CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

Ukraine is claiming a rare, largely bloodless victory in its war with Russia after a sweeping shutdown of battlefield ...

Ukrainian President Volodymyr Zelensky urged allied countries to press Moscow into ending its all-out invasion, which began almost four years ago on Feb. 24 2022.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

AI browsers can be hijacked through prompt injection, turning assistants into insider threats. Learn how these exploits work & how to protect data.

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...

A zero-day vulnerability in Chromium-based browsers, identified as CVE-2025-10585, allows active exploitation through the V8 JavaScript engine's just-in-time compiler. Users are advised to update ...