Five takeaways from the UK’s Cyber Security & Resilience Bill
The content of the Cyber Security & Resilience Bill (CSRB) recently introduced to Parliament contained few surprises. Having spent a significant amount of time working…
Latest Cybersecurity News — Page 448
View all →
PortSwigger partners with Meta Bug Bounty to empower bug hunters with training and Pro licenses
Fran Hutchings | Tuesday, 7 April 2026 at 12:12 UTC We’re excited to announce a new partnership with Meta Bug Bounty, bringing together two organizations…
‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace
Security researchers at Noma Security have disclosed a new vulnerability they are calling GrafanaGhost, an exploit capable of silently stealing sensitive data from Grafana environments…
Zero‑click Grafana AI attack can enable enterprise data exfiltration
From there, attackers use indirect prompt injection techniques to manipulate the AI into executing malicious instructions. The model is tricked into generating requests that include…
Microchip secures IEC 62443-4-1 ML2 certification as regulatory pressure mounts on device security
As connected systems spread across residential, industrial and commercial environments, the need for independently verified cybersecurity assurance is becoming a core requirement. To help address…
CSIS flags Iran’s shift from episodic cyberattacks to sustained campaign against critical infrastructure
New analysis from the Center for Strategic and International Studies (CSIS) identified that Iran’s approach to cyber conflict is no longer episodic or symbolic, reflecting…
The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines
By Diana Brown Cisco Talos has recently observed an increase in activity that is leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. These emails…
Protecting Against Session Hijacking & Credential Theft
Cybercriminals are constantly refining their tactics and attack methodologies. With growing threats like session hijacking and credential theft, these aren’t just buzzwords—they’re real threats that…
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. As the company explained when it acknowledged…
Iran-Linked Hackers Launch Password Spray Campaign Against Microsoft 365 Tenants in Middle East
Microsoft 365 tenants in the Middle East are facing a new password spray campaign tied to an Iran-linked threat actor. Rather than starting with malware…
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential‑theft operation that has already compromised at least 766 servers in…
GitHub Copilot CLI gets a second-opinion feature built on cross-model review
Coding agents make decisions in sequence: a plan is drafted, implemented, then tested. Any error introduced early compounds as subsequent steps build on the same…