Cybersecurity

Dashlane disclosed a brute-force attack where encrypted vaults for fewer than 20 personal plan users were downloaded.The attack, launched on May 31, 2026, aimed...

A new supply chain attack campaign called Miasma has compromised multiple official @redhat-cloud-services npm packages.The malware steals credentials and secrets from developer machines to...

A China-aligned cyber espionage campaign, Operation Dragon Weave, has targeted officials and citizens in the Czech Republic and Taiwan.The attackers used spear-phishing emails to...

A critical vulnerability (CVE-2026-8732) in the WP Maps Pro WordPress plugin allows attackers to create admin accounts.The flaw affects versions prior to 6.1.1 and...

Dutch authorities dismantled a massive botnet of at least 17 million infected devices.The botnet's backend infrastructure included over 200 servers based in the Netherlands.The...

A threat actor used an LLM agent to automate post-exploitation actions after breaching a public-facing Marimo notebook via the critical CVE-2026-39987 vulnerability.The automated agent...

A critical, unpatched security flaw in the open-source Git service Gogs allows authenticated users to execute arbitrary code on the server.The vulnerability, rated 9.4...

Microsoft advocates for Coordinated Vulnerability Disclosure (CVD) following the uncoordinated public release of multiple Windows zero-days.A researcher disclosed six high-severity vulnerabilities, including three already...