Google Cloud Platform (GCP) Cloud Logging Cross-Tenant Denial of Wallet with Log Analytics
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant Denial of Wallet with Log Analytics Tenable Research has identified and responsibly disclosed a Denial of Wallet...
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant BigQuery Leak with Log Analytics
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant BigQuery Leak with Log Analytics Tenable Research has identified and responsibly disclosed a data exfiltration vulnerability in...
South Korea fines Louis Vuitton, Christian Dior, Tiffany $25M for SaaS security failures
South Korea’s data protection authority has handed down a combined KRW 36 billion (approximately US$25 million) in administrative fines to...
Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames
A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok. These fake “AI assistants” spy...
Ransomware Groups Claimed 2,000 Attacks in Just Three Months
Ransomware attacks surged 52% in 2025, with supply chain breaches nearly doubling as groups like Qilin drive record monthly incidents worldwide.
The post Ransomware Groups...
CVE-2025-59213 Configuration Manager Elevation of Privilege Vulnerability
Updated information to include CVSS scores. This is an informational change only. - Read more
CVE-2026-21517 Windows App for Mac Installer Elevation of Privilege Vulnerability
Download links fixed - Read more
Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third
G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk - Read...
Fake AI Assistants in Google Chrome Web Store Steal Passwords and Spy on Emails
Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at LayerX -...
Critical Apple Flaw Exploited in ‘Sophisticated’ Attacks, Company Urges Rapid Patching
Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices.
The post Critical Apple Flaw Exploited...
Latest article
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other...
Metasploit Wrap-Up 05/01/2026
MCP serverThis release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications...
Windows shell spoofing vulnerability puts sensitive data at risk
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability...
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations...
