A complex espionage campaign attributed to Chinese APT group Lotus Blossom, active since 2009. The investigation uncovered a sophisticated compromise of Notepad++ distribution infrastructure that…
Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last week. The…
Ravie LakshmananFeb 03, 2026Open Source / Vulnerability Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular…
CGI’s artificial intelligence (AI) head knows his current job title won’t exist in the future, when AI is established in enterprise environments. Russell Goodenough, UK…
By Ido Shlomo, CTO and Co-Founder, Token Security Security leaders have spent years hardening identity controls for employees and service accounts. That model is now…
There is a comforting illusion in cybersecurity leadership: when things get noisy, you add more people. More analysts. More shifts. More headcount. It feels decisive. It…
Apache Syncope, a popular open-source identity and access management platform, has disclosed a critical XML External Entity (XXE) vulnerability in its Console component. The vulnerability,…
The Hacker NewsFeb 03, 2026Threat Detection / Enterprise Security Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough…
Thank you for joining! Access your Pro+ Content below. 3 February 2026 Datacentre indecision: UK government’s back and forth on planning Share this item with…
The United Kingdom’s data protection authority launched a formal investigation into X and its Irish subsidiary over reports that the Grok AI assistant was used…
A new variant of the PDFly malware has emerged with advanced techniques that challenge traditional analysis methods. The malware uses a modified PyInstaller executable that…
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a critical vulnerability affecting multiple versions of KiloView Encoder Series devices, warning that unauthenticated attackers could…
