CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33017 Langflow Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant…
Category: EN
Linux Ransomware Pay2Key Attacking Organizations Ervers, Virtualization Hosts, and Cloud Workloads
Linux has long been considered a more secure operating system than Windows, but that reputation is being tested. A ransomware group known as Pay2Key, attributed to Iranian threat actors, has developed a Linux variant that is actively targeting organizational servers,…
“Unhackable” No More: Researcher Demonstrates Hardware-Level Exploit on Xbox One
For years, the Xbox One was widely viewed as one of the few gaming systems that had resisted successful hacking. That perception has now changed after a new hardware-based attack method was publicly demonstrated. At the RE//verse 2026 event, security…
2025 Talos Year in Review: Speed, scale, and staying power
The 2025 Talos Year in Review is available now. Understand evolving adversary playbooks and how to strengthen your organization’s defenses. This article has been indexed from Cisco Talos Blog Read the original article: 2025 Talos Year in Review: Speed, scale,…
Beers with Talos breaks down the 2025 Talos Year in Review
The Beers with Talos team unpack the biggest cybersecurity threats of 2025, from React2Shell to ransomware and identity abuse, and what it all means for defenders going forward. This article has been indexed from Cisco Talos Blog Read the original…
US Bans New Foreign-Made Home Routers Over National Security Fears
The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and…
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident…
SmartApeSG ClickFix Campaign Delivers Remcos, NetSupport RAT, StealC and Sectop RAT
A threat campaign known as SmartApeSG — also tracked under the names ZPHP and HANEYMANEY — has been observed pushing multiple strains of malware through a social engineering technique called ClickFix. The campaign, active as recently as March 24, 2026,…
macOS Threats Are the Biggest Security Gap in 2026: How SOC Teams Close It
macOS has become a standard part of modern business environments, especially across engineering, product, and leadership teams. That makes it a growing security concern: when a Mac used by a high-access employee is compromised, it can lead to stolen credentials,…
Helping MSPs Take Control of Certificate Management: Introducing Sectigo Partner Platform
The digital trust ecosystem is undergoing its fastest shift in decades, and for Managed Service Providers (MSPs), this change creates a major market opportunity. As of March 15, 2026, the lifespan of newly issued SSL/TLS certificates has been cut from…
The Dark Side of DDoS: Why DDoS Downtime is Harder to Prevent
Cloudflare recently published data that offers clear insight into where the DDoS threat environment is heading. DDoS attacks are becoming larger, more frequent, and more sophisticated, with botnets reaching unprecedented scale. But beyond the headline numbers, the report also points…
Identity security is the new pressure point for modern cyberattacks
Read the latest Microsoft Secure Access report for insights into why a unified identity and access strategy offers strong modern protection. The post Identity security is the new pressure point for modern cyberattacks appeared first on Microsoft Security Blog. This…
Russia arrests alleged owner of cybercrime forum LeakBase, report says
Russian state-owned media reported that police in Russia arrested the administrator of LeakBase, a large hacking forum. This article has been indexed from Security News | TechCrunch Read the original article: Russia arrests alleged owner of cybercrime forum LeakBase, report…
AI-Driven Phishing Campaign Exploits Device Permissions to Steal Biometric and Personal Data
A fresh wave of digital deception, driven by machine learning tools, shifts how hackers grab personal information — no longer relying on password theft but diving into deeper system controls. Spotted by analysts at Cyble Research & Intelligence Labs…
Hackers claim to have accessed data tied to millions of crime tipsters
A hacktivist group claims to have obtained sensitive data on crime tipsters and the people they reported, dating back to 1987. This article has been indexed from Malwarebytes Read the original article: Hackers claim to have accessed data tied to…
Novee Brings Autonomous Red Teaming to LLM Applications, Built From Its Own Vulnerability Research
Novee has introduced AI Red Teaming for LLM Applications, an autonomous security testing capability built into its AI penetration testing platform. The product is designed to find vulnerabilities in AI-powered applications before attackers do, addressing a category of risk that…
Skyhawk Security Adds Threat Actor Context to Cloud Attack Scenarios, Mapping Simulations to Known Adversaries
Skyhawk Security has added Threat Actor Context to its cloud security platform, giving security teams a way to understand simulated attack scenarios through the lens of known adversary behavior. The enhancement connects Skyhawk’s AI Red Team attack simulations to real-world…
Miggo Security Expands Runtime Defense Platform With AI-BOM, Agentic Detection, and MCP Monitoring
Miggo Security is significantly expanding its Runtime Defense Platform at RSA Conference 2026, adding an AI Bill of Materials, runtime guardrails, and Agentic Detection and Response capabilities. The release is aimed at organizations running AI agents, Model Context Protocol toolchains,…
Entro Security Launches AGA to Govern AI Agents and Non-Human Identities Across the Enterprise
Entro Security has announced Agentic Governance & Administration (AGA), a new pillar of its platform designed to help security and identity teams govern AI agents and AI access paths across enterprise systems. The company is showcasing AGA at RSA Conference…
Vicarius Launches vIntelligence, a Second Flagship Product for Continuous Agentic Validation
Vicarius has announced vIntelligence, a second flagship product that adds continuous agentic validation to the company’s security portfolio. The launch marks a shift for Vicarius from a single-product company to a two-product operation, with vIntelligence complementing its existing vRx remediation…