Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Ravie LakshmananJun 20, 2026Vulnerability / Web Security Threat actors are exploiting a recently patched security flaw…
-
-
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Ravie LakshmananJun 13, 2026Vulnerability / Enterprise Software Splunk has released security updates to address a critical…
-
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
Ravie LakshmananJun 06, 2026Cybersecurity / Artificial Intelligence OpenAI has begun rolling out a new Lockdown Mode…
-
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Ravie LakshmananMay 30, 2026Vulnerability / Network Security Palo Alto Networks has warned that a recently disclosed…
-
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
Ravie LakshmananMay 23, 2026Software Supply Chain / DevSecOps GitHub has rolled out new controls for npm…
-
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
Ravie LakshmananMay 16, 2026Vulnerability / Website Security A critical security vulnerability impacting the Funnel Builder plugin…
-
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
Ravie LakshmananMay 09, 2026Vulnerability / Web Hosting cPanel has released updates to address three vulnerabilities in…
-
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Ravie LakshmananMay 02, 2026Data Breach / Enterprise Security Cybersecurity company Trellix has announced that it suffered…
-
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that…
-
[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
Mohit KumarApr 18, 2026Artificial Intelligence / Enterprise Security In 2024, compromised service accounts and forgotten API…
-
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments…
-
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following…
-
Lloyds Group to Compensate 450,000 Customers After App Glitch
Lloyds Banking Group to compensate 450,000 customers after app glitch exposed data. Find out how the…
-
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Ravie LakshmananMar 28, 2026Vulnerability / Network Security A recently disclosed critical security flaw impacting Citrix NetScaler…
-
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
Ravie LakshmananMar 21, 2026Cyber Espionage / Threat Intelligence Threat actors affiliated with Russian Intelligence Services are…
-
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a…
-
ShinyHunters Claims 1 Petabyte Data Theft from Telecom Giant Telus
The Canadian telecoms giant Telus is currently picking up the pieces after a massive security breach…
-
Hackers Spread Fake Red Alert Rocket Alert App to Spy on Israeli Users
A deceptive mobile phone campaign has been discovered by the research firm Acronis targeting people in…
