Latest Cybersecurity News

Stay informed with real-time threat intelligence, vulnerability disclosures, and expert analysis from the cybersecurity community.

All Malware & Threats470 Vulnerabilities240 Data Breaches20 Ransomware0 APT & Threat Actors0 Cloud Security0 MENA Cybersecurity0 Compliance & Frameworks0 Tools & Tutorials0 Industry News1128

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

The Hacker News

Industry News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

The Hacker NewsApr 7, 20262m5

Industry News

AI-Assisted Supply Chain Attack Targets GitHub

Dark Reading

Industry News

AI-Assisted Supply Chain Attack Targets GitHub

PRT-scan is the second in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.

Dark ReadingApr 6, 20261m5

Industry News

Axios Attack Shows Social Complex Engineering Is Industrialized

Dark Reading

Industry News

Axios Attack Shows Social Complex Engineering Is Industrialized

The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.

Dark ReadingApr 6, 20261m5

Industry News

Fortinet Issues Emergency Patch for FortiClient Zero-Day

Dark Reading

Industry News

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

Dark ReadingApr 6, 20261m5

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

The Hacker News

Industry News

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

Iran-linked attacks hit 300+ Israeli M365 orgs in March 2026, reviving ransomware campaigns and escalating regional cyber risks.

The Hacker NewsApr 6, 20264m5

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

The Hacker News

Industry News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data exfiltration.

The Hacker NewsApr 6, 20264m5

Google DeepMind Researchers Map Web Attacks Against AI Agents

SecurityWeek

Industry News

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can be used to manipulate, deceive, and exploit autonomous AI agents navigating the internet, Google DeepMind researchers show. The researchers have identified six types of attacks against AI agents that can be mounted via web content to inject malicious context and trigger ...

SecurityWeekApr 6, 20264m5

Industry News

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

Dark Reading

Industry News

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.

Dark ReadingApr 6, 20261m5

Industry News

Shadow AI in Healthcare is Here to Stay

Dark Reading

Industry News

Shadow AI in Healthcare is Here to Stay

Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius.

Dark ReadingApr 6, 20261m5

Industry News

OWASP GenAI Security Project Gets Update, New Tools Matrix

Dark Reading

Industry News

OWASP GenAI Security Project Gets Update, New Tools Matrix

In recognition of 21 generative AI risks, the standards groups recommends that companies take separate but linked approaches to defending GenAI and agentic AI systems.

Dark ReadingApr 6, 20261m5

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

The Hacker News

Industry News

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

ANY.RUN cuts MTTR by 21 minutes per case, reducing escalations and breach exposure in multi-OS attacks.

The Hacker NewsApr 6, 20266m5

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

The Hacker News

Industry News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

The Hacker NewsApr 6, 202619m6