CISA issued BOD 26-04, ordering federal agencies to patch a critical actively exploited Ivanti Sentry vulnerability by Sunday.

Danish pharma giant Novo Nordisk disclosed a data breach affecting patient information from clinical trials. Here's what happened and what it means.

Microsoft has resolved a known issue causing Windows updates since May 2025 to fail when installed via the WUSA standalone installer from a network share.

Learn how dark web forums reveal early signals of supply-chain attacks through leaked repos, stolen API keys, and GitHub access sales.

400+ Arch User Repository packages are distributing a Linux rootkit and infostealer targeting credentials and access tokens. Here's what you need to know.

A Ukrainian national extradited from Ireland has pleaded guilty to conspiracy charges tied to the notorious Conti ransomware operation.

A decade-old auth bypass bug in phpBB lets attackers log in as any user, including admins. Here's what you need to know and how to stay protected.

Maine took its public data breach reporting portal offline after fake breach notices appeared on the state website, triggering a full procedural review.

Chinese hackers seized control of an organization's authentication stack and maintained covert access for 10 years, monitoring all admin activity.

A former Iowa school district IT employee was sentenced to 21 months in prison for a prolonged cyberattack that disrupted classrooms and caused major damage.

The FBI, Google, and Black Lotus Labs have taken down Outsider Enterprise, a Chinese phishing-as-a-service platform stealing card data at scale.

As nations race to dominate AI, data centers have become high-value targets. Learn how AI sovereignty is reshaping cybersecurity strategy.