🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Linus Torvalds Critiques AI-Powered Bug Hunters for Linux Security Linux kernel boss Linus Torvalds has declared that the project’s security mailing list has become “almost entirely unmanageable” ...

Dutch Cops’ Shame Game Works Wonders 🚔 The Netherlands police’s scheme to unmask and shame scammers into submission is proving highly successful, with 74 of its 100 most wanted now known to invest...

ShinyHunters Hack 7-Eleven: Franchisee Data and Salesforce Records Exposed 🚨 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce...

New Reaper Malware Alert 🚨 A malicious new malware is targeting macOS users, disguised as a critical system update and popular workplace software. Cybersecurity firm SentinelOne’s research unit, S...

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks 🚨 INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests...

How a Government Contest Launched a Revolution in AI-Based Bug Hunting These increasingly sophisticated open-source tools are the product of the Defense Advanced Research Projects Agency’s (DARPA)...

Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild Security researcher Patrick Garrity from VulnCheck revealed that threat actors are actively targeting CVE-2026-42945, a hea...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2026-7373 Rapid7 - Metasploit Pro...

Grafana Rejects Ransom Demand After Source Code Theft 🚨 Grafana Labs has reported that an attacker gained access to part of its GitHub environment using a compromised token, allowing them to downl...

Microsoft Rejects Critical Azure Vulnerability Report 🚨 A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report and blocking a CVE fro...

Security Update Guide - Loading The Base Score increases the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable component. If the vulnerable component is...

Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities 🚨 Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap ...

First Public Kernel Memory Corruption 🚀 Apple has spent five years developing hardware and software to make memory corruption exploits significantly harder. However, our engineers, in collaboratio...

Gamaredon’s Infection Chain: Spoofed Emails, GammaDrop and GammaLoad 🚀 Investigating Gamaredon’s abuse of CVE-2025-8088, we identified a dozen waves of spearphishing emails targeting Ukrainian sta...

Zero-day Exploit Bypasses Windows 11 BitLocker Protection 🚨 A zero-day exploit circulating online allows individuals with physical access to a Windows 11 system to bypass default BitLocker protect...

The Time of Much Patching is Coming 🚀 The reality is that software engineering is hard. Identifying and fixing bugs before they make it into production code is challenging. Source code peer review...

Tether Tron Trm Financial Crime Unit Freezes 450 Million in Crypto Funds 🚀 A financial crimes unit formed by three major cryptocurrency firms announced Thursday that it has frozen more than $450 m...

Welcome to Day One of Pwn2Own Berlin 2026! 🎉 Today, 22 entries took the Pwn2Own stage to target AI Databases, Coding Agents, Local Inferences, and a separate category for NVIDIA products. The worl...

PraisonAI Vulnerability Scanned Within Hours 🚨 A newly disclosed authentication bypass flaw (CVE-2026-44338) in PraisonAI drew near-instant probing, exposing risks from default-insecure AI APIs. J...