🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Robinhood Account Creation Flaw Abused to Send Phishing Emails 🚨 Online trading platform Robinhood’s account creation process was exploited by threat actors to inject phishing messages into legiti...

Canada Arrests Three for Operating SMS Blaster Device in Toronto 🚨 Canadian authorities have arrested three men for operating an “SMS blaster” device that pretends to be a cellular tower to send p...

ClickUp’s Hardcoded API Key Exposes 959 Emails from Fortune 500 Giants 🚨 A publicly accessible JavaScript file on ClickUp’s homepage has been silently leaking nearly a thousand corporate and gover...

Microsoft Entra Agent ID Flaw 🚨 A critical flaw in the Microsoft Entra Agent ID has been identified, allowing privilege escalation and tenant takeover via Service Principal abuse. This vulnerabili...

Critical Bug in CrowdStrike LogScale 🚨 CrowdStrike recently disclosed a critical vulnerability, tracked as CVE-2026-40050, affecting its LogScale self-hosted product. The company has released secu...

American Utility Firm Itron Discloses Breach of Internal IT Network 🚨 Breaking News: Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its inte...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2026-6951 n/a - simple-git ...

California Money Launderer Sentenced to 70 Months Evan Tangeman, 22, of Newport Beach, California, was sentenced today in U.S. District Court to 70 months in prison for laundering millions of doll...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-59308 n/a - n/a In Mah...

🚨 NASA Employees Duped in Chinese Phishing Scheme 🚨 The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed...

Uncovering fast16: A Cyber Sabotage Framework 🚀 SentinelLABS has uncovered a previously undocumented cyber sabotage framework whose core components date back to 2005, tracked as fast16. This frame...

Apache ActiveMQ Vulnerability Report 🚨 The Apache ActiveMQ series, provided by The Apache Software Foundation, has been found to have an issue with the improper validation of MQTT packets. Specifi...

New US House Privacy Bills Raise Hard Questions About Enterprise Data Collection US House Republicans have introduced two major privacy proposals that would reshape how US companies collect, proce...

More Ancient Linux Device Support Faces the Chop 🚀 One tactic to deal with LLM-powered vulnerability detection is simple - just speed up the removal of old code. If it’s gone, it no longer matters...

Medical Data of 500,000 UK Volunteers Listed for Sale on Alibaba 🚨 Breaking News! Half a million Britons signed up to help cure cancer, but their medical data has ended up for sale on Alibaba. The...

Intrado 911 Emergency Gateway Vulnerability 🚨 A newly disclosed path traversal vulnerability, tracked as CVE-2026-6074, impacts the Intrado 911 Emergency Gateway (EGW), which provides critical ser...

Executive Summary China-nexus cyber actors have transitioned from using individually procured infrastructure to operating large-scale covert networks - botnets built from compromised routers and o...

FIRESTARTER Backdoor Malware Analysis 🚨 The Cybersecurity and Infrastructure Security Agency (CISA) has conducted an analysis of a sample of FIRESTARTER malware obtained from a forensic investigat...

FIRESTARTER Backdoor Analysis 🚨 The Cybersecurity and Infrastructure Security Agency (CISA) has conducted an in-depth analysis of the FIRESTARTER malware, which was obtained during a forensic inve...