…Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that prioritizes security updates for Federal Civilian Executive Branch (FCEB) agencies. The directive aims to reduce the threat…
…Symantec also found that PowerShell, used in previous Seedworm attacks, was still heavily used in the recent incidents, although the payloads were controlled through Node.js loaders rather than directly. PowerShell was…
Australia warns of ClickFix attacks pushing Vidar Stealer malware By Bill Toulas May 7, 2026 02:00 PM The Australian Cyber Security Center (ACSC) is warning organizations of an ongoing malware campaign…
…GTI has stated this breach appeared to be focused on gathering credentials which may lead to phishing attempts." The institution noted that the incident affected only GTI's third-party system and…
SAP fixes critical flaws in NetWeaver and Commerce Cloud By Bill Toulas June 9, 2026 03:36 PM SAP has released fixes for 15 vulnerabilities as part of its June 2026 Security…
Check Point links VPN zero-day attacks to Qilin ransomware gang By Sergiu Gatlan June 8, 2026 09:05 AM Israeli cybersecurity company Check Point has released security updates to patch a…
…An investigation into the incident revealed that the threat actor had gained access to the victim network at least 18 months before detection, and had also compromised the victim organization's managed…
…The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root." Cisco's Product Security Incident Response Team (PSIRT) is aware of publicly available proof-of…
What 345 Days of Untested Exposure Looks Like at a Bank Sponsored by Sprocket Security June 3, 2026 10:02 AM In April, a single VPN vulnerability led to data breaches at…
…A company spokesperson told BleepingComputer that attackers only accessed a "limited amount" of data in the incident, but didn't reply to a subsequent email asking if they breached Kodak's internal…
