More results...
Mozilla has rolled out comprehensive AI controls in Firefox 148, launching February 24, 2026, allowing users to globally disable all generative AI features across the browser. The update addresses growing user concerns about AI integration while mainta…
Hundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are weaponizing the platform’s extensibility features to deliver d…
Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute arbitrary commands on affected devices. The company released an advisory on…
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a critical vulnerability affecting multiple versions of KiloView Encoder Series devices, warning that unauthenticated attackers could gain full administrative access. Issued unde…
Apache Syncope, a popular open-source identity and access management platform, has disclosed a critical XML External Entity (XXE) vulnerability in its Console component. The vulnerability, tracked as CVE-2026-23795, allows authenticated administrators …
A complex espionage campaign attributed to Chinese APT group Lotus Blossom, active since 2009. The investigation uncovered a sophisticated compromise of Notepad++ distribution infrastructure that delivered Chrysalis, a previously undocumented custom ba…
[Sponsored] The future of ISR lies in integrating human expertise with AI-driven analytic tools at scale.
[Sponsored] As threats evolve, the winning model ties digital engineering to manufacturing capacity and a reindustrialized supply chain.
Microsoft disclosed a critical zero-day vulnerability in Office products on January 26, 2026, tracked as CVE-2026-21509, with active exploitation in the wild confirmed. The vulnerability enables attackers to deploy sophisticated malware through malicio…
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls. Recent research reveals tha…