‘Miasma’ worm infests Red Hat npm packages
Researchers at security vendor Aikido have detected over 30 compromised Red Hat Cloud Services packages on the open source npm registry, with malware similar to…
Latest Cybersecurity News — Page 113
View all →
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Threat actors are exploiting a critical-severity Windows Netlogon vulnerability for remote code execution, Centre for Cybersecurity Belgium (CCB) warns. Tracked as CVE-2026-41089 (CVSS score of…
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini June 01, 2026 U.S. Cybersecurity and Infrastructure Security Agency…
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
Researchers and threat hunters are scrambling to respond to an actively exploited authentication-bypass vulnerability affecting Palo Alto Networks customers’ firewalls. The company initially tagged CVE-2026-0257…
Press Release: CSO30 ASEAN & Hong Kong Awards 2026 open for nominations
The CSO30 ASEAN & Hong Kong Awards return in 2026, as an important moment to recognise the cybersecurity leaders and teams who are making resilience…
Dozens of Red Hat packages backdoored through its official NPM channel
The worm, dubbed Shai-Hulud, has all the hallmarks of malware released last month as freely available open source. TeamPCP was the first group to use…
Google Threat Intelligence in Elastic Security — Elastic Security Labs
Elastic Security natively ingests Google Threat Intelligence: known-malicious IPs, domains, URLs, and file hashes matched against your telemetry the moment they appear, each carrying a…
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. Thousands of websites have…
Critical Vulnerability Magento Cache Plugin Enables Remote Code Execution Attacks
A critical security vulnerability has been discovered in a widely used Magento caching plugin that allows attackers to remotely execute malicious code with no login,…
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability in a widely used Magento extension is exposing thousands of online stores to remote code execution (RCE) attacks. The vulnerability, tracked…
Why Encrypted File Sharing Is Essential for Modern Businesses
Consider the history of any recent corporate scandal, and it is quite possible to guess what the story began with: a poorly secured file. No…
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
CVE-2026-41089, a critical Windows Netlogon RCE flaw that allows remote code execution, is now actively exploited in the wild, the Centre for Cybersecurity Belgium (CCB)…