Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
Sysdig cloud security AWS
Eight Minutes to Admin: AI Just Changed the Cloud Threat Model
February 19, 2026
The Sysdig Threat Research Team (TRT) discovered a threat operation against an Amazon Web Services (AWS) environment on November 28th, 2025. The attacker in this incident was able to progress from initial access to administrative…
Read More >
agentic AI security secure AI
The Agentic AI Security Gap Is Already Here
February 17, 2026
In the past several years, AI has increasingly been adopted by individuals and organizations alike for both personal and business purposes. Unfortunately, it has also been implemented by many cybercriminals to enhance their attacks, and…
Read More >
Poland Electrum electric grid cyber attack
Poland Grid Hack Signals Shift in Cyberwarfare Strategy
February 16, 2026
A new report from Dragos confirms what many in the energy sector had suspected: the December 2025 cyberattack on Poland’s power grid was a deliberate test of the system’s vulnerabilities. There were no blackouts. Electricity…
Read More >
DockerDash AI
DockerDash Exposes the Dark Side of AI Trust in DevOps
February 16, 2026
The AI explosion in recent years has led to widespread adoption in a variety of business environments, including the rapid rise of AI assistants inside DevOps and cloud workflows. These “trusted” tools are now embedded…
Read More >
Zscaler shadow AI risk
AI Everywhere, Oversight Nowhere: The New Enterprise Risk Blind Spot
February 12, 2026
Zscaler recently released the ThreatLabz 2026 AI Security Report, offering insight into the state of security amid the AI explosion. The growth of AI usage is becoming exponential as more and more organizations adopt AI…
Read More >
Netwrix cybersecurity identity security
Identity: The New Data Perimeter in the Age of Agentic AI
February 10, 2026
A new forecast from Netwrix Security Research Lab argues that the next wave of cybersecurity disruption will not come from new exploits, but rather from scaled attacks. “Soon, cybersecurity will stop being a people-scaling problem…
Read More >
WinRAR patched vulnerability
A Patched Flaw Still Opening Doors: Inside the WinRAR Exploit Surge
February 06, 2026
Months after it was patched, a path traversal flaw in WinRAR (CVE-2025-8088) is still being actively exploited, according to Google’s Threat Intelligence Group. The vulnerability was fixed in July 2025, but many users haven’t updated,…
Read More >
LinkedIn phishing comments policy violation
Fake LinkedIn “Policy Violation” Comments Turn Public Posts into Phishing Traps
February 05, 2026
A recent phishing campaign has arisen targeting users on LinkedIn in public post comments. This demonstrates attackers shifting away from DMs and email as initial attack vectors and toward highly visible spaces where users feel…
Read More >
Kimwolf DDoS botnet
Infected Android Devices Are Powering a Global DDoS Army
February 03, 2026
A massive, sprawling DDoS and proxy botnet, known as Kimwolf, has recently shown increased activity, growing to more than two million infected devices since August 2025. These millions of Android devices are globally distributed and…
Read More >
Fortinet cloud complexity AI
The Cloud Complexity Gap Is Becoming an AI Security Liability
February 02, 2026
A new report from Fortinet and Cybersecurity Insiders outlines growing tension between the pace of AI-driven cloud adoption and the capacity of current security models to keep up. The 2026 Cloud Security Report highlights how…
Read More >
Black Duck Broadcom Wi-Fi vulnerability
How a Broadcom Wi-Fi Flaw Exposes a Fragile Wireless Reality
February 02, 2026
Wireless networks are often treated as invisible utilities by organizations and individuals alike—expected to work continuously, silently, and flawlessly. Unfortunately, this assumption is not always true, as demonstrated in a recent publication based on a…
Read More >
Veeam RCE remote code execution vulnerability
Critical Veeam Remote Code Execution Attack Highlights Risk of Trusted Backup Access
January 29, 2026
Shortly after the New Year, Veeam disclosed a critical Remote Code Execution (RCE) vulnerability in its backup and replication software. This underscores a familiar but uncomfortable reality in enterprise security: The most dangerous attacks often don’t…
Read More >
quishing qr code phishing
North Korea’s Kimsuky Turns to “Quishing” Against U.S. Organizations
January 27, 2026
The United States Federal Bureau of Investigation (FBI) has released a FLASH alert warning about evolving techniques in campaigns by the North Korean state-sponsored threat group known as Kimsuky. The alert reveals an evolution in…
Read More >
UK Government Cyber Action Plan
Why Government Is Rethinking Cybersecurity as a System, Not a Silo
January 26, 2026
The UK government has published a new Government Cyber Action Plan backed by £210 million in funding, setting out a coordinated strategy to address cybersecurity risks across the public sector. Framed as a response to…
Read More >
ClickFix phishing hotel hospitality PHALT#BLYX
Inside the ClickFix Campaign Targeting Hospitality
January 23, 2026
Phishing is one of the oldest social engineering tricks in a threat actor’s playbook, a tried-and-true technique that continues to pay out as attacks and defenses advance over time. Rather than stagnating in the face…
Read More >
Google Cloud email security phishing
How Attackers Are Abusing Google Cloud to Evade Email Security
January 20, 2026
Phishing is one of the tried-and-true methods that attackers have been heavily relying on since the early days of the internet, but it is far from a stagnant technique. Over the years, phishing has grown…
Read More >
CyberArk privileged access security controls
Why Security Controls Are Collapsing Under Their Own Weight
January 20, 2026
A new report from CyberArk paints a stark picture: while organizations say they’re modernizing, their security models haven’t kept up. According to The Privilege Reality Gap, the divide between perception and reality in privileged access…
Read More >
Ping biometric security AI
Zero-Knowledge Biometrics and the New Rules of Digital Trust in the Age of AI
January 19, 2026
In recent years, the growth of AI tools has fundamentally altered the economics of identity fraud. Deepfakes, synthetic identities, and automated phishing are now able to scale faster than traditional defenses, amplifying threats and shifting…
Read More >
Subscribe for the Latest News
Webinars
Scaling Code Security for Builders Beyond Developer-First
Register Now
Cyber Resilience in Action: How IBM and Index Engines Deliver a Detection-to-Recovery Pipeline
Register Now
Passwordless Authentication: A Practical Approach to Modernizing Access
Register Now