A newly disclosed Linux kernel vulnerability, dubbed pedit COW, is giving threat actors a fast path to root access by silently poisoning cached system binaries in memory without modifying the files stored on disk. Tracked as CVE-2026-46331 the flaw affects ...

The global cybersecurity landscape never stands still. This week, the 2025 list of the “Top 25 Most Dangerous Software Weaknesses” was released. While this extensive data is compiled by MITRE in partnership with the U.S. Homeland Security Systems Engineering and ...

This isn’t a theoretical risk. It’s happening now. For the past year, we’ve discussed the potential for AI to be misused in cybersecurity. Today, that potential has been fully, terrifyingly realized. We are no longer talking about AI-assisted phishing emails. ...

In a chilling demonstration of how quickly advanced spyware can weaponise a single browser flaw, researchers have confirmed that a previously unknown zero-day vulnerability in Google Chrome was actively exploited in targeted espionage attacks — and that the operation appears ...

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. “Site visitors get injected content that was drive-by malware like fake Cloudflare verification,” Sucuri ...

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. “An authenticated user may use ...

In the modern landscape of software development, where projects rely on hundreds or even thousands of dependencies, the greatest risk often lies not in the code you write, but in the packages you inherit. The npm ecosystem, while foundational to ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has made a significant contribution to the global cybersecurity community with the public release of Thorium. This new, open-source platform is designed to assist malware and forensic analysts across government, public, and ...

Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees’ mobile devices remotely. Citrix Endpoint Management offers businesses ...

If you haven’t recently updated your Chrome, Opera, or Edge web browser to the latest available version, it would be an excellent idea to do so as quickly as possible. Cybersecurity researchers on Monday disclosed details about a zero-day flaw ...

A security researcher earlier today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability affecting the widely used internet forum software vBulletin that’s already under active exploitation in the wild. vBulletin is a ...

If you are using TeamViewer, then beware and make sure you’re running the latest version of the popular remote desktop connection software for Windows. TeamViewer team recently released a new version of its software that includes a patch for a ...

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware ...

A United States regulator has fined the credit card provider Capital One Financial Corp with $80 million over last year’s data breach that exposed the personal information of more than 100 million credit card applicants of Americans. The fine was ...

Cybersecurity researchers today highlighted an evasive phishing technique that attackers are exploiting in the wild to target visitors of several sites with a quirk in domain names, and leverage modified favicons to inject e-skimmers and steal payment card information covertly. ...