Latest Cybersecurity News

Stay informed with real-time threat intelligence, vulnerability disclosures, and expert analysis from the cybersecurity community.

All Malware & Threats470 Vulnerabilities240 Data Breaches20 Ransomware0 APT & Threat Actors0 Cloud Security0 MENA Cybersecurity0 Compliance & Frameworks0 Tools & Tutorials0 Industry News1128

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

SecurityWeek

Industry News

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool.

SecurityWeekApr 16, 20262m5

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

The Hacker News

Industry News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls.

The Hacker NewsApr 16, 20264m5

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

SecurityWeek

Industry News

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched.

SecurityWeekApr 16, 20263m5

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

BleepingComputer

Malware & Threats

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company's Salesforce environment earlier this month.

BleepingComputerApr 16, 20263m5

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

The Hacker News

Industry News

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

Taboola pixel redirected logged-in banking users to Temu in February 2026 audit, exposing GDPR and PCI DSS risks.

The Hacker NewsApr 16, 20263m5

SecurityWeek

Industry News

Cisco Patches Critical Vulnerabilities in Webex, ISE

The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS.

SecurityWeekApr 16, 20262m5

Ransomware Hits Automotive Data Expert Autovista

SecurityWeek

Industry News

Ransomware Hits Automotive Data Expert Autovista

The automotive analysis and data company is working with external experts to investigate the attack.

SecurityWeekApr 16, 20262m5

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

SecurityWeek

Industry News

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’.

SecurityWeekApr 16, 20263m5

US nationals behind DPRK IT worker 'laptop farm' sent to prison

BleepingComputer

Malware & Threats

US nationals behind DPRK IT worker 'laptop farm' sent to prison

Two U.S. nationals have been sent to prison for helping North Korean remote information technology (IT) workers to pose as U.S. residents and get hired by over 100 companies across the country, including many Fortune 500 firms.

BleepingComputerApr 16, 20263m5

Microsoft: April Windows Server 2025 update may fail to install

BleepingComputer

Malware & Threats

Microsoft: April Windows Server 2025 update may fail to install

Microsoft is investigating an issue causing this month's KB5082063 security update to fail to install on some Windows Server 2025 systems.

BleepingComputerApr 16, 20262m5

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Hacker News

Industry News

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

CERT-UA reports UAC-0247 targeted clinics in March–April 2026, stealing browser and WhatsApp data, enabling lateral movement.

The Hacker NewsApr 16, 20263m5

Industry News

6-Year Ransomware Campaign Targets Turkish Homes & SMBs

Dark Reading

Industry News

6-Year Ransomware Campaign Targets Turkish Homes & SMBs

While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption.

Dark ReadingApr 16, 20261m5

Latest Cybersecurity News

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

Cisco Patches Critical Vulnerabilities in Webex, ISE

Ransomware Hits Automotive Data Expert Autovista

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

US nationals behind DPRK IT worker 'laptop farm' sent to prison

Microsoft: April Windows Server 2025 update may fail to install

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

6-Year Ransomware Campaign Targets Turkish Homes &amp; SMBs

6-Year Ransomware Campaign Targets Turkish Homes &amp; SMBs

6-Year Ransomware Campaign Targets Turkish Homes & SMBs

6-Year Ransomware Campaign Targets Turkish Homes & SMBs