Latest Cybersecurity News
View all →
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
Ravie LakshmananMar 18, 2026Network Security / Vulnerability Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol)…
ATO to upgrade its IBM mainframe again in quiet $104.8m deal
The Australian Taxation Office is set to upgrade to IBM’s z17 mainframe under a $104.8 million expansion of an existing mainframe modernisation program it signed…
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal in phishing campaign Pierluigi Paganini March 22, 2026 Russia-linked actors target WhatsApp and Signal accounts of officials and journalists…
What are LOLBins? How to Detect Malicious Threats
LOLBin stands for “Living Off the Land Binaries,” tools that are pre-installed as part of an operating system. LOLBins are not malicious in themselves but…
Ex-data analyst stole company data in $2.5M extortion scheme
A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data analyst contractor. While a Justice…
AstraZeneca Data Breach – LAPSUS$ Group Allegedly Claims Access to Internal Data
The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company AstraZeneca. The threat…
Getting the Threat Model Right
When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious…
US, Germany, Canada disrupt botnets
Law enforcement agencies in the United States, Germany and Canada have carried out an operation to take down infrastructure used by four major botnets that…
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager Pierluigi Paganini March 22, 2026 Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated…