More results...
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-32432, this code injection flaw is currently being e…
QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network video surveillance solution. Disclosed on March 21, 2026, under the security advisory identifier QSA-26-07, th…
Recent threat research reveals a severe security crisis affecting low-cost IP-KVM devices. Security experts discovered nine vulnerabilities across four popular vendors, transforming these cheap management tools into powerful attack platforms. Compromis…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple ecosystem. Officially added to the Known Exploited Vulnerabilities (KEV) catalog on March 20, 2026, th…
A major data breach has reportedly compromised Crunchyroll, the popular Sony-owned anime streaming service. Threat actors claim to have successfully stolen 100 GB of personally identifiable information (PII) from the platform. The breach allegedly took…
The notorious hacking collective known as LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving multinational pharmaceutical giant AstraZeneca. The threat actors are reportedly attempting to sell a compressed…
Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity Manager and Oracle Web Services Manager. Tracked as CVE-2026-21992, this vulnerability allows attackers to compromis…
A highly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered on March 19, 2026, this breach represents the second major security…
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released a joint cybersecurity advisory regarding a widespread phishing campaign. The alert warns that Russian Intelligence Services…
Threat actors are actively distributing the PureLog Stealer through a sophisticated, multi-stage attack campaign disguised as legal copyright violation notices. This information-stealing malware is engineered to silently harvest sensitive data, includi…