CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

April 21, 2026 at 11:53AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabil…

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

April 20, 2026 at 10:44PM A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could…

Why Most AI Deployments Stall After the Demo

April 20, 2026 at 05:00PM The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Promp…

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

April 20, 2026 at 04:12PM Cybersecurity researchers have discovered a critical "by design" weakness in the Model Cont…

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

April 20, 2026 at 01:04PM Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specificall…

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials

April 20, 2026 at 09:05AM Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain una…

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

April 18, 2026 at 01:29PM Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last ye…

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

April 18, 2026 at 11:31AM Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to…

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

April 17, 2026 at 11:16AM An international law enforcement operation has taken down 53 domains and arrested four people in conn…

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

April 17, 2026 at 08:52AM A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exp…

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

April 16, 2026 at 11:22PM Cybersecurity researchers have warned of an active malicious campaign that's targeting the workfo…

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

April 16, 2026 at 04:00PM A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking end…