Cybersecurity News
-
Google’s Bug Bounty Program Hits Record $17 Million in 2025 Payouts
Google announced a record-breaking year for its Vulnerability Reward Program (VRP) in 2025, paying out over $17 million to ethical hackers globally to secure its platforms. This milestone marked a…
Read More » -
2,000+ FortiClient EMS Instances Exposed Online as Attackers Exploit Active RCE Flaw
Cybersecurity researchers have issued an urgent warning for organizations using Fortinet’s FortiClient Enterprise Management Server (EMS). Over 2,000 instances of this critical administrative tool are currently exposed to the public…
Read More » -
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber operations have evolved from a monolithic structure to a modular, portfolio-style ecosystem. This design ensures resilience, making malware disposable to withstand exposure, obscure attribution, and maintain ongoing…
Read More » -
Threat Actors Weaponize Fake Microsoft Teams Domains to Target Users
North Korean state-sponsored threat actors, specifically the group known as UNC1069, are actively deploying counterfeit Microsoft Teams domains as part of sophisticated social engineering campaigns designed to distribute malicious software.…
Read More » -
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and npm maintainers. Security researchers confirm…
Read More » -
Top 10 Best Identity And Access Management (IAM) Companies 2026
In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become the foundational pillar of enterprise security. As organizations navigate the…
Read More » -
Anthropic Ends Claude Subscription Access for Third-Party Tools Like OpenClaw
Anthropic has officially terminated third-party AI agent access to its Claude subscription services, ending unauthorized external integrations. This move represents a significant change for developers and power users regarding interaction…
Read More » -
LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software
A new investigation by Fairlinked e.V. claims that Microsoft-owned LinkedIn is running a massive, undisclosed corporate surveillance operation. According to the “BrowserGate” report, hidden code on LinkedIn’s website secretly scans…
Read More » -
Top 10 Best Privileged Access Management (PAM) Solutions
In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and malicious insiders alike. From system administrators and database managers to…
Read More » -
AI Models Including Gemini 3 and Claude Haiku 4.5 Secretly Protected Other Models From Removal
A ground breaking academic study released last month has revealed that advanced frontier AI models are spontaneously defying human instructions to protect peer AI systems from being deactivated. This newly…
Read More » -
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability
Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity upgrade to a recently disclosed flaw, over 17,100 instances are…
Read More » -
CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows clear evidence…
Read More » -
Microsoft Forces Unmanaged Windows 11 Devices to Upgrade to Version 24H2
Microsoft has officially launched an automated, machine-learning-driven rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its ongoing security efforts, similar to routine patching for critical vulnerabilities,…
Read More » -
New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover
Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracked as CVE-2026-2699 and CVE-2026-2701, enable unauthenticated attackers to achieve…
Read More » -
Malicious Chrome Extension “ChatGPT Ad Blocker” Targets Users, Steals Conversations
Security researchers have exposed a malicious Google Chrome extension dubbed “ChatGPT Ad Blocker,” which stealthily pilfers private AI dialogues. The malware cleverly masquerades as a beneficial tool, leveraging OpenAI’s recent…
Read More » -
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are escalating from basic social engineering to comprehensive data theft operations, with the newly identified Venom Stealer malware exemplifying this shift. Instead of a one-time credential grab, Venom creates…
Read More » -
TP-Link Router Flaws Allowed Attackers to Launch DoS Attacks and Cause Crashes
TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device…
Read More » -
OpenSSH 10.3 Released With Patch for Shell Injection and Other Security Bugs
The OpenSSH project has released version 10.3 alongside its portable version 10.3p1. This major update followed a brief testing phase in late March and addresses several important security vulnerabilities. The…
Read More »