2+ hour, 46+ min ago  (205+ words) Following a brief testing phase in late March 2026, this major update addresses several high-impact vulnerabilities, with the most urgent being a dangerous shell injection flaw in the SSH client. The centerpiece of this release is the patching of a shell…...

3+ hour, 40+ min ago  (456+ words) The Qilin ransomware group has deployed a highly sophisticated, multi-stage infection chain that can disable more than 300 endpoint detection and response (EDR) solutions, effectively blinding security tools before ransomware is executed. Discovered and analyzed by Cisco Talos Intelligence, the attack…...

23+ hour, 24+ min ago  (411+ words) Disguised as a massive order request from a fake "Joyce Malave," the attack uses a weaponized Word document to launch a complex, six-stage kill chain. By chaining together legacy document features, obfuscated scripts, and a full Python runtime, attackers are…...

1+ day, 9+ min ago  (383+ words) Apple has aggressively broadened the deployment of iOS 18.7.7 and iPadOS 18.7.7, pushing the update to millions of additional devices via Automatic Updates to defend users against the DarkSword exploit, a sophisticated, web-based attack vector capable of silently compromising unpatched iPhones and…...

23+ hour, 46+ min ago  (395+ words) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability in Google Chrome and Chromium-based browsers that is being actively exploited in real-world cyberattacks. The flaw, officially tracked as CVE-2026-5281, has been added…...

1+ day, 1+ hour ago  (419+ words) On March 31, 2026, security researchers identified a severe supply chain attack targeting Axios, a popular HTTP client for JavaScript handling over 70 million weekly downloads. Two updated versions of the package, 1.14.1 and 0.30.4, were compromised by a malicious dependency that installs remote access…...

1+ day, 2+ hour ago  (433+ words) A critical unauthenticated remote code execution vulnerability in Cisco's Smart Software Manager On-Prem platform could allow attackers to seize full root control of enterprise license management infrastructure. Cisco has issued a high-priority security advisory warning of a critical vulnerability in…...

1+ day, 2+ hour ago  (356+ words) Cybersecurity researchers have uncovered a highly sophisticated malware campaign that delivers the notorious Remcos Remote Access Trojan (RAT). Remcos is a widespread threat known for providing attackers with backdoor access to infected systems and collecting sensitive information. This newly analyzed…...

1+ day, 3+ hour ago  (331+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding a severe vulnerability in the PX4 Autopilot system. This critical flaw could allow malicious actors to completely take over unmanned aerial vehicles (UAVs) and drones deployed across vital…...

1+ day, 4+ hour ago  (379+ words) A high-severity local privilege escalation flaw in Symantec's Data Loss Prevention Agent for Windows could hand attackers complete control over enterprise machines, and it requires no special permissions to exploit. Security researchers have disclosed a critical vulnerability in the Symantec…...