China-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian…
The Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and stored…
A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers…
OpenAI has released a comprehensive cyber defense roadmap titled “Cybersecurity in the Intelligence Age” to responsibly equip defenders with AI-powered security tools faster than malicious…
A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN…
Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP…
A newly disclosed high-severity vulnerability in the Cursor AI-powered coding environment could allow attackers to execute arbitrary code on a developer’s machine, raising fresh concerns…
Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed “CursorJacking,” this flaw carries a CVSS score of…
Lazarus Group is abusing “ClickFix” social engineering to push a new macOS malware kit dubbed “Mach-O Man,” giving attackers a direct path to credentials, Keychain secrets, and…
Federal authorities have charged 19-year-old Peter Stokes, known online as “Bouquet,” for his alleged role in the notorious cybercriminal group Scattered Spider. Law enforcement arrested…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026,…
Application security provider Checkmarx has officially confirmed a new security incident involving the exposure of its internal GitHub repository. On April 27, 2026, Udi-Yehuda Tamar,…
