A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated ...

Italian authorities have dismantled a piracy ecosystem centered around the CINEMAGOAL app that provided access to various ...

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks ...

Fraud losses don't stop at chargebacks. False declines, account takeovers, and abuse also damage revenue and trust. IPQS ...

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges.

Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to ...

Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation ...

U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide.

A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a ...

Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits ...