Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

CISA adds four actively exploited vulnerabilities to its KEV catalog, including Chrome RCE, Zimbra SSRF, Windows ActiveX, and ...

Dell RecoverPoint zero-day CVE-2026-22769 exploited since 2024 to gain root access and deploy GRIMBOLT, BRICKSTORM backdoors in targeted attacks.

Citizen Lab and Amnesty link Cellebrite extractions and Predator spyware to surveillance of activists and journalists.

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Cybersecurity in 2026 shifts to AI defense, Zero Trust identity, lifecycle security, and post-quantum crypto readiness.

Keenadu firmware backdoor infects Android tablets via signed OTA updates, enabling remote control, ad fraud, and data theft ...

Outlook add-in phishing, Chrome and Apple zero-days, BeyondTrust RCE, cloud botnets, AI-driven threats, ransomware activity, ...

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack automation.

Hands-on NDR testing reveals AI-assisted threat hunting, deep network visibility, and SOC workflow integration benefits.

Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed ...