Latest Cybersecurity News

Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations

Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations

The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves against a growing volume of cyberattacks.

Dark Reading2d ago1m2

Why Security Leadership Makes or Breaks a Pen Test

Why Security Leadership Makes or Breaks a Pen Test

Well-run security drills go beyond checking audit boxes to identify and address trouble spots. Effective leaders can ensure proper scope, access, and follow-through, but it’s not easy.

Dark Reading2d ago1m2

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Apache fixes CVE-2026-23918 in HTTP/2; double-free flaw enables DoS and RCE, impacting version 2.4.66 users.

The Hacker News2d ago3m2

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. "These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belongin...

The Hacker News2d ago1m2

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.

Dark Reading2d ago1m2

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

The malicious emails claim to contain a conduct report and lure victims to a Microsoft phishing website that leverages AitM.

SecurityWeek2d ago3m2

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

UAT-8302 targets governments since 2024 using shared China-linked malware, enabling persistent access and cross-group cyber operations.

The Hacker News2d ago3m2

Hacker Conversations: Joey Melo on Hacking AI

Hacker Conversations: Joey Melo on Hacking AI

AI red team specialist details his methods for manipulating AI guardrails through jailbreaking and data poisoning, helping developers harden machine learning models.

SecurityWeek2d ago11m2

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication.

SecurityWeek3d ago2m2

Critical Remote Code Execution Vulnerability Patched in Android

Critical Remote Code Execution Vulnerability Patched in Android

CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction.

SecurityWeek3d ago2m2

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

OAuth tokens without expiry enable breaches like Drift attack on 700+ firms, bypassing MFA and exposing sensitive data.

The Hacker News3d ago7m2

How the Story of a USB Penetration Test Went Viral