🔒

Cybersecurity News

The latest cybersecurity news — data breaches, zero-days, ransomware, CVEs and threat intelligence. Aggregated from Krebs on Security, Bleeping Computer, The Hacker News and more.

71 articles · Updated 2 min ago · Browse all categories

Bleeping Computer 17 min ago

Ubiquiti warns of new max severity UniFi OS vulnerability

Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw that can be exploited in comman...

Bloomberg Markets 25 min ago

Bonds Show Vulnerability to Iran Setback: 3-Minutes MLIV

Anna Edwards, Guy Johnson and Paul Dobson break down today's key themes for analysts and investors on "Bloomberg: The Opening Trade." (Source: Bloomberg)

Bleeping Computer 1 hr ago

CISA orders feds to patch max severity ColdFusion flaw by Friday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to patch an actively exploited maximum-severity flaw in the ...

The Hacker News (Security) 2 hr ago

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control...

The Hacker News (Security) 2 hr ago

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, c...

TechRadar 7 hr ago

DeepSeek accidentally built a working ransomware strain, experts note, 'What we are witnessing is a fundamental shift in how novel cyber attacks are born'

DeepSeek accidentally created a working browser ransomware technique targeting Android photos, Check Point Research found, without human guidance involved.

CNET 7 hr ago

Google and the FBI Target Massive Botnet That Quietly Used Home Devices to Mask Cybercrime

Millions of low-cost, off-brand Android devices were hijacked to help criminals hide online.

Lobsters 7 hr ago

OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root (CVE-2026-57589)

Comments

Ad
TechSpot 8 hr ago

LG and Alienware monitors caught auto-installing Windows adware

Redditor "Mags_Smash" recently complained about seeing McAfee pop-up ads on his PC despite never having installed the antivirus suite. He eventually traced t...

SiliconANGLE 9 hr ago

Encryption management startup Keyfactor raises $1B+ in funding

Keyfactor Inc., a provider of software tools that help enterprises encrypt their data, has raised more than $1 billion from investment firm Summit Partners. ...

Bleeping Computer 10 hr ago

Accenture confirms breach after hacker offers stolen data for sale

IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other data from ...

Gizmodo 11 hr ago

Court Approves $46 Million 23andMe Settlement For 2023 Data Breach Victims

Roughly half of all 23andMe customers were impacted by the breach.

Dark Reading 11 hr ago

Big Brand Jobs Scam Targets Marketing Pros' Google Accounts

The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.

SiliconANGLE 11 hr ago

Barracuda Networks acquires access management startup Evo Security

Barracuda Networks Inc. today announced that it has acquired Evo Security Inc., a startup with a platform for managing employee access to business applicatio...

VentureBeat 12 hr ago

The real cost, security, and culture problems behind enterprise AI agents

Presented by Red Hat At VentureBeat's recent AI Impact event, where the discussion centered on what separates enterprises that scale agentic AI from those th...

TechRepublic 12 hr ago

Pixel 6 Android Kernel Upgrade Exclusion Explained for Owners

Pixel 6 may miss Google’s next Android kernel upgrade, but security patches and Android 17 are still expected through October 2026. The post Pixel 6 Android ...

Ad
Bleeping Computer 13 hr ago

Chinese hackers develop LONGLEASH malware to expand ORB network

Chinese hackers tracked as 'UAT-7810' are actively evolving their malware to expand their Operational Relay Box (ORB) network by compromising internet-facing...

The Hacker News (Security) 15 hr ago

RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service

A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over...

TechCrunch 15 hr ago

Hacked, leaked, and held for ransom: The worst breaches of 2026 so far

From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging se...

VentureBeat 16 hr ago

Anthropic brings Claude Cowork to mobile and web as usage data shows most users aren’t coding

Anthropic on Tuesday launched Claude Cowork on mobile and web, expanding a tool that has quietly become the company's bridge between the developer-centric wo...

ZDNet 16 hr ago

Why this fully agentic ransomware attack is giving researchers nightmares

JadePuffer could be the first reported case of a ransomware attack driven by AI from start to finish. How can businesses respond?

Bleeping Computer 17 hr ago

Spain arrests suspected member of pro-Russian hacktivist groups

The National Police in Spain have arrested a man who is suspected of being an active member of the CyberArmy of Russia Reborn (CARR) and Z-Pentest, both pro-...

The Hacker News (Security) 17 hr ago

DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts

A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last wee...

TechSpot 18 hr ago

The FBI and Google just took down a botnet that hijacked 2 million smart TVs

The Popa botnet relied on a malicious software development kit embedded in low-cost Android-based devices, including smart TVs and streaming boxes, as well a...

Ad
The Hacker News (Security) 19 hr ago

Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants

Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial int...

SiliconANGLE 19 hr ago

‘GitLost’ vulnerability let GitHub’s AI workflows leak private repositories

Researchers at artificial intelligence security company Noma Security Inc. today disclosed a critical prompt injection vulnerability in GitHub Inc.’s new Age...

SiliconANGLE 19 hr ago

Picus Security launches autonomous platform to validate exposures in one loop

Cybersecurity validation startup Picus Security Inc. today launched the Picus Autonomous Exposure Validation Platform, a system that merges breach and attack...

SiliconANGLE 1d ago

AI agent exploits Langflow in first fully autonomous ransomware attack

Cloud security company Sysdig Inc. has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial...

Dark Reading 1d ago

CitrixBleed-ing Again? NetScaler Vulnerability Under Attack

Attackers wasted little time targeting the latest memory disclosure flaw in Citrix's NetScaler products, after researchers published a proof-of-concept explo...

TechRepublic 1d ago

DHS Confirms Breach of Homeland Security Information Network

DHS confirmed a breach of the Homeland Security Information Network, an unclassified platform used for security and emergency coordination. The post DHS Conf...

Load more Cybersecurity News

Explore other categories