passwords.
Microsoft removed 73 repositories across its GitHub organizations after they were compromised to inject information-stealing malware into continuous integration pipelines.
The National Reconnaissance Office awards BlackSky a contract for new satellites featuring an AI-optimized image detection system.
AI enables attackers to generate malware and bypass security checks, undermining traditional vulnerability disclosure norms.
The company will bring its advanced Claude Mythos-class models to more partners and countries, with a public release planned within weeks.
A stack-based buffer overflow vulnerability in HP VoIP phones enables remote code execution, posing a serious threat to enterprise networks.
The U.S. cybersecurity agency orders federal agencies to patch a two-year-old, high-severity Oracle WebLogic vulnerability now being actively exploited in attacks.
Lockheed Martin’s ACES platform delivers a shared virtual battlespace to enhance European readiness, interoperability, and decision-making amid evolving threats.
Attackers are weaponizing vulnerabilities within hours of disclosure, outpacing traditional patch cycles and forcing a shift to faster alerting and response strategies.
Attackers exploited Meta's AI support bot to take over high-profile Instagram accounts, including the White House and US Space Force.
Attackers exploited a flaw in Meta's AI assistant to reset account credentials, leading to the defacement of the Obama White House and Space Force accounts.
Over 30 packages in Red Hat's @redhat-cloud-services npm namespace were infected with malware targeting developer credentials.
A brute-force attack on Dashlane accounts led to the download of encrypted vaults for fewer than 20 personal subscription users, though the company's security systems locked most accounts.
Post-quantum cybersecurity firm SEALSQ invests €5.4 million to take majority control of Geneva-based Wecan Group, a compliance startup serving private banks.
Oracle launched its first monthly Critical Security Patch Update cycle, addressing 77 vulnerabilities to accelerate critical fix deliveries.
Spanish National Police arrested an individual for leaking sensitive data of government employees, including those at the National Cybersecurity Institute (INCIBE).
Attackers are actively exploiting a PAN-OS GlobalProtect VPN authentication bypass flaw, while Palo Alto's AI tool Mythos uncovered over two dozen critical vulnerabilities in its own source code.
Microsoft says it will not pursue legal action against security researchers who disclose vulnerabilities, following a backlash over zero-day exploit disclosures.
Anthropic partners with the European Union's cybersecurity agency ENISA through Project Glasswing, granting access to its AI safety evaluation tool.
An inspector general report finds NIST errors have rendered the National Vulnerability Database increasingly ineffective, with the backlog doubling since early 2024.
A malicious npm package posing as a remote web UI for OpenAI Codex has stolen authentication tokens from developers, marking a new supply chain attack campaign.
Authorities seized command-and-control servers linked to a massive botnet of infected devices used for residential proxy services and cybercrime.
IEEE's president calls on engineers to redesign digital systems that were built for adults, as one-third of internet users are now under 18.
A leaked document reveals Philadelphia police are monitoring social media for posts opposing AI data centers, raising First Amendment concerns.
Nearly 2,000 WordPress websites were infected with malware that uses Steam Community profile comments to conceal command-and-control data.
A new cyber espionage campaign called Operation Dragon Weave uses spear-phishing emails to deliver an AdaptixC2 agent to officials and citizens in the Czech Republic and Taiwan.
Dragos acquires extended Internet of Things security specialist Phosphorus to boost asset visibility and remediation capabilities for industrial environments.
Microsoft is investigating an ongoing incident that prevents users of Office for the web and Teams from opening files.
A security incident at Plaza Home Mortgage may have exposed customers' and employees' personal information.
Belgium's cybersecurity authority warns that CVE-2026-41089 is now being actively exploited by threat actors.