Two Apple zero-day vulnerabilities discovered this month have overlap with another mysterious zero-day flaw Google patched last week.

Wiz disclosed a still-unpatched vulnerability in self-hosted Git service Gogs, which is a bypass for a previous RCE bug disclosed last year.

A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims' computers.

Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target.

The US Treasury's Financial Crimes Enforcement Network shared data showing how dramatically ransomware attacks have changed over time.

A maximum-severity vulnerability affecting the React JavaScript library has been exploited in the wild, further stressing the need to patch now.

Global cybersecurity agencies published guidance regarding AI deployments in operational technology, a backbone of critical infrastructure.

The suit alleges the Chinese retailer's app secretly accesses and harvests users' sensitive information without their knowledge or consent.

When prompts were presented in poetic rather than prose form, attack success rates increased from 8% to 43%, on average — a fivefold increase.

Multiple European law enforcement agencies recently disrupted Cryptomixer, a service allegedly used by cybercriminals to launder ill-gotten gains from ransomware and other cyber activities.

It's the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt injections.

This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said.

The regime's cyber-espionage strategy employs dual-use targeting, collecting info that can support both military needs and broader political objectives.

Researcher shows how agentic AI is vulnerable to hijacking to subvert an agent's goals and how agent interaction can be altered to compromise whole networks.

Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia.

The vulnerability could allow an unauthenticated attacker to remotely execute administrative commands.

South America's largest country is notorious for banking malware attacks; Maverick self-terminates if its targeted user is based outside Brazil.

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices around the world.

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.

Security researchers discovered multiple vulnerabilities in AI infrastructure products, including one capable of remote code execution.

A threat actor known as "Curly COMrades" is using Linux VMs to remain undetected in Windows environments while conducting Russia-aligned activities.

In a new cyber threat campaign, attackers are using remote monitoring and management tools to actually steal physical cargo out of the trucking and freight supply chain.

A subsidiary of Japanese marketing and PR giant Dentsu lost sensitive data to unidentified threat actors, the parent company said.

Numerous organizations have been attacked via Oracle EBS zero-day CVE-2025-61882, and evidence suggests more like Schneider Electric could be on that list.

Atroposia, a new RAT malware, offers low-level cybercriminal affiliates the ability to utilize sophisticated stealth and persistence capabilities.

The shared responsibility model of data security, familiar from cloud deployments, is key to agentic services, but cybersecurity teams and corporate users often struggle with awareness and managing that risk.

F5 disclosed a breach this week that included zero-day bugs, source code, and some customer information.

The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo.

SonicWall said a breach it disclosed last month affected firewall configuration files for all customers who have used SonicWall’s cloud backup service — up from its previous 5% estimate.

The three extortion gangs also invited other e-crime attackers to join their collaboration to share attack information and resources, in the wake of LockBit 5.0 being released.

In a recent poll, readers shared how they're using vibe coding in AppDev (if they are at all). While some found success, others found the risks too great.

The infamous Clop gang has targeted a wide range of Oracle E-Business Suite customers using a newly disclosed zero-day vulnerability.