Stories cluster related articles into a single narrative, linked to the underlying CVEs and affected products. 288 stories synthesized.
Security experts are advocating for the adoption of Build Application Firewalls to inspect runtime behavior within software build pipelines, aiming to prevent sophisticated supply chain attacks.
A cyber espionage group is targeting aerospace and drone firms to steal GIS files, terrain models, and GPS data.
Hackers exploited a vulnerability in Skoda's online shop to access customer names, addresses, and contact information.
A critical look at modern purple teaming suggests that many organizations are failing to integrate their red and blue teams effectively.
Cloudflare is laying off 1,100 employees as part of an AI-driven restructuring, despite strong Q1 financial results.
Large Language Models have been shown to be highly effective at hiding secret messages within other text, posing new detection challenges.
Instagram has removed end-to-end encryption for direct messages, allowing the company to access message content.
TrustCloud has introduced new agentic AI capabilities to its TrustLens TPRM platform, aiming to replace inefficient questionnaire-based risk assessment models with faster, automated workflows.
A new report from Check Point Research indicates that the ransomware ecosystem is consolidating, with the top 10 groups responsible for the majority of victim activity in Q1 2026.
Checkmarx is working to remove a malicious version of its Jenkins AST Scanner plugin after an unauthorized upload to the Jenkins Marketplace was found to contain an infostealer.
F-Secure's latest report reveals that scammers are increasingly utilizing AI to upgrade the sophistication and reach of their fraudulent campaigns.
The TrickMo Android banking malware has evolved to use the TON blockchain for stealthy command-and-control communications, targeting users across Europe.
Instructure has confirmed that the Canvas learning platform was hit by two rounds of unauthorized activity, as the ShinyHunters extortion group threatens to leak data from millions of students and staff.
A cyberattack that disabled Taiwan's bullet train system for nearly an hour has sparked global concerns regarding the resilience of critical infrastructure against state-sponsored threats.
A new Linux vulnerability known as 'Dirty Frag' (CVE-2026-43284 and CVE-2026-43500) has been disclosed, with reports suggesting it may already be under exploitation.
A malicious repository impersonating OpenAI's 'Privacy Filter' on Hugging Face has been used to distribute a Rust-based information stealer to over 244,000 users.
The latest weekly security roundup from Malwarebytes Labs summarizes key incidents and developments from May 4th through May 10th, 2026.
Rustinel is a new open-source endpoint detection agent that provides a unified telemetry collection framework for both Windows and Linux systems.
The second edition of Jason Andress's 'Foundations of Cybersecurity' has been released, updating core security concepts to include cloud, mobile, IoT, and AI threats.
A World Economic Forum report reveals that 77% of organizations are now utilizing AI to manage cybersecurity alert overload and improve incident response.
A multi-year phishing campaign has impacted more than 500 organizations across critical infrastructure, aviation, and energy sectors.
The latest SANS Internet Storm Center Stormcast podcast provides a summary of cybersecurity news and technical updates for May 11th, 2026.
YARA-X version 1.16.0 has been released, featuring four improvements and four bug fixes to enhance the tool's performance.
A malvertising campaign is using deceptive Google Ads and Claude.ai shared chats to trick Mac users into downloading and installing malware.
