Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year.
CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.
Microsoft disclosed a credential theft campaign targeting 35,000+ users at 13,000+ organizations across 26 countries.
No description available.
Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands.
Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods.
Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.
The Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective.
Cybersecurity firm Kaspersky reports that the Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective.
Shortly after the authentication-bypass flaw was disclosed multiple proof-of-concept exploits appeared, and one researcher claims there's been zero-day activity for at least a month.
Cisco on Monday announced its intent to acquire Astrix Security, a startup focused on securing non-human identities (NHIs) such as API keys, service accounts, and OAuth tokens increasingly used by applications and AI agents. In a blog post, Cisco said the acquisition is aimed at extending zero tr...
VENOMOUS#HELPER phishing campaign active since April 2025 has impacted 80+ organizations, mainly in the U.S., using SSA-themed lures.
