1+ day, 13+ hour ago  (595+ words) The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic. Threat actors are exploiting a vulnerability in shared content delivery network (CDN) infrastructure to hide connections to malicious domains. Dubbed Underminr,…...

2+ day, 7+ hour ago  (587+ words) Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. Drupal is warning users that it's already seeing attempts to exploit CVE-2026-9082, the highly critical vulnerability patched…...

2+ day, 10+ hour ago  (411+ words) Other noteworthy stories that might have slipped under the radar: CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackout. Here are this week's highlights: Iranian hackers suspected in US gas station tank monitor breaches…...

2+ day, 12+ hour ago  (545+ words) Jacob Butler, 23, has been arrested in Canada and US authorities are seeking his extradition on computer hacking charges. The US Justice Department announced on Thursday that a Canadian man has been arrested for operating the recently disrupted Kimwolf DDo S…...

2+ day, 15+ hour ago  (515+ words) The FBI says First VPN has been used by dozens of ransomware groups for network reconnaissance and intrusions. Authorities in North America and Europe have participated in a law enforcement operation to disrupt First VPN, a popular cybercrime service used…...

2+ day, 16+ hour ago  (508+ words) CVE-2026-34926 is a directory traversal flaw that can be exploited against the on-premise version of Apex One. Trend AI, Trend Micro's enterprise business, has informed customers that it has patched another Apex One vulnerability that has been exploited in the…...

2+ day, 16+ hour ago  (517+ words) Hackers accessed Grafana's Git Hub repositories after a token compromised in the Tan Stack attack was not rotated. Grafana this week revealed that the unauthorized access to the Grafana Labs Git Hub repositories disclosed earlier this month was the result…...

3+ day, 12+ hour ago  (458+ words) Insufficient validation and authentication in the Secure Workload's REST APIs provide remote attackers with Site Admin privileges. Cisco on Wednesday announced patches for a critical-severity vulnerability in Secure Workload that could allow attackers to access site resources with Site Admin…...

3+ day, 12+ hour ago  (375+ words) The company has developed a platform that uses specialized AI agents to inspect every incoming message. Ocean emerged from stealth mode this week with $28 million in funding for its agentic email security platform. The funding came from Lightspeed Venture Partners,…...

3+ day, 13+ hour ago  (568+ words) The company blocked over 1. 1 billion accounts and $2. 2 billion in potentially fraudulent transactions. Apple rejected over 2 million applications from entering the App Store in 2025 and blocked over 1. 1 million fraudulent accounts from being created. These actions, a result of AI use combined…...