Latest Cybersecurity News
View all →
Carnival confirms data breach impacting nearly 6 million
Carnival Corporation, parent of Carnival Cruise Line, is sending out fresh “Notice of Cybersecurity Event” letters dated May 27, 2026. If you feel like you’ve…
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Ravie LakshmananMay 28, 2026Zero Day / Vulnerability Disclosure Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to…
Why DDoS attacks have become a permanent threat for Gulf enterprises
As geopolitical tensions continue to escalate across the Middle East, cyber attacks have become an increasingly visible extension of regional conflict. Governments, telecoms operators, financial…
ACCC greenlights Superloop, Lynham separation plan
The Australian Competition and Consumer Commission has approved a structural separation plan that will allow Superloop to complete its $165 million acquisition of rival, Lynham…
New BTMOB Android Malware Enables Full Device Takeover
The BTMOB remote access trojan (RAT) is becoming a heightened threat to Android users due to its data theft and device takeover capabilities, ESET warns.…
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini May 28, 2026 U.S. Cybersecurity and Infrastructure Security…
Zapier fixes bug chain that researchers say risked widespread account takeover
Security researchers chained together five separate weaknesses in the popular workflow automation service Zapier that, if first discovered by a malicious actor, could have granted…
Authenticated RCE via Argument Injection in Gogs (NOT FIXED)
Overview Rapid7 Labs discovered a critical argument injection (CWE-88) vulnerability in Gogs, a popular open-source self-hosted Git service. Rapid7 Labs scores this vulnerability as CVSSv4…
GlassWorm falls, but the repo problem is far from solved
The CrowdStrike-led takedown, conducted alongside Google and the Shadowserver Foundation, disrupted infrastructure linked to the campaign that had poisoned hundreds of repositories with malicious packages…