UAC-0145 uses fake CAPTCHA checks on compromised sites to push Windows malware, while COWARDDUCK backdoors Android devices ...
Volexity links UTA0533 to two SonicWall SMA 1000 zero-days used before disclosure to gain root, plant malware, and capture ...
WordPress 6.9.5 and 7.0.2 patch wp2shell, a pre-auth core RCE that lets anonymous attackers run code on default installs, ...
NadMesh scans exposed AI services for AWS keys, Kubernetes tokens, model access, and MCP tools while Docker and Jenkins lead ...
OpenSSL fixed HollowByte after 11-byte TLS requests could strand memory on glibc systems, but shipped no CVE, advisory, or ...
Autonomous defense systems need trusted infrastructure to move telemetry, command data, and AI outputs across platforms, ...
Expel links CylindricalCanine to DigiCert's April 2026 breach, where stolen certificates were used to sign Zhong Stealer and ...
Armenia holds Aleksandr Yuryevich Ermakov on a U.S. REvil extradition request, while his lawyers say Washington is seeking a ...
AI speeds offensive testing, but unproven findings increase triage noise unless teams verify reachability, impact, and ...
New GoSerpent malware targets Southeast Asian government and diplomatic entities, deploying SOCKS5 proxies, credential ...
CVE-2026-59208, a JWT matching flaw that could log users into another issuer’s account on affected multi-issuer Enterprise ...
Zoom fixes CVE-2026-53412, a 9.8-rated Windows flaw that could enable account takeover via network access, plus three ...