Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
The FBI received over 1 million complaints of malicious activity in 2025, with investment, BEC, and tech support scams causing the highest losses.
Signature Healthcare was forced to cancel some services, and pharmacies are unable to fill prescriptions due to the hacker attack.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Focused on persistence, the botnet does not engage in widespread infection and avoids blacklisted IPs and critical infrastructure entities.
46% of identity activity sits outside IAM visibility, enabling hidden risk and privilege gaps across enterprise systems.
The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution.
The APT28 threat group exploited vulnerable TP-Link and MikroTik routers to conduct adversary-in-the-middle (AitM) attacks.
Claude Mythos finds thousands of zero-days as Anthropic launches Project Glasswing, enhancing defenses but exposing AI security risks.
Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial theft.
Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices.
Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber conflict.
