Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

May 31, 2026 at 05:52PM Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, inc…

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

May 30, 2026 at 12:11PM Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS an…

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

May 29, 2026 at 11:37PM Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the …

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

May 29, 2026 at 04:00PM Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something b…

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

May 29, 2026 at 02:41PM Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software dev…

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

May 29, 2026 at 11:27AM The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed …

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

May 28, 2026 at 10:54PM A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git servi…

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

May 28, 2026 at 07:03PM Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spin…

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"

May 28, 2026 at 05:00PM State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise …

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

May 28, 2026 at 01:24PM A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organiz…

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

May 27, 2026 at 05:18PM CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous d…

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

May 27, 2026 at 05:00PM When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summ…