11+ hour, 32+ min ago  (628+ words) Cybersecurity researchers have disclosed details of a critical security vulnerability impacting Git Hub. com and Git Hub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command. The flaw, tracked as…...

12+ hour, 12+ min ago  (552+ words) A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called Lofy Stealer (aka Grab Bot). "The malware disguises itself as a Minecraft hack called…...

17+ hour, 53+ min ago  (444+ words) Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done. That assumption is wrong. It is also a major reason…...

15+ hour, 50+ min ago  (679+ words) Threat hunters are warning that the cybercriminal operation known as VECT 2. 0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for…...

19+ hour, 21+ min ago  (563+ words) When patching isn't fast enough, NDR helps contain the next era of threats. If you've been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure,…...

21+ hour, 54+ min ago  (245+ words) A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U. S. from Italy." Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group…...

1+ day, 1+ min ago  (487+ words) Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4. 3), a spoofing vulnerability that could allow…...

23+ hour, 14+ min ago  (407+ words) An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part…...

1+ day, 16+ hour ago  (246+ words) Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains got hit. Fake help desks worked. Weird research showed how easy some attacks still are....

1+ day, 15+ hour ago  (351+ words) Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. "Based on current evidence, we believe this data originated from…...