Cybersecurity

The Russian state-sponsored group Turla (aka Secret Blizzard) has evolved its Kazuar malware into a modular, peer-to-peer botnet.This new architecture features three specialized modules—Kernel,...

Microsoft disclosed an actively exploited spoofing vulnerability tracked as CVE-2026-42897 in on-premise Exchange Server versions.The flaw allows attackers to execute arbitrary JavaScript by sending...

Cisco patched a critical vulnerability (CVE-2026-20182) in its Catalyst SD-WAN software that has been exploited in limited attacks.The flaw, with a maximum CVSS score...

Attackers targeted the PraisonAI vulnerability within 3 hours and 44 minutes of its public disclosure on May 11, 2026.The flaw, CVE-2026-44338, is a missing...

A new Linux kernel vulnerability dubbed "Fragnesia" (CVE-2026-46300) allows unprivileged local attackers to gain root access.The bug is in the XFRM ESP-in-TCP subsystem and...

Microsoft has unveiled MDASH, a multi-model AI system for finding and fixing software vulnerabilities at scale.The system uses over 100 specialized AI agents to...

RubyGems, a crucial package manager for Ruby software, has paused new user registrations due to a major malicious attack.The incident involves hundreds of compromised...

Instructure, the parent company of Canvas, reached a ransom agreement with the ShinyHunters cybercrime group to prevent the leak of stolen data.The attack, involving...