Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...

A malware campaign which targets macOS systems, distributed using a ClickFix attack, has evolved to exploit Script Editor as the execution vector rather than the typical Terminal-based point of ...

Last August, some of the best cybersecurity teams in the business gathered in Las Vegas to demonstrate the strength of their AI bug-finding systems at DARPA’s Artificial Intelligence Cyber Challenge ...

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.

AI and the industrialization of cybercrime are helping attackers double the number of high- and critical-severity known vulnerabilities they can exploit — in half the time. The gap between ...