Ubiquiti warns of new max severity UniFi OS vulnerability
Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw that can be exploited in comman...
The latest cybersecurity news — data breaches, zero-days, ransomware, CVEs and threat intelligence. Aggregated from Krebs on Security, Bleeping Computer, The Hacker News and more.
71 articles · Updated 2 min ago · Browse all categories
Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw that can be exploited in comman...
Anna Edwards, Guy Johnson and Paul Dobson break down today's key themes for analysts and investors on "Bloomberg: The Opening Trade." (Source: Bloomberg)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to patch an actively exploited maximum-severity flaw in the ...
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, c...
DeepSeek accidentally created a working browser ransomware technique targeting Android photos, Check Point Research found, without human guidance involved.
Millions of low-cost, off-brand Android devices were hijacked to help criminals hide online.
Comments
Redditor "Mags_Smash" recently complained about seeing McAfee pop-up ads on his PC despite never having installed the antivirus suite. He eventually traced t...
Keyfactor Inc., a provider of software tools that help enterprises encrypt their data, has raised more than $1 billion from investment firm Summit Partners. ...
IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other data from ...
Roughly half of all 23andMe customers were impacted by the breach.
The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.
Barracuda Networks Inc. today announced that it has acquired Evo Security Inc., a startup with a platform for managing employee access to business applicatio...
Presented by Red Hat At VentureBeat's recent AI Impact event, where the discussion centered on what separates enterprises that scale agentic AI from those th...
Pixel 6 may miss Google’s next Android kernel upgrade, but security patches and Android 17 are still expected through October 2026. The post Pixel 6 Android ...
Chinese hackers tracked as 'UAT-7810' are actively evolving their malware to expand their Operational Relay Box (ORB) network by compromising internet-facing...
A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over...
From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging se...
Anthropic on Tuesday launched Claude Cowork on mobile and web, expanding a tool that has quietly become the company's bridge between the developer-centric wo...
JadePuffer could be the first reported case of a ransomware attack driven by AI from start to finish. How can businesses respond?
The National Police in Spain have arrested a man who is suspected of being an active member of the CyberArmy of Russia Reborn (CARR) and Z-Pentest, both pro-...
A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last wee...
The Popa botnet relied on a malicious software development kit embedded in low-cost Android-based devices, including smart TVs and streaming boxes, as well a...
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial int...
Researchers at artificial intelligence security company Noma Security Inc. today disclosed a critical prompt injection vulnerability in GitHub Inc.’s new Age...
Cybersecurity validation startup Picus Security Inc. today launched the Picus Autonomous Exposure Validation Platform, a system that merges breach and attack...
Cloud security company Sysdig Inc. has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial...
Attackers wasted little time targeting the latest memory disclosure flaw in Citrix's NetScaler products, after researchers published a proof-of-concept explo...
DHS confirmed a breach of the Homeland Security Information Network, an unclassified platform used for security and emergency coordination. The post DHS Conf...