Latest news as of 5/18/2026, 6:59:49 PM
Bleeping Computer
Identity protection company Aura has confirmed that an authorized party gained access to nearly 900,000 customer records containing names and email addresses. [...]
Dark Reading
In addition to enabling remote access, the malware supports a wide range of capabilities including data theft and spying.
Dark Reading
A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.
The Register
Darksword is the second iOS exploit chain in a month A new exploit kit targeting iPhone users and stealing their sensitive data is being abused by "multiple" spyware vendors and suspected nation-state goons, security researchers said on Wednesday.…
Dark Reading
When technical expertise meets clear communication, cybersecurity teams thrive. Learn how to foster trust and collaboration across diverse working groups.
Bleeping Computer
CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). [...]
Bleeping Computer
ConnectWise is warning ScreenConnect customers of a cryptographic signature verification vulnerability that could lead to unauthorized access and privilege escalation. [...]
The Register
Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.…
The Hacker News
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for their involvement in the Democratic People's Republic of Korea (DPRK) information technology (IT) worker scheme with an aim to defraud U.S. businesses and generate illicit revenue for the regime to fund its weapons of mass destruction (WMD) programs. "The North Korean
Bleeping Computer
The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's Secure Firewall Management Center (FMC) software in zero-day attacks since late January. [...]