Exploits and vulnerabilities in Q1 2026
During Q1 2026, the exploit kits leveraged by threat actors to target user systems expanded once again, incorporating new exploits for the Microsoft Office...
Woflow – 447,593 breached accounts
In March 2026, the AI-driven merchant data platform Woflow was named as a victim by the ShinyHunters data extortion group. The group subsequently published...
How one partnership powers search for over 2 million WP Engine users
Discover how WP Engine innovates with Google Cloud and Elastic to deliver high-precision search and seamless integration for modern software vendors. - Read more
Quantum Risk Explained
Summary Quantum computing is moving from theory toward early practical use, with direct implications for encryption, authentication, and long-term data confidentiality. The...
New compliance guide available: ISO/IEC 42001:2023 on AWS
We have released our latest compliance guide, ISO/IEC 42001:2023 on AWS, which provides practical guidance for organizations designing and operating an Artificial Intelligence Management...
Your Redis Server Looks Fine. That’s the Problem.
Introduction
There’s an automated attack circulating right now that breaks into unprotected Redis servers, takes over the underlying machine, and then carefully puts everything back...
CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk
CISA warns that the nine-year-old Linux Copy Fail flaw is being actively exploited, allowing local attackers to gain root access on affected systems.
The post...
UK financial security experts participate in sector-wide hackathon
Teams of security pros from UK financial services organisations came together at the end of April to participate in a hackathon exercise -...
LegionProxy – 10,144 breached accounts
In April 2026, the commercial residential and ISP proxy network LegionProxy suffered a data breach. The incident exposed 10k email addresses, bcrypt password hashes,...
Insights into the clustering and reuse of phone numbers in scam emails
Cisco Talos has recently started to collect and gather intelligence around phone numbers within emails as an additional indicator of compromise (IOC). In this blog, we discuss new insights into in-the-wild phone number reuse in scam emails. According...
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
