13+ hour, 9+ min ago  (390+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet products. On April 13, 2026, the agency added a severe SQL injection vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. This addition confirms…...

9+ hour, 12+ min ago  (403+ words) Fortinet has disclosed two critical security vulnerabilities affecting its Forti Sandbox platform, both carrying a CVSSv3 score of 9. 1. The flaws, published on April 14, 2026, could allow unauthenticated remote attackers to execute arbitrary commands and bypass authentication entirely, posing a serious risk to…...

14+ hour, 26+ min ago  (621+ words) Cybercriminals are changing the way they break into organizations. Instead of sending malicious emails and waiting for someone to click a link, attackers are now picking up the phone and calling their way into corporate systems. This shift is one…...

15+ hour, 38+ min ago  (795+ words) APT41 is once again pushing its Linux capabilities forward, this time by quietly turning cloud servers into powerful credential theft platforms. The group's latest Winnti-family backdoor is a zero'detection ELF implant designed specifically for Linux workloads running on AWS, Google Cloud,…...

3+ day, 21+ hour ago  (390+ words) A single threat actor compromised nine Mexican government agencies and stole hundreds of millions of citizen records in a highly sophisticated cyberattack. The campaign, which ran from late December 2025 through mid-February 2026, highlights a dangerous shift in the modern threat landscape....

4+ day, 15+ hour ago  (626+ words) Iranian state-backed hacking group Muddy Water has made a decisive operational shift, adopting a Russian-built Malware-as-a-Service platform to power a new campaign against Israeli targets. The operation, built around a previously unknown tool called Chain Shell, marks a clear departure…...

4+ day, 16+ hour ago  (452+ words) Cybersecurity researchers have identified five distinct security flaws in the TP-Link Archer AX53 v1. 0 router. When exploited, these flaws allow attackers on the same network to execute system commands, cause system crashes, and steal sensitive configuration files, ultimately leading to the complete…...

5+ day, 14+ hour ago  (341+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added this flaw, tracked as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…...

6+ day, 10+ hour ago  (366+ words) To ensure these powerful tools are used defensively, the company has launched Project Glasswing to collaborate with industry partners and patch critical software systems. Claude Mythos Preview represents a massive upgrade over older models like Opus 4. 6, which could find bugs…...

1+ week, 5+ hour ago  (560+ words) A new supply chain attack has surfaced targeting software developers who work with AI coding tools. On March 20, 2026, a threat actor published a malicious npm package named'gemini-ai-checker'under the account'gemini-check, presenting it as a simple utility to verify Google Gemini AI…...