_Dragos_Condrea_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
How to Stay on Top of Future Threats With a Cutting-Edge SOC
CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security.
Microsoft Patches 6 Actively Exploited Zero-Days
Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products.
In Bypassing MFA, ZeroDayRAT Is 'Textbook Stalkerware'
With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering.
SolarWinds WHD Attacks Highlight Risks of Exposed Apps
Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers.
Asia Fumbles With Throttling Back Telnet Traffic in Region
Only Taiwan made the top 10 list of governments, effectively blocking the threat-ridden protocol, but overall, the region lagged in curbing Telnet traffic.
Top Cyber Industry Defenses Spike CO2 Emissions
Organizations can improve their climate footprints by optimizing two specific cybersecurity protections, without incurring added risks.
AI Rising: Do We Know Enough About the Data Populating It?
Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data.
North Korea's UNC1069 Hammers Crypto Firms With AI
In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.
Senegalese Data Breaches Expose Lack of 'Security Maturity'
Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents.
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group we
When Cloud Outages Ripple Across the Internet
Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects h
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on Decembe