Cybersecurity

Cybersecurity's greatest challenge is human vulnerability, not technology.AI-generated phishing attacks are making the initial malicious "click" nearly impossible to detect.A rapid containment plan focused...

vm2 Node.js library users must urgently update to version 3.11.2 to patch twelve critical sandbox escape vulnerabilities.The flaws allow attackers to break out of...

A new Mirai-derived botnet called xlabs_v1 is targeting internet-exposed Android devices to build a DDoS-for-hire service.The malware specifically hunts for Android Debug Bridge (ADB)...

Google has expanded its Binary Transparency initiative to the entire Android ecosystem to combat supply chain attacks.The system creates a public cryptographic log, similar...

The Apache Software Foundation has patched a severe, actively exploitable remote code execution (RCE) flaw in its widely used HTTP Server software.The vulnerability, tracked...

Threat actors are actively exploiting CVE-2026-29014, a critical code injection flaw in MetInfo CMS.The vulnerability allows remote, unauthenticated attackers to execute arbitrary PHP code...

The North Korean ScarCruft hacking group compromised a video game platform to deploy the BirdCall backdoor, targeting ethnic Koreans.This supply chain attack, ongoing since...

A phishing campaign codenamed VENOMOUS#HELPER has targeted over 80 organizations, primarily in the U.S., since at least April 2025.Attackers use legitimate Remote Monitoring and...