Security Alerts & News
Alerts on this page are updated daily.

- NetNut proxy network disrupted, 2 million infected devices cut off
- ARToken PhaaS exposes EvilTokens’ Microsoft 365 phishing toolkit
- Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
- Claude Fable relaunch disappoints users with nerfed performance
- Google loses final appeal to overturn €4.1 billion EU fine
- ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
- Microsoft fixes bug that removed Copilot buttons in Outlook
- Cisco finally confirms attackers exploiting Unified CM flaw
- CISA: Microsoft SharePoint RCE flaw now actively exploited
- Opera rolls out Paste Protect feature to fight ClickFix attacks
- ST Engineering iDirect iQ-Series Terminals
- Gardyn IoT Hub
- CubeSpace CW0057 Reaction Wheel
- CISA Adds One Known Exploited Vulnerability to Catalog
- StoneFly Storage Concentrator
- Schneider Electric EcoStruxure IT Data Center Expert
- Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M
- OFFIS DCMTK Toolkit
- Schneider Electric EasyLogic T150 and Saitel DP RTU
- Frangoteam FUXA SCADA/HMI
- Accelerate your innovation
- David Potter, the man who put Psion in the palm of your hand, logs off at 82
- Amazon Leo constellation nears 400 satellites as broadband launch looms
- AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data
- Startup targets datacenters with 3D-printed nuclear reactor module
- NetNut cracked as Google and FBI target 2 million-device botnet
- AI bills are baffling the C-suite after shift to usage-based pricing
- EU appears to find datacenter emissions easier to offset than lobbyists
- Databricks unifies OLTP and OLAP, depending on what counts as a copy
- User swore hacker called General Failure had invaded his PC
- Verifiable Digital Credential Presentment
- Advancing Product Security: New IoT Guidance and New Engagement
- Stronger Cybersecurity, Stronger Business: NIST Celebrates 2026 National Small Business Week
- From DMV to Wallet: Understanding Verifiable Digital Credential Issuance
- Reflections from the Second NIST Cyber AI Profile Workshop
- All aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.
- Celebrating Two Years of CSF 2.0!
- Celebrating Data Privacy Week with NIST’s Privacy Engineering Program
- Digital Identities: Getting to Know the Verifiable Digital Credential Ecosystem
- A NICE Retrospective on Shaping Cybersecurity’s Future
- Building more resilient CNI: what industry pen testers told us
- The AI shift in cyber risk: why leaders must act now
- Alert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways
- The ‘vibe coding spectrum’ approach to AI-assisted software development
- NCSC CEO: Hostile states linked to three-quarters of cyber attacks affecting UK’s critical systems
- Software supply chain attacks: check your dependencies
- Designing secure access with ZTNA
- Thinking carefully before adopting agentic AI
- 10 questions to ask when using AI models to find vulnerabilities
- Preparing for a ‘vulnerability patch wave’
- Erlang security advisory (AV26-651)
- GitHub security advisory (AV26-650)
- WatchGuard security advisory (AV26-649)
- Adobe security advisory (AV26-647) – Update 1
- AL26-016 – Vulnerability impacting Citrix NetScaler CVE-2026-8451
- Progress security advisory (AV26-552) – Update 1
- Google Chrome security advisory (AV26-648)
- Cisco security advisory (AV26-646)
- AL26-015 – Critical vulnerability impacting Microsoft SharePoint Server – CVE-2026-45659
- Citrix security advisory (AV26-645) – Update 1

- Improving security posture across the Microsoft partner ecosystem
- Microsoft named a leader in the Frost Radar for cloud and application runtime security
- Accelerating the quantum-safe timeline
- What’s new in Microsoft Security: June 2026
- Securing AI agents: When AI tools move from reading to acting
- Chromium extension uses AI‑related branding to redirect browser search
- Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
- Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms
- CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms
- StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them
- CERT-In’s AI Vulnerability Blueprint: Why Indian CISOs Need Machine-Speed Risk Operations in the Post-Mythos Era
- 3 Paths to Upgrade Windows 11 before 24H2 End of Servicing (EOL)
- CNAPP’s New Normal: Hyper-Prioritization and Autonomous Remediation at Cloud Scale
- Oracle Critical Patch Update, June 2026 Security Update Review
- What Changed in OWASP Top 10 2025 and Recommendations for Each Category
- How Federal Agencies Can Activate a Risk Operations Center (ROC) to Meet CISA BOD 26-04
- Turning Millions of Risks Into One Actionable List
- Microsoft and Adobe Patch Tuesday, June 2026 Security Update Review
- Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing
- From Operating Model to Product: How We Built the ROC for Detection-Speed Remediation
- Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
- New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
- New Avalon Malware Framework Packs CrownX Ransomware Capabilities
- North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
- Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
- European Parliament Member Investigating Spyware Was Hacked With Pegasus
- PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
- Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
- Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
- ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories