Interpol Launches Sweeping Cybercrime Crackdown in MENA Region
Over 200 people were arrested in an anti-cybercrime operation that spanned 13 countries across the Middle East and North Africa - Read more
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Non-mobile statistics
In the third quarter of 2025, we updated the methodology...
Dify: When Your AI Platform Becomes the Attack Surface
Executive Summary
We identified a couple of vulnerabilities in AI automation platform Dify resulting in cross-tenant sensitive information disclosure and one-click account takeover. These findings reinforce the pattern we documented in our previous n8n blogpost: even though AI automation platforms are increasingly becoming integration hubs for complex workflows, their security...
MPs propose ‘kill switch’ to shut down rogue AI systems
An amendment to the Cyber Security and Resilience Bill proposes giving the government a ‘kill switch’ to close datacentres hosting AI if they pose...
Click, Install, Compromised: The New Wave of Zoom-Themed Attacks
By Cobi Aloia, Cofense Phishing Defense CenterAs with most things, change is inevitable - especially for threat actors operating in a rapidly evolving threat...
Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments
Introducing Pathfinding Labs, a collection of intentionally vulnerable AWS environments for red teamers and blue teamers to deploy, exploit, and use for detection validation....
CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection
Information published. - Read more
Canvas hack: is it ever a good idea to pay a ransom, and what...
Businesses are advised against paying – but many are prepared to deal to protect users’ privacyAfter a week of outages, hundreds of millions of...
Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2
Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh...
CVE-2026-42945: Imperva Customers Protected Against Critical NGINX Rewrite Module Vulnerability
TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
