Live cybersecurity intelligence

Know what's breaking in security.

Cybersecurity intelligence for cybernerds.

Read the latest Browse categories

categories: 17
sources: 16
refresh: hourly

BreakingAkira affiliates are burning through unpatched VPN appliances again

The wire

Latest intelligence

CriticalRansomware & Extortion

Akira affiliates are burning through unpatched VPN appliances again

A fresh Akira wave is chaining a known SSL-VPN auth bypass to land inside mid-market manufacturers within hours. If your edge appliance missed last quarter's patch, assume you're already on a target list.

6 hours ago3 min read1 comments

MediumGlobal Advisories & Alerts

Flipper One project needs community help to build open Linux platform

Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. [...]

5 hours ago1 min read0 comments

CriticalExploits & Zero-Days

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek .

5 hours ago1 min read0 comments

MediumGlobal Advisories & Alerts

Socket Raises $60 Million at $1 Billion Valuation

The company will invest in its firewall, certified patches, protection extensions, new products, and team expansion. The post Socket Raises $60 Million at $1 Billion Valuation appeared first on SecurityWeek .

5 hours ago1 min read0 comments

MediumBig Tech & Cloud Providers

When Identity is the Attack Path

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically.

5 hours ago1 min read0 comments

MediumBig Tech & Cloud Providers

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days

The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. The post Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days appeared first on SecurityWeek .

6 hours ago1 min read0 comments

ResolvedGlobal Advisories & Alerts

Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI

More than 200 vulnerabilities patched in recent Chrome releases are marked as ‘reported by Google’. The post Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI appeared first on SecurityWeek .

6 hours ago1 min read0 comments

CriticalExploits & Zero-Days

Edge-device zero-day is being exploited before a patch exists

A pre-auth remote code execution bug in a widely deployed edge gateway is under active exploitation with no vendor fix yet. Workarounds exist — apply them and watch your logs closely.

6 hours ago3 min read0 comments

MediumSupply Chain & Third-Party Risks

Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility

New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking. The post Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility appeared first on SecurityWeek .

8 hours ago1 min read0 comments

HighData Breaches & Cloud Leaks

Another open bucket spills 12M customer records — and nobody noticed for months

A storage bucket left world-readable exposed names, emails, and partial payment data for an estimated 12 million customers. The lesson is old but evergreen: default-deny on object storage, then verify.

8 hours ago2 min read0 comments

Coverage

Know what's breaking in security.

Latest intelligence

Every corner of the threat landscape