Latest stories — Page 25

Vulnerabilities

The Exposures Defenders Will Be Cleaning Up in 2026

From memory-leak bugs like MongoBleed to forgotten admin panels, the attack surface keeps growing faster than patch cycles.

3 min
AI Security

Fifteen Rogue JetBrains Plugins Posed as DeepSeek Assistants to Siphon AI Keys

A coordinated campaign on the JetBrains Marketplace dressed up credential stealers as LLM-powered coding helpers. The payload? Your provider keys.

3 min
Breaches

DBIR 2026: Vulnerabilities and Ransomware Shape Incident Readiness

Verizon's latest report reveals exploitation of vulnerabilities and rising ransomware as key challenges. Preparation is crucial.

2 min
Vulnerabilities

Oracle's June 2026 CPU: 245 Patches Across Communications, EBS, and Enterprise Manager

Oracle's second monthly Critical Patch Update ships a significant fix load. If you're running EBS or Enterprise Manager in AWS or on-prem, your change window just got scheduled for you.

2 min
AI Security

Old Risk Frameworks Can't Handle AI. Here Are the New Ones That Try.

From ISO 42001 to NIST's AI RMF and ENISA's layered playbook, a clutch of frameworks is competing to define how organizations govern AI risk — each targeting a different gap.

3 min
AI Security

Someone Wallpapered the @mastra npm Namespace With Malicious Builds

A hijacked maintainer account pushed 144 booby-trapped packages across the Mastra AI framework before anyone noticed. The attacker called it 'easy-day-js.' It was.

2 min
Vulnerabilities

CISA Flags Joomla Content Editor Bug as Actively Exploited; CVSS 10.0

CVE-2026-48907 in Widget Factory's JCE extension hands attackers arbitrary file actions on unpatched Joomla sites. Federal agencies get the standard three weeks.

2 min
Cloud Security

Microsoft's Email Security Claims Under Scrutiny: Experts Weigh In

Microsoft's latest data suggests a single-vendor approach may be enough for email security, but experts urge caution.

2 min
Cloud Security

'Pickle in the Middle': Vertex AI SDK Bug Let Outsiders Hijack Model Uploads

Unit 42 researchers describe a bucket-squatting flaw in Google's Python SDK that handed code execution inside Vertex AI's serving stack to attackers with no project access.

3 min
Threat Intelligence

Three New Loaders Ride the ClickFix Wave: BabaDeda, Lorem Ipsum, and Potemkin

Separate research teams have pinned three distinct loader families on the same social-engineering pattern, with education and finance taking the brunt of the April 2026 activity.

3 min
Identity & Access

UK's Under-16 Social Media Ban Turns Every Signup Into an Identity Checkpoint

Spring 2027 rules will force ID uploads or face scans at account creation. The IAM bill comes due — and so does the breach surface.

3 min
Threat Intelligence

Rokarolla Android Trojan Hits 217 Banking and Crypto Apps

Researchers at Zimperium's zLabs catalogued 137 remote commands in the new malware, including PIN capture and clipboard hijacking against crypto wallets.

2 min
AI Security

AI in Cybersecurity: What Security Leaders Actually Need to Know

Dozens of experts weigh in on how artificial intelligence is reshaping both offense and defense — and why the gap between the two may be widening faster than policy can close it.

2 min
AI Security

Ent Raises $100 Million Seed Round to Build Intent-Aware Endpoint Security

The stealth-mode startup says its platform reads behavioral intent before risky actions execute — a bet that pre-action inference can replace post-breach detection.

2 min
Cloud Security

TrustCloud Wants to Kill the Security Questionnaire. Here's the Pitch.

Continuous analysis of security, infrastructure, and governance data sounds compelling. Whether it replaces the questionnaire grind depends on what 'real-time' actually means at the data layer.

2 min
Threat Intelligence

UNC6508 Spent a Year Inside US and Canadian Research Networks via Trojanized REDCap

A China-linked espionage group hijacked REDCap's own upgrade process to plant persistent malware across academic, medical, and defense-adjacent research environments.

2 min
Threat Intelligence

Anonymized Infrastructure Now Touches 94% of Incidents, and Most SOCs Are Still Playing Catch-Up

Survey data points to a persistent gap between IP enrichment volume and the analyst's ability to answer a simple question: who's actually on the other end?

2 min
Policy & Regulation

CISA Sets Three-Day Patch Deadline for Actively Exploited LiteSpeed cPanel Plugin Flaw

CVE-2026-54420 lands on the KEV catalog, triggering a BOD 22-01 remediation clock for federal civilian agencies.

2 min
Threat Intelligence

SprySOCKS Crosses Over: Windows Variants Surface With Driver-Level Hiding

Two undocumented Windows builds of the China-linked backdoor — tagged WIN_DRV and WIN_PLUS — extend a toolset previously seen only on Linux.

2 min
Vulnerabilities

Three FortiSandbox Bugs Under Active Exploitation, Including a 9.1 Path Traversal

Threat intel firm flags in-the-wild abuse of CVE-2026-39813, CVE-2026-39808 and CVE-2026-25089 within a 24-hour window.

2 min
Vulnerabilities

Cisco's SD-WAN Manager Has a Write-to-Root Problem — and Attackers Found It First

CVE-2026-20262 lets an authenticated attacker overwrite arbitrary files on Cisco Catalyst SD-WAN Manager, with a clear path to root. No workaround exists. Exploitation is already underway.

2 min
© 2026 Threat Vectr