Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Millions of Unencrypted FTP Servers Still Exposed Online, Censys Warns
File Transfer Protocol (FTP) is more than 50 years old, yet it continues to be widely used on the public ...
KelpDAO rsETH Hack: $290M Cross-Chain Attack Highlights Critical DeFi Weaknesses
A sophisticated cross-chain attack against DeFi protocol KelpDAO has led to the theft of approximately $290 million in rsETH tokens, ...
NIST Overhauls NVD: What “Not Scheduled” CVEs Mean for Vulnerability Management in 2026
The U.S. National Institute of Standards and Technology (NIST) has announced a fundamental shift in how the National Vulnerability Database ...
Spain Dismantles Tu Manga Online: Inside the Cybersecurity Risks of Pirate Manga Platforms
Spanish law enforcement has carried out a large-scale operation against online piracy, shutting down Tu Manga Online (TMO), also known ...
Lotus Wiper: Destructive Cyberattacks Hit Venezuela’s Energy and Utilities Sector
A wave of destructive cyberattacks against Venezuela’s energy and utilities sector in late 2025 and early 2026 has been linked ...
IPv8 IETF Draft: What the New Internet Protocol Proposal Means for Cybersecurity
A new Internet Protocol Version 8 (IPv8) Internet-Draft published on the Internet Engineering Task Force (IETF) website has triggered active ...
Critical Model Context Protocol (MCP) Flaw Enables Remote Code Execution in LLM Tooling Ecosystem
Security researchers have identified a critical architectural flaw in the Model Context Protocol (MCP), a standard used to connect large ...
Stolen Credentials and the DAIR Model: Rethinking Incident Response in the Age of AI
Stolen and abused credentials remain one of the most reliable and widely used initial access vectors in cyber attacks, despite ...
CISA Expands KEV Catalog with Eight Exploited Vulnerabilities Targeting SD-WAN, CI/CD and Remote Access
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added eight new entries to its Known Exploited Vulnerabilities (KEV) catalog, ...
Critical CVE-2026-34197 Apache ActiveMQ Classic Vulnerability Exploited via Jolokia
The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed active exploitation of the critical vulnerability CVE-2026-34197 in Apache ActiveMQ ...
