From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape ...

The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government ...

CISA warns of a new SmarterTools SmarterMail vulnerability exploited by ransomware groups for unauthenticated RCE.

Ransomware attacks surged 52% in 2025, with supply chain breaches nearly doubling as groups like Qilin drive record monthly incidents worldwide.

Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim's computer by ...

Apple has patched CVE-2026-20700, a dyld code execution vulnerability exploited in an extremely sophisticated attack.

Assailants armed with guns and grenades have carried out nearly a dozen coordinated attacks across southern Pakistan QUETTA, Pakistan -- Assailants armed with guns and grenades carried out nearly a ...

Beware, a sneaky new variation of the homogaph phishing method is proving yet again that what you see isn't always what you get. Cybercriminals are using a nearly invisible typographical trick to ...

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

Clawdbot's MCP implementation has no mandatory authentication, allows prompt injection, and grants shell access by design. Monday's VentureBeat article documented these architectural flaws. By ...