Google recently launched security patches for Chrome to fix 21 different security issues, including a critical zero-day vulnerability that is already being used by attackers. This article has been indexed from CyberMaterial Read the original article: Chrome Zero Day CVE…
Vertex AI Flaw Exposes Cloud Data
Cybersecurity researchers have identified a flaw in Google Cloud’s Vertex AI platform where default service agent permissions allow for potential data exfiltration and unauthorized environment access. This article has been indexed from CyberMaterial Read the original article: Vertex AI Flaw…
Cyberattack Disrupts Phones In MA Towns
A cybersecurity attack discovered early Tuesday has disrupted several Massachusetts towns connected to the Patriot Regional Emergency Communications Center, impacting administrative systems and business phone lines for local police and fire departments. This article has been indexed from CyberMaterial Read…
Mercor Hit By Supply Chain Cyberattack
Mercor, a ten billion dollar artificial intelligence recruiting firm, recently confirmed a major data breach originating from a supply chain attack on the open-source LiteLLM project. This article has been indexed from CyberMaterial Read the original article: Mercor Hit By…
Iranian Hacker Group Handal Claims Breach of Israeli Defense Firm
The international cybersecurity community was alerted to a major data breach involving Israeli military infrastructure. Handala, a recognized Iranian nation-state threat actor, claims to have successfully breached PSK Wind Technologies, a key Israeli defense contractor. The incident has resulted in…
250,000 Affected by Data Breach at Nacogdoches Memorial Hospital
In January 2026, a threat actor hacked the hospital’s internal network and stole personal and health information. The post 250,000 Affected by Data Breach at Nacogdoches Memorial Hospital appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Shut the Front Door on Email Attacks: How to Scale Security Services Without Increasing Workload
Email remains the primary entry point for cyberattacks, driven largely by phishing and account compromise. For attackers, it is often the simplest and most scalable way to gain access: send enough emails, and eventually, someone clicks. What’s changing is not…
IMO Health: 5 Reasons security culture starts with trust
I recently had the opportunity to sit down with Lori Kevin, VP of Security and Compliance at IMO Health, for another installment of the Strategic CISOs conversations series. We covered a topic that many security leaders care about right now:…
OT Cyber Resilience: Strategic Data Protection for IEC 62443 and NIS2 Compliance
Learn how to protect OT systems, ICS, and SCADA infrastructure from ransomware with backup strategies built for legacy, air-gapped industrial environments. The post OT Cyber Resilience: Strategic Data Protection for IEC 62443 and NIS2 Compliance appeared first on Security Boulevard.…
The State of Trusted Open Source Report
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed…
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. “Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages under the…
Fake CERT-UA Site Spreads Go-Based RAT in Phishing Campaign
Hackers have launched a targeted phishing campaign by cloning Ukraine’s official CERT-UA website and distributing malicious software disguised as a security tool, according to a new alert from the national cyber response team. Targets included government agencies, financial institutions, educational…
DarkSword exploit forces Apple to loosen its patching policy
Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is not the first time Apple has backported fixes for older devices based on vulnerability…
Why GitHub Developers Are Targeted by Token Giveaway Scams
GitHub developers face rising giveaway scams. Verify repos, links, and maintainers before acting. Avoid rushed clicks, fake rewards, and risky wallet actions. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original…
TA416 Expands Espionage Operations Across Europe With Web Bug Recon and Malware Delivery
TA416 has returned to Europe with a fresh wave of espionage emails aimed at government and diplomatic staff. The campaign mixes quiet reconnaissance with malware delivery, showing how a patient threat actor can test who opens a message before sending…
FBI Warns of Chinese Mobile Apps May Expose User Data to Cyberattacks
Millions of Americans use mobile apps daily without thinking much about where their data actually goes. The Federal Bureau of Investigation has stepped forward to address that. On March 31, 2026, the FBI released a Public Service Announcement outlining serious…
Critical PX4 Autopilot Vulnerability Let Attackers Gain Control Over the Drones
A newly discovered critical vulnerability in the widely used PX4 Autopilot software could allow malicious actors to take complete control over drone operations. The Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Control Systems (ICS) advisory on March 31,…
Oracle Lays Off 30,000 Employees to Ramp Up Investment in AI Technologies
Oracle has executed a massive workforce reduction, eliminating between 20,000 and 30,000 employees globally to free up cash flow for its aggressive artificial intelligence infrastructure investments. The layoffs, representing roughly 18% of its workforce, were communicated abruptly via email, highlighting…
Cisco Smart Software Manager Vulnerability Let Attackers Execute Arbitrary Commands
Cisco has issued an urgent security warning regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. Enterprise organizations widely use this tool to manage their Cisco software licenses locally. Tracked as CVE-2026-20160, the flaw carries a…
Mercor Hit by LiteLLM Supply Chain Attack
The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor Hit by LiteLLM Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
RFQ Malware Campaign Uses DOCX, RTF, JS, and Python
Hackers are abusing DOCX, RTF, JavaScript, PowerShell, and Python to deliver an in‑memory Cobalt Strike beacon in a stealthy spear‑phishing campaign that impersonates Boeing procurement under the tag NKFZ5966PURCHASE. The operation chains six stages, relies heavily on living‑off‑the‑land binaries, and…
Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown
A WIRED analysis of DHS records identified dozens of specialized federal agents who used force against US civilians during the largest known deployment of its kind in US history. This article has been indexed from Security Latest Read the original…
Possible US Government iPhone Hacking Tool Leaked
Wired writes (alternate source): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to…
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of…