Cybersecurity

A new Linux malware, Quasar Linux RAT (QLNX), is stealthily targeting developers to steal credentials for software supply chains.The malware can hide itself, harvest...

A new, actively exploited flaw (CVE-2026-6973) in Ivanti Endpoint Manager Mobile allows authenticated admins remote code execution.The U.S. Cybersecurity and Infrastructure Security Agency (CISA)...

Cybersecurity's greatest challenge is human vulnerability, not technology.AI-generated phishing attacks are making the initial malicious "click" nearly impossible to detect.A rapid containment plan focused...

vm2 Node.js library users must urgently update to version 3.11.2 to patch twelve critical sandbox escape vulnerabilities.The flaws allow attackers to break out of...

A new Mirai-derived botnet called xlabs_v1 is targeting internet-exposed Android devices to build a DDoS-for-hire service.The malware specifically hunts for Android Debug Bridge (ADB)...

Google has expanded its Binary Transparency initiative to the entire Android ecosystem to combat supply chain attacks.The system creates a public cryptographic log, similar...

The Apache Software Foundation has patched a severe, actively exploitable remote code execution (RCE) flaw in its widely used HTTP Server software.The vulnerability, tracked...

Threat actors are actively exploiting CVE-2026-29014, a critical code injection flaw in MetInfo CMS.The vulnerability allows remote, unauthenticated attackers to execute arbitrary PHP code...