CISA warns Fortinet users to secure devices after FortiBleed leak
Fortinet customers must secure their devices immediately due to a massive data leak exposing nearly 74,000 firewall and VPN credentials.
Stay informed
Cyber Security News
The threats, breaches, and patches that matter — curated and distilled into fast, plain-English briefings for busy security professionals.
Last updated 25m ago
Threats & Breaches 15
Gentlemen ransomware uses multiple EDR killers to disable defenses
Gentlemen ransomware's EDR killers pose a significant threat to organizations' ability to detect and respond to attacks, making it harder to contain and recover
Novo Nordisk Breach Exposes Software Development Pipeline Risk
A leaked GitHub token exposes a common security mistake: treating secrets management as a tooling issue, not an identity and access control problem.
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo's internal survey data was stolen in a cyberattack, but the company's own systems remain secure.
USB worm spreads crypto-stealing malware via Windows shortcut files
A new USB worm spreads malware via Windows shortcut files, targeting cryptocurrency wallets and using Tor for stealthy communication.
ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
Cyber threats are evolving to exploit user trust in AI, cloud services, and browser extensions, making it harder to detect and respond to attacks.
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2
A sophisticated Windows malware campaign is using a USB LNK worm and Tor-based C2 to target users and steal cryptocurrency.
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Klue OAuth breach allowed threat actors to steal sensitive Salesforce data from multiple companies, highlighting the risk of OAuth vulnerabilities in cloud-base
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
INC ransomware has become a top threat, targeting over 830 victims since 2023, exploiting vulnerabilities in popular software and leveraging RaaS model for rapi
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic
DragonForce hackers are using Microsoft Teams relays to hide their malicious C2 traffic, making it harder to detect and disrupt their ransomware operations.
Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp
Law enforcement took down 15,000 malware-infected websites and 100 servers tied to the SocGholish botnet and Russian cybercrime group Evil Corp.
ShapedPlugin update flow hacked to infect WordPress sites
A security vulnerability in the update process of a popular WordPress plugin has allowed hackers to infect sites with malware.
Telegram admits it couldn't police exam-leak channels, India tells court
Telegram's inability to police exam-leak channels raises questions about its effectiveness in preventing illicit activities on its platform.
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
CISA warns of widespread Fortinet device vulnerabilities exploited by hackers using exposed credentials, urging immediate hardening to prevent further attacks.
Leak confirms OpenAI is testing a ChatGPT for Science subscription
OpenAI is testing a premium version of ChatGPT for science use cases, potentially offering advanced features and access to experts, but details on availability
Patches & CVEs 8
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple patches critical vulnerability in Beats Studio Buds that could allow nearby attackers to eavesdrop on users via microphone.
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
F5 patches two critical NGINX OS vulnerabilities that can enable remote code execution, potentially allowing attackers to take control of affected systems.
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
Apple patches critical Bluetooth vulnerability in Beats Studio Buds that could enable eavesdropping by nearby hackers.
CISA Adds One Known Exploited Vulnerability to Catalog
A newly added vulnerability in Splunk Enterprise, used by attackers, requires immediate attention from security teams to prevent exploitation.
AVer PTC cameras
Exploitation of AVer PTC camera vulnerability could lead to arbitrary code execution, posing a significant risk to users' sensitive data and systems.
AzeoTech DAQFactory
Exploitation of AzeoTech DAQFactory's unpatched vulnerability could lead to arbitrary code execution, posing a significant risk to industrial control systems an
F5 issues out-of-band patches for critical NGINX vulnerabilities
Critical NGINX vulnerabilities allow remote code execution, prompting urgent patching to prevent potential attacks.
Microsoft fixes Windows Server 2016 security update failures
Microsoft fixed a critical issue with Windows Server 2016 security updates that were failing due to outdated systems.
AI Security 4
NY man charged after harassing college student with AI-generated nudes
A man used AI-generated deepfakes to harass a college student, highlighting the potential for AI-generated content to be used in cyberstalking.
Operation Escaneo Signals Shift in LatAm Threat Landscape
Operation Escaneo's unique business model blurs lines between financially motivated and nation-state sponsored cybercrime, complicating threat intelligence and
Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network
Unmonitored AI agents within networks pose a significant risk of unauthorized access and data breaches.
EU Gets a Head Start in Developing 6G Network Security
The EU is launching a comprehensive 6G network security initiative to develop cutting-edge threat detection and mitigation techniques for the next generation of
General 13
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
Salesforce disabled Klue app integration after OAuth token abuse exposed customer data, potentially putting sensitive information at risk.
FIFA Bug Exposed World Cup Streams to Remote Takeover
A critical vulnerability in FIFA's Entra system could have allowed hackers to remotely access and manipulate World Cup streams, potentially disrupting the event
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
A publicly-traded Israeli company is linked to a massive Android botnet used for ad fraud, account takeovers, and data scraping.
Salesforce Data Thefts Continue via Klue App Compromise
Salesforce customers are at risk of data theft via compromised integrations, not just phishing or password attacks.
5 reasons Microsoft 365 backup isn’t enough for business data protection
Microsoft 365 doesn't provide comprehensive data protection, leaving businesses vulnerable to data loss and recovery issues.
Get Out of Security Debt by Tackling the Exposure Problem
Understanding exposed vulnerabilities is crucial for prioritizing and addressing security debt to prevent costly breaches and data loss.
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
Critical vulnerabilities in Apollo Pharmacy Blood Glucose Monitoring System could allow attackers to access sensitive patient health data and disrupt device fun
Schneider Electric EasyLogic T150 and Saitel DP
A critical vulnerability in Schneider Electric's EasyLogic T150 and Saitel DP allows unauthorized access to sensitive files, posing a significant risk to indust
Rockwell Automation FactoryTalk Historian Site Edition
Critical vulnerabilities in Rockwell Automation's FactoryTalk Historian Site Edition could allow attackers to gain unauthorized access or crash the system.
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products
Schneider Electric's PowerChute Serial Shutdown product has critical vulnerabilities that could allow remote code execution and denial-of-service attacks.
Mitsubishi Electric MELSEC iQ-F Series
A critical vulnerability in Mitsubishi Electric's MELSEC iQ-F Series could allow a remote attacker to cause a denial-of-service (DoS) condition.
Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module
A critical vulnerability in Mitsubishi Electric's MELSEC iQ-F Series FX5-ENET/IP module could lead to a remote DoS attack, disrupting industrial control system
The Scripts on Your Checkout Page Are Now a PCI DSS Problem
New PCI DSS rules now consider third-party scripts on checkout pages as part of the payment card environment, increasing security risk and compliance burden.