Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
WaterPlum: North Korean Hackers Abuse VS Code Tasks to Target Crypto and Web3 Developers
North Korean state-aligned threat actors tracked as WaterPlum, and linked to the Contagious Interview campaign, are exploiting Visual Studio Code ...
Linux Foundation Tackles AI-Generated Bug Report Noise in Open Source Security
Six major technology companies — Anthropic, AWS, GitHub, Google, Microsoft and OpenAI — have committed $12.5 million to a new ...
Trivy Supply Chain Attack: How a GitHub Actions Compromise Exposed CI/CD Secrets
The open source vulnerability scanner Trivy, widely integrated into container, Kubernetes and repository security workflows, has become the center of ...
US Justice Department Disrupts Massive IoT Botnets Behind Record-Breaking DDoS Attacks
The US Department of Justice (DoJ) has led a large‑scale operation to disrupt the command‑and‑control (C2) infrastructure of several major ...
Eight AWS Bedrock Attack Vectors: Securing Enterprise AI Beyond the Model
AWS Bedrock is rapidly becoming a core foundation for enterprise AI applications, giving organizations managed access to foundation models and ...
Quest KACE SMA CVE-2025-32975: Critical Authentication Bypass Under Active Attack
Corporate networks are facing active exploitation of CVE-2025-32975, a critical authentication bypass vulnerability in the Quest KACE Systems Management Appliance ...
Apple Security Alert: Coruna and DarkSword Exploits Target Outdated iOS Devices
Apple has released a security warning for iPhone users who continue to run outdated versions of iOS. According to the ...
AI-Driven Financial Fraud: Interpol Warns of Industrialized Cybercrime
Artificial intelligence is rapidly transforming the economics of cybercrime. According to Interpol’s latest report on financial fraud, AI-enhanced operations generate ...
Global Takedown of Aisuru, Kimwolf, JackSkid and Mossad IoT DDoS Botnets
Law enforcement agencies in the United States, Germany and Canada have carried out a coordinated operation against four of the ...
CVE-2026-3888 in Ubuntu 24.04: snapd Vulnerability Enables Local Privilege Escalation
A new high-severity vulnerability, CVE-2026-3888, has been identified in Ubuntu Desktop 24.04 and newer, allowing a local, unprivileged attacker to ...
