That WhatsApp file from a trusted contact may not be safe.
A new VBS malware campaign is spreading through WhatsApp Desktop/Web and installing ManageEngine Endpoint Central for remote access on Windows PCs.
A new VBS malware campaign is spreading through WhatsApp Desktop/Web and installing ManageEngine Endpoint Central for remote access on Windows PCs.
A 1997 parser bug is still haunting Squid.
Squidbleed (CVE-2026-47729) can leak another user’s cleartext HTTP request through a shared Squid proxy, including credentials or session tokens.
Squidbleed (CVE-2026-47729) can leak another user’s cleartext HTTP request through a shared Squid proxy, including credentials or session tokens.
A fake Node.js download was the start of a real malware chain.
Elastic researchers found a new #malvertising campaign using Google Ads to deliver OXLOADER, a previously unreported loader that drops CastleStealer.
The payload was staged through Storj and built to avoid analysis.
Elastic researchers found a new #malvertising campaign using Google Ads to deliver OXLOADER, a previously unreported loader that drops CastleStealer.
The payload was staged through Storj and built to avoid analysis.
Canada’s spy service got a court order to remotely clean malware-infected devices.
CSIS used its threat reduction powers to neutralize two foreign-run botnets operating through Canadian servers, SOHO routers, cameras, TVs, and other IoT gear.
The ruling stayed secret for more than 2 years.
CSIS used its threat reduction powers to neutralize two foreign-run botnets operating through Canadian servers, SOHO routers, cameras, TVs, and other IoT gear.
The ruling stayed secret for more than 2 years.
The critical NGINX flaws now have a clearer technical path.
CVE-2026-42530 comes down to an HTTP/3 lifetime mismatch that can leave a freed stream pointer treated as valid.
CVE-2026-42055 lets oversized HPACK data write past its buffer, causing unauthenticated worker crashes.
CVE-2026-42530 comes down to an HTTP/3 lifetime mismatch that can leave a freed stream pointer treated as valid.
CVE-2026-42055 lets oversized HPACK data write past its buffer, causing unauthenticated worker crashes.
Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents.
Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks.
Cyber Dispatch™️
2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack.
This is what a real hacker looks like.
😁3👍1
Cyber Dispatch™️
2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack.
This is what a hacker looks like in movies.
👍4🔥1
🤣3❤1👏1
Petro alleges U.S.–Israeli cyber units interfered in elections after right-wing candidate narrowly wins Colombian presidency.
China overtakes US with world's fastest supercomputer
China's LineShine supercomputer has surpassed the US-based El Capitan to become the world's fastest supercomputer, reaching a processing capacity of 2.198 exaflops, according to the latest TOP500 rankings.
China's LineShine supercomputer has surpassed the US-based El Capitan to become the world's fastest supercomputer, reaching a processing capacity of 2.198 exaflops, according to the latest TOP500 rankings.
Cisco Unified CM admins should check WebDialer now.
CVE-2026-20230 is being exploited, and vulnerable WebDialer-enabled systems can be abused by unauthenticated attackers to write files.
CVE-2026-20230 is being exploited, and vulnerable WebDialer-enabled systems can be abused by unauthenticated attackers to write files.