Dutch Finance Ministry takes treasury banking portal offline after breach

The Dutch Ministry of Finance took some of its systems offline, including the digital portal for treasury banking, while ...

New RoadK1ll WebSocket implant used to pivot on breached networks

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to ...

Critical Citrix NetScaler memory flaw actively exploited in attacks

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler ...

Hacker charged with stealing $53 million from Uranium crypto exchange

U.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto ...

Healthcare tech firm CareCloud says hackers stole patient data

Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption ...

Apple adds macOS Terminal warning to block ClickFix attacks

Apple has introduced a security feature in macOS Tahoe 26.4 that blocks pasting and executing potentially harmful commands in Terminal and alerts users to possible risks.

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...

European Commission confirms data breach after Europa.eu hack

The European Commission has confirmed a data breach after its Europa.eu web platform was hacked in a cyberattack claimed by the ShinyHunters extortion gang.

Microsoft pulls KB5079391 Windows update over install issues

Microsoft has pulled a buggy Windows 11 non-security preview update to investigate a known issue that triggers 0x80073712 errors during installation.

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...

Bubble AI app builder abused to steal Microsoft account credentials

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...