Ivanti EPMM zero-day flaws enabled cyberattacks on Dutch, EU, and Finnish government systems, exposing employee contact and device data.

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...

Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between ...

“There is no direct attribution associated with the source IPs, though the activity is consistent with known malicious ...

Despite rapid generation of functional code, LLMs are introducing critical, compounding security flaws, posing serious risks for developers.

News this week covers a two-week period due to illness. Among the big security stories from that period, Substack announced the loss of user data, ...

President Prabowo criticized businesses that exploit regulations and vowed to root out corruption, urging investors to support job creation.

Practical DevSecOps launches the Certified Security Champion course to help orgs bridge the talent gap by upskilling ...

Security researchers warn of active attacks on SolarWinds Web Help Desk. Malicious actors are exploiting vulnerabilities to infiltrate systems and then ...

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user ...