A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why ...

Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from ...

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based ...

Attackers are exploiting vulnerabilities faster than many organizations can identify and patch them. SecAlerts explains why ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched ...

Multiple Instagram users had their accounts hijacked after attackers convinced Meta’s AI-powered support tools that they were the legitimate owners. In many cases, impacted users are unable to recover ...

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. Local attackers can exploit the actively abused ...

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...