A CDN-level supply chain attack backdoored over 1.2 million WordPress sites via OptinMonster, TrustPulse and PushEngage. Here is exactly what to check and how to clean up.
-
-
Penetration testing is a controlled attack on your own systems to find exploitable weaknesses before real attackers do. This guide covers how it differs from a vulnerability scan, the main …
-
MIT’s Fractal OS found three previously unknown security behaviours in the Apple M1, including the first confirmed Phantom speculation on Apple Silicon. The findings say less about how dangerous the …
-
The Gentlemen ransomware group has claimed 478 victims — including a UK business used to breach a client — by exploiting unpatched VPN appliances and spending weeks inside networks before …
-
ShinyHunters exploited CVE-2026-35273 for nearly two weeks before Oracle published any advisory. The flaw is serious — but the disclosure gap is the structural failure that put 100 organisations at …
-
Velvet Ant’s decade inside a target network reveals a gap that affects most security programmes: the tools used to report security health are not designed to detect a Linux PAM …
-
CVE-2026-50751’s root cause — a gateway that let clients disable their own certificate verification — reflects a wider design failure. Here’s what it means for how organisations should think about …
-
TLDR Anthropic released Claude Fable 5 on 9 June 2026. It is the first publicly available Mythos-class model. Queries touching cybersecurity, biology, chemistry or model distillation get rerouted to the …
-
TLDR Symantec’s Threat Hunter Team has confirmed Fast16 malware was built to sabotage nuclear weapon simulations. The framework dates back to roughly 2005, around two years before Stuxnet was active. …
-
TLDR In February 2026, hackers broke into a sensitive FBI surveillance network. The FBI wiretap breach targeted the Digital Collection System Network, which stores wiretap data, phone metadata, and personal …
Newer Posts