A New Denial-of-Service Vector in React Server Components
React Server Components (RSC) have introduced a hybrid execution model that expands application capabilities while increasing the potential attack surface.
Following earlier disclosures and fixes...
AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future...
Key Points
Check Point Research (CPR) has discovered that certain AI assistants that support web browsing or URL fetching can be abused as covert...
[R2] Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2:...
Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2 Arnie Cabral Tue, 02/17/2026 - 08:32
Security...
Siemens Simcenter Femap and Nastran
View CSAF
Summary
Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB...
Western cyber alliances risk fragmenting in new world order
The conduct of powerful nations is causing knock-on effects in the cyber world as long-standing security frameworks appear increasingly precarious - Read more
Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets
In April 2025, we reported on a then-new iteration of the Triada backdoor that had compromised the firmware of counterfeit Android devices sold across...
Invitation to Trouble: The Rise of Calendar Phishing Attacks
By: Adrian Andaya and Gabriel Mamaril, Cofense Phishing Defense CenterBefore you click “Accept” on calendar invites, think twice — it could be a phishing...
Canada Goose – 581,877 breached accounts
In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly. The data contained 920k records with 582k...
Unlocking business resilience with full-stack observability in hybrid IT environments
Full-stack observability helps Gulf IT leaders accelerate ROI, strengthen resilience, and advance digital maturity. Learn how to use AI-driven insights and automation to align...
University of Pennsylvania – 623,750 breached accounts
In October 2025, the University of Pennsylvania was the victim of a data breach followed by a ransom demand, largely affecting its donor database....
Latest article
CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT
A new open-source cybersecurity platform called CyberSentinel AI v3.0 has emerged as a significant development in autonomous security tooling, combining 33 real-world penetration testing...
CVE-2025-5791 Users: `root` appended to group listings
Information published. - Read more
JCPenney – 368,418 breached accounts
In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from JCPenney through...
Threat actor adds advanced ‘EDR killer’ tools to ransomware-as-a-service platform
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools capable of successfully disabling...
