What CISA KEV Is And Isn’t And A Tool To Help Security Teams
A new paper gives an insider’s perspective into CISA’s Known Exploited Vulnerability catalog – and also offers a free tool to help security teams use…
Latest Cybersecurity News — Page 431
View all →
Bulletproof Hosting Providers Leverage Legitimate ISPsystem to Supply Servers for Cybercriminals
In the constantly shifting landscape of online threats, cybercriminals have found a new way to strengthen their attacks by hiding behind legitimate technology. Late in…
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. The…
New FvncBot Attacking Android Users by Exploiting Accessibility Services
A dangerous new malicious application has surfaced, targeting mobile banking customers in Poland. Observed on November 25, 2025, this threat masquerades as a legitimate security…
CISA warns of SmarterMail RCE flaw used in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that ransomware actors are exploiting CVE-2026-24423, a critical vulnerability in SmarterMail that allows remote code execution without…
Phishing and OAuth Token Flaws Lead to Full Microsoft 365 Compromise
Modern web applications frequently introduce unforeseen attack surfaces through seemingly harmless features designed for user engagement, such as newsletter signups, contact forms, and password resets.…
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare Pierluigi Paganini February 06, 2026 AISURU/Kimwolf botnet hit a record 31.4 Tbps DDoS…
Ransomware attacks against education sector slow worldwide
Dive Brief: In 2025, there were 251 ransomware attacks on educational institutions worldwide — of which 94 incidents were confirmed by the targeted organizations, according…
EDR, Email, and SASE Miss This Entire Class of Browser Attacks
Most enterprise work now happens in the browser. SaaS applications, identity providers, admin consoles, and AI tools have made it the primary interface for accessing…
Flickr Data Breach – 35 million users Data at Risk
Flickr Data breach Flickr has disclosed a potential data breach stemming from a vulnerability in a third-party email service provider’s system. The incident, reported on…
Flickr Notifies Users of Data Breach After External Partner Security Flaw
Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs, though passwords and payments stayed secure. A…
State-backed phishing attacks targeting military officials and journalists on Signal
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, and investigative…