Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

May 23, 2026 at 03:21PM Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted mu…

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

May 23, 2026 at 12:53PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical se…

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

May 22, 2026 at 11:05PM Authorities in Europe and North America have announced the dismantling of a criminal virtual private netw…

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective

May 22, 2026 at 05:08PM 1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be…

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks

May 22, 2026 at 02:20PM The U.S. Department of Justice (DoJ) on Thursday announced the arrest of a Canadian man in connection wit…

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

May 22, 2026 at 11:17AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws imp…

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

May 22, 2026 at 11:06AM Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could al…

When Identity is the Attack Path

May 21, 2026 at 04:00PM Consider a cached access key on a single Windows machine. It got there the way most cached credentials do…

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

May 21, 2026 at 01:05PM Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained und…

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

May 21, 2026 at 09:14AM Drupal has released security updates for a "highly critical" security vulnerability in Drupal C…

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem

May 20, 2026 at 04:00PM AI-generated lookalike domains are now embedded inside the third-party scripts running on your web proper…

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

May 20, 2026 at 01:58PM Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following…