Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace.

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses.

NAKIVO Inc. announced the general availability of NAKIVO Backup & Replication v11.2, focused on fast, reliable, and proactive data protection.

Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in the Microsoft Teams desktop client.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers.

The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due to the growing workload from rising submission volumes.

Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple's servers, increasing legitimacy and potentially allowing them to bypass spam filters.

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data.

The Cisco ISE vulnerabilities are particularly significant because ISE plays a key role in network access control and policy enforcement.

In response to the Vercel security incident, the company has issued a set of security recommendations for users and administrators.

The Cyber Security Council noted that many cases involving sensitive personal data exposure are the result of simple, preventable mistakes.

Microsoft has released out-of-band (OOB) updates to fix issues affecting Windows Server systems after installing the April 2026 security updates.

Microsoft has reverted a recent service update that was preventing some customers from launching the Microsoft Teams desktop client.

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems.

India’s top intelligence agency arrested a suspected key conspirator accused of supplying fraudulently obtained SIM cards to cybercriminal networks, as part

GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.