ShinyHunters Claims 350GB EU Commission Breach — Databases, Emails, and Contracts Up for Leak
The European Commission confirmed on Friday that its public-facing web infrastructure was hit by a cyberattack discovered on March 24 — and now a th…
Security
The LiteLLM Hack Was Just the Opening Move. Now 300K Dark Web Users Are Being Armed With Ransomware
What started as a poisoned Python package has evolved into something with far darker implications — a coordinated alliance between supply chain hacke…
Hackers Are Actively Exploiting a Critical Microsoft SharePoint Flaw — Patch Now
Attackers are exploiting a critical remote code execution (RCE) vulnerability in Microsoft SharePoint that Microsoft patched two months ago but many …
How Third-Party Risk Management Solutions Are Protecting from Supply Chain Attacks
In 2025, cybersecurity teams across Australia noticed a worrying trend. Breaches were no longer coming only from direct attacks on banks or financial…
Hackers Poisoned a Python Package Trusted by 95 Million Monthly Installs — and It Stole Everything
The Python package that quietly powers AI infrastructure for thousands of organizations — routing API calls across OpenAI, Anthropic, Bedrock, and 10…
10 Top AI Tools for Red Teaming in 2026
Red teaming has traditionally been defined by creativity, unpredictability, and human intuition. Unlike vulnerability assessments, red team operation…
Magento's REST API Has Let Anyone Upload Malicious Files Since Day One
A security flaw hiding in Magento's codebase since its very first release has finally surfaced — and it's bad. Researchers at Sansec disclos…
7 Email Security Mistakes That Put Your Business at Risk
If you run a business today, you probably live in your inbox. Quotes, invoices, HR updates, login links, calendar invites, everything passes through …
One Packet. Full Root. GNU Telnetd Has a Critical Hole Nobody Logged
Security researchers have found a critical, pre-authentication remote code execution flaw in the telnetd server in GNU Inetutils that allows any unau…
A Two-Year-Old JavaScript Worm Locked Wikipedia
A rogue script quietly planted in Russian Wikipedia in March 2024 lay undetected until a Wikimedia Foundation security engineer inadvertently woke it…
Google Uncovers "Coruna": The iOS Exploit Kit That Jumped From Spies to Scammers
Google's Threat Intelligence Group (GTIG) has pulled back the curtain on one of the most technically accomplished iOS exploit kits ever documente…
7 Best Next Gen Endpoint Security Platforms in 2026
Endpoint security has evolved from reactive malware prevention into a strategic control layer embedded across identity, cloud, SaaS, and AI-driven op…
Google Is Testing the HTTPS Replacement Designed to Outlast Quantum Computers
The padlock icon in your browser is about to undergo its most radical overhaul in 30 years. Google has cracked a problem that had the security commun…
New AirSnitch Attack Bypasses WPA2 and WPA3 Client Isolation
What security feature did your router vendor quietly add to stop Wi-Fi users from attacking each other? It doesn't work. A team of academic resea…