🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Trapdoor Android Ad Fraud Scheme Hits 659 Million Daily Bid Requests 🚨 Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Andro...

Important Security Update Alert 🚨 Drupal has issued an alert stating that it intends to release a core security release for all supported branches on May 20, 2026, from 5-9 p.m. UTC. The Drupal Se...

Disrupting Fox Tempest: A Cybercrime Service Today, Microsoft unsealed a legal case in the US District Court for the Southern District of New York targeting a cybercrime service known as Fox Tempe...

Verizon 2026 Data Breach Investigations Report (DBIR) A data breach is a security incident where unauthorized individuals gain access to sensitive, protected, or confidential data. The Verizon Dat...

Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts 🚀 The highly anticipated Pwn2Own Berlin 2026 hacking competition concluded on 16 May 2026, following three days of intense activity...

Linus Torvalds Critiques AI-Powered Bug Hunters for Linux Security Linux kernel boss Linus Torvalds has declared that the project’s security mailing list has become “almost entirely unmanageable” ...

Dutch Cops’ Shame Game Works Wonders 🚔 The Netherlands police’s scheme to unmask and shame scammers into submission is proving highly successful, with 74 of its 100 most wanted now known to invest...

ShinyHunters Hack 7-Eleven: Franchisee Data and Salesforce Records Exposed 🚨 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce...

New Reaper Malware Alert 🚨 A malicious new malware is targeting macOS users, disguised as a critical system update and popular workplace software. Cybersecurity firm SentinelOne’s research unit, S...

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks 🚨 INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests...

How a Government Contest Launched a Revolution in AI-Based Bug Hunting These increasingly sophisticated open-source tools are the product of the Defense Advanced Research Projects Agency’s (DARPA)...

Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild Security researcher Patrick Garrity from VulnCheck revealed that threat actors are actively targeting CVE-2026-42945, a hea...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2026-7373 Rapid7 - Metasploit Pro...

Grafana Rejects Ransom Demand After Source Code Theft 🚨 Grafana Labs has reported that an attacker gained access to part of its GitHub environment using a compromised token, allowing them to downl...

Microsoft Rejects Critical Azure Vulnerability Report 🚨 A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report and blocking a CVE fro...

Security Update Guide - Loading The Base Score increases the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable component. If the vulnerable component is...

Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities 🚨 Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap ...

First Public Kernel Memory Corruption 🚀 Apple has spent five years developing hardware and software to make memory corruption exploits significantly harder. However, our engineers, in collaboratio...

Gamaredon’s Infection Chain: Spoofed Emails, GammaDrop and GammaLoad 🚀 Investigating Gamaredon’s abuse of CVE-2025-8088, we identified a dozen waves of spearphishing emails targeting Ukrainian sta...