Abusing DNS record management controls, the threat actor hides the location of malicious content via Cloudflare.

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Forty-two cybersecurity-related merger and acquisition (M&A) deals were announced by companies in February 2026.

A newly discovered InstallFix campaign relies on malicious commands on cloned installation webpages to trick victims into installing malware.

New U.S. cybersecurity strategy outlines six pillars aimed at deterring cyber threats, protecting critical infrastructure, ...

Recent Cisco Catalyst SD-WAN vulnerability, initially exploited as a zero-day, is now being used more frequently by threat actors.

Google says 90 zero-day vulnerabilities were exploited in the wild in 2025, and an increasing percentage were aimed at enterprises.

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

Security firms monitoring US-Israel-Iran cyberattacks report that while hacktivist attacks spiked, state-sponsored actors remain quiet.

The FBI is investigating “suspicious activities” on a system that contains sensitive information related to surveillance ...

LexisNexis has confirmed a data breach after hackers leaked data allegedly stolen from its systems, but impact is limited.

CVE-2021-22681, an old vulnerability affecting ICS products from Rockwell Automation, has been exploited in attacks.