Latest Cybersecurity News

Stay informed with real-time threat intelligence, vulnerability disclosures, and expert analysis from the cybersecurity community.

All Malware & Threats472 Vulnerabilities240 Data Breaches20 Ransomware0 APT & Threat Actors0 Cloud Security0 MENA Cybersecurity0 Compliance & Frameworks0 Tools & Tutorials0 Industry News1129

Russia Hacked Routers to Steal Microsoft Office Tokens

Krebs on Security

Data Breaches

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens…

Krebs on SecurityApr 7, 20264m5

Max severity Flowise RCE vulnerability now exploited in attacks

BleepingComputer

Malware & Threats

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code.

BleepingComputerApr 7, 20263m5

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

The Hacker News

Industry News

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage.

The Hacker NewsApr 7, 20264m5

The New Rules of Engagement: Matching Agentic Attack Speed

SecurityWeek

Industry News

The New Rules of Engagement: Matching Agentic Attack Speed

The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural.

SecurityWeekApr 7, 20265m5

Trent AI Emerges From Stealth With $13 Million in Funding

SecurityWeek

Industry News

Trent AI Emerges From Stealth With $13 Million in Funding

The startup has created a layered security solution aiming to secure AI agents throughout their entire lifecycle.

SecurityWeekApr 7, 20262m5

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

BleepingComputer

Malware & Threats

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials.

BleepingComputerApr 7, 20265m5

Critical Flowise Vulnerability in Attacker Crosshairs

SecurityWeek

Industry News

Critical Flowise Vulnerability in Attacker Crosshairs

The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system.

SecurityWeekApr 7, 20262m5

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

The Hacker News

Industry News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.

The Hacker NewsApr 7, 20264m5

Industry News

RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever

Dark Reading

Industry News

RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever

Dark Reading's Kelly Jackson Higgins shares insights on the past, present, and future of cybersecurity after attending RSAC 2026 Conference.

Dark ReadingApr 7, 20261m5

Industry News

Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends

Dark Reading

Industry News

Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends

As AI dominated RSAC 2026, CISOs and industry leaders debated its role in security, from agentic applications to the challenges of scaling human involvement in decision-making.

Dark ReadingApr 7, 20261m5

Industry News

Lies, Damned Lies, and Cybersecurity Metrics

Dark Reading

Industry News

Lies, Damned Lies, and Cybersecurity Metrics

A panel of five C-suite leaders discuss how cybersecurity success is measured and why it isn't improving results.

Dark ReadingApr 7, 20261m5

Severe StrongBox Vulnerability Patched in Android

SecurityWeek

Industry News

Severe StrongBox Vulnerability Patched in Android

A critical DoS vulnerability in the Framework component of Android has also been fixed with the latest update.

SecurityWeekApr 7, 20262m5