Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

The National Institute of Standards and Technology is preparing to shift its role in the globally-adopted vulnerability ...

The widely used open-source library has been patched to defend against a heap buffer overflow flaw that’s been in the code since its inception.

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws ...

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of ...

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and ...

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, ...

Three new threat groups started targeting ICS and other OT systems in 2025, according to a new report from cybersecurity company Dragos.

Mobile apps hide most risk behind login screens. AI-driven testing now pierces that blind spot, exposing real threats before attackers do.

As far as your computer is concerned, it's a fully trusted peripheral. So it sneaks right past detection systems to log keystrokes and other data.

Don't relax: This is a 'when, not if' scenario AI agents and other systems can't yet conduct cyberattacks fully on their own ...