CVE-2026-21519 Desktop Window Manager Elevation of Privilege Vulnerability
Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. - Read more
5 Key Takeaways from The New Era of Phishing: Threats Built in the Age...
Artificial intelligence has transformed how organizations operate—and threat actors are moving just as quickly. In Cofense’s recent webinar, The New Era of Phishing: Threats...
Toy Battles – 1,017 breached accounts
In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses...
Association Nationale des Premiers Secours – 5,600 breached accounts
In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum. The breach...
Tech impersonators: ClickFix and MacOS infostealers
Datadog identified an active campaign employing fake GitHub repositories impersonating software companies and leveraging the ClickFix initial access technique to deliver macOS infostealers. ...
CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote...
OverviewOn February 6, 2026, BeyondTrust released security advisory BT26-02, disclosing a critical pre-authentication Remote Code Execution (RCE) vulnerability affecting its Remote Support (RS) and...
Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)
We are grateful to the research team at Atredis for sharing their findings around a vulnerability (CVE-2026-1814) impacting our vulnerability management offerings (InsightVM and...
Hackers Exploiting Ivanti EPMM Devices to Deploy Dormant Backdoors
Hackers are actively exploiting Ivanti Endpoint Manager Mobile (EPMM) appliances to plant “dormant” backdoors that can sit unused for days or weeks. Ivanti...
Latest article
‘Agents of Chaos’: New Study Shows AI Agents Can Leak Data, Be Easily Manipulated
As enterprise AI agent adoption accelerates, a new study exposes a governance gap that leaves most organizations unable to stop their own systems
The post...
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent...
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025 - Read more
Stryker Cyber Attack – Hackers Claim System Breach and Device Wipe
On March 11, 2026, the global medical technology giant Stryker experienced a severe cyberattack when Iranian-linked hackers used wiper malware to permanently erase data...
