Latest cybersecurity news, threat intelligence, CVE alerts and research — updated hourly.
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701 (CVSS score:
The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data loss prevention rule
AI is shifting from assistive to agentic — a summary test
Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026. To that end, organiza
F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems. The vulnerabilities are listed below - CVE-2026-425
Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than 830 victims since August 2
Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026 with clipboard-intercepting malware with self-spreading capabilities and using the Tor anonym
If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a simple no. The rush to
An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their browser is running fa
The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS attacks ran in memory
A recent incident involving a French-speaking attacker who breached a small French automotive business has highlighted a notable tactic
A recently discovered backdoor, known as SprySOCKS, has expanded its reach to Windows operating systems, with two previously undocumented variants identified
A critical zero-day vulnerability in Cisco IOS XE web UI (CVE-2025-20198) is being actively exploited in the wild, allowing unauthenticated attackers to gain full administrator access.
A new LockBit 4.0 ransomware campaign has targeted at least eight Australian healthcare providers, encrypting patient records and demanding multi-million dollar ransoms.
Most cyberattacks exploit basic misconfigurations that take less than a day to fix. Here's a practical checklist every small business should complete before it's too late.