Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...

Quantum computing and its threat to current encryption and the unknown threat of powerful quantum automated by advanced AI.

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

CISA has added to the KEV catalog two Linux vulnerabilities leading to privilege escalation and authentication bypass via ...

Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.

Domains set up by the threat actor suggest attacks aimed at Atlassian, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, and WeWork. Many major organizations appear to have been targeted in a recent ...

Vulnerabilities in Dormakaba physical access control systems could have allowed hackers to remotely open doors at major ...

Cloud security provider Upwind has raised $250 million in a Series B funding round that brings its valuation to $1.5 billion.

Market intelligence firm Crunchbase has confirmed a data breach after hackers published files allegedly stolen from its ...

Understanding how threat hunting differs from reactive security provides a deeper understanding of the role, while hinting at how it will evolve in the future.

The Stanley website-spoofing malware toolkit displays legitimate URLs in the address bar while serving phishing pages to ...

Russian state-sponsored APT Sandworm deployed data-wiping malware in a December 2025 cyberattack against Poland’s power grid.