Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
insider risk AI cybersecurity
AI Is Reshaping Risk Faster Than Strategy Can Catch Up
March 10, 2026
Ponemon Institute has released the 2026 Cost of Insider Risks Global Report, sponsored by Dtex, to explore the state of insider threats in the modern landscape. The report reveals that insider risk costs have risen…
Read More >
identity identity-first security
When Credentials Become the Exploit
March 09, 2026
Darktrace’s Annual Threat Report 2026 starts with a familiar problem for defenders: known software flaws are growing faster than most teams can keep up with. The report tallies 48,185 CVEs published in 2025, a 20.6%…
Read More >
Pexels Duncanoluwaseun 226232
Open-Source Risk Accelerating Faster Than Governance
March 09, 2026
The latest Open Source Security and Risk Analysis (OSSRA) report issued by Black Duck reveals a sharp escalation in software supply chain risk. Driven by explosive dependency growth, duplicated components, and AI-generated code, open-source vulnerabilities…
Read More >
Ivanti EPMM vulnerabilities
Ivanti EPMM and the New Attack Surface of Trust
March 03, 2026
Ivanti disclosed two zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) product on Jan. 29. Both flaws—CVE-2026-1281 and CVE-2026-1340—are code-injection bugs that Ivanti says can allow unauthenticated remote code execution on a vulnerable EPMM server.…
Read More >
Unit42 identity security
Attackers Aren’t Breaking In Anymore — They’re Logging In
March 03, 2026
Unit42, the threat intelligence and security consulting team at Palo Alto Networks, has published the Global Incident Response Report 2026, exploring threat trends likely to influence the landscape for the rest of the year. The…
Read More >
Dell RecoverPoint zero-day
The Dell RecoverPoint Zero-Day and China’s Expanding Playbook
March 02, 2026
Dell recently put out an advisory and security update for CVE-2026-22769, a critical vulnerability in many versions of Dell RecoverPoint for Virtual Machines. The flaw has been actively exploited in the wild since mid-2024, with…
Read More >
Chrome extensions LayerX
Somebody Is Watching: AI Weaponizes Fake Chrome Extensions to Spy on Users
February 26, 2026
The promise of productivity has turned AI tools into effective lures for cybercriminals. Researchers at LayerX Security recently exposed AiFrame, a coordinated campaign of 30 malicious Chrome browser extensions that impersonated well-known AI assistants in…
Read More >
vibecoding £5 botnet
How a Single AI Prompt Built a 90-Host Botnet
February 24, 2026
AI cybersecurity company Darktrace recently observed a botnet incident involving 91 compromised hosts, in which the threat actors brought in only five British pounds in earnings. Darktrace’s global honeypot network, CloudyPots, captured a completely AI-generated…
Read More >
VoidLink AI malware
How VoidLink Signals the Dawn of Machine-Built Malware
February 24, 2026
For years, security researchers have warned that artificial intelligence could eventually let a single operator produce malware that rivals the output of an entire development team. Two recent investigations into a Linux command-and-control framework called…
Read More >
Sysdig cloud security AWS
Eight Minutes to Admin: AI Just Changed the Cloud Threat Model
February 19, 2026
The Sysdig Threat Research Team (TRT) discovered a threat operation against an Amazon Web Services (AWS) environment on November 28th, 2025. The attacker in this incident was able to progress from initial access to administrative…
Read More >
agentic AI security secure AI
The Agentic AI Security Gap Is Already Here
February 17, 2026
In the past several years, AI has increasingly been adopted by individuals and organizations alike for both personal and business purposes. Unfortunately, it has also been implemented by many cybercriminals to enhance their attacks, and…
Read More >
Poland Electrum electric grid cyber attack
Poland Grid Hack Signals Shift in Cyberwarfare Strategy
February 16, 2026
A new report from Dragos confirms what many in the energy sector had suspected: the December 2025 cyberattack on Poland’s power grid was a deliberate test of the system’s vulnerabilities. There were no blackouts. Electricity…
Read More >
DockerDash AI
DockerDash Exposes the Dark Side of AI Trust in DevOps
February 16, 2026
The AI explosion in recent years has led to widespread adoption in a variety of business environments, including the rapid rise of AI assistants inside DevOps and cloud workflows. These “trusted” tools are now embedded…
Read More >
Zscaler shadow AI risk
AI Everywhere, Oversight Nowhere: The New Enterprise Risk Blind Spot
February 12, 2026
Zscaler recently released the ThreatLabz 2026 AI Security Report, offering insight into the state of security amid the AI explosion. The growth of AI usage is becoming exponential as more and more organizations adopt AI…
Read More >
Netwrix cybersecurity identity security
Identity: The New Data Perimeter in the Age of Agentic AI
February 10, 2026
A new forecast from Netwrix Security Research Lab argues that the next wave of cybersecurity disruption will not come from new exploits, but rather from scaled attacks. “Soon, cybersecurity will stop being a people-scaling problem…
Read More >
WinRAR patched vulnerability
A Patched Flaw Still Opening Doors: Inside the WinRAR Exploit Surge
February 06, 2026
Months after it was patched, a path traversal flaw in WinRAR (CVE-2025-8088) is still being actively exploited, according to Google’s Threat Intelligence Group. The vulnerability was fixed in July 2025, but many users haven’t updated,…
Read More >
LinkedIn phishing comments policy violation
Fake LinkedIn “Policy Violation” Comments Turn Public Posts into Phishing Traps
February 05, 2026
A recent phishing campaign has arisen targeting users on LinkedIn in public post comments. This demonstrates attackers shifting away from DMs and email as initial attack vectors and toward highly visible spaces where users feel…
Read More >
Kimwolf DDoS botnet
Infected Android Devices Are Powering a Global DDoS Army
February 03, 2026
A massive, sprawling DDoS and proxy botnet, known as Kimwolf, has recently shown increased activity, growing to more than two million infected devices since August 2025. These millions of Android devices are globally distributed and…
Read More >
Subscribe for the Latest News

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Consent*
Webinars
Beyond Backup: Immutable Recovery for Okta and the Multi-IdP World
Register Now
2026 State of the CISO: A Role Divided
Register Now
From Attack to Recovery: Building Cyber Resilience with Index Engines and Hitachi Vantara
Register Now