Toxic combinations form when AI agents, integrations, or OAuth grants bridge SaaS apps into trust relationships no single ...

Lotus Wiper hit Venezuela’s energy sector in late 2025, exploiting pre-Windows 10 1803 systems, wiping drives and crippling ...

"A regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages cause the managed authenticated ...

Updated LOTUSLITE targets India banking sector via CHM and DLL side-loading, expanding espionage campaign to South Korea and ...

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

Ransomware negotiator pleads guilty to aiding BlackCat in 2023; leaked victim data enabled $1.2M extortion and $10M seizure.

BREAK flaws in Lantronix and Silex converters expose nearly 20,000 devices online, enabling takeover and data tampering.

SystemBC C2 exposed 1,570+ victims tied to The Gentlemen since July 2025, revealing expanding ransomware scale.

Integrated threat intelligence reduces MTTR using data from 15,000 organizations and 600,000 analysts, limiting dwell time ...

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

NGate abuses HandyPay in Brazil since Nov 2025, stealing NFC data and PINs to enable ATM fraud and unauthorized payments.

CISA adds 8 exploited vulnerabilities to KEV, sets April 23 and May 4, 2026 deadlines, driving urgent federal patching.