Latest news as of 5/23/2026, 2:16:47 AM
The Register
Regulators logged over 400 personal data breach notifications a day for first time since law came into force GDPR fines pushed past the £1 billion (€1.2 billion) mark in 2025 as Europe's regulators were deluged with more than 400 data breach notifications a day, according to a new survey that suggests the post-plateau era of enforcement has well and truly arrived.…
The Register
Mind the cyber gap – similar flaws highlighted multiple years in a row Concerned about the orgs that safeguard your money? The UK's annual cybersecurity review for 2025 suggests you should be. Despite years of regulation, financial organizations continue to miss basic cybersecurity safeguards.…
Dark Reading
Web browser companies have put in substantial effort over the last three decades to strengthen the browser security stack to withstand abuses. Agentic browsers are undoing all that work.
Bleeping Computer
Hackers collect $439,250 after exploiting 29 zero-day vulnerabilities on the second day of Pwn2Own Automotive 2026. [...]
The Register
Critical vuln flew under the radar for a decade A recently disclosed critical vulnerability in the GNU InetUtils telnet daemon (telnetd) is "trivial" to exploit, experts say.…
Bleeping Computer
Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. [...]
The Hacker News
Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incident response team all rolled into one. Securing the cloud office in this scenario is all about
The Register
The critical-rated flaw leaves unpatched systems open to full takeover Cisco has finally shipped a fix for a critical-rated zero-day in its Unified Communications gear, a flaw that's already being weaponized in the wild, and which CISA previously flagged as an emergency priority.…
The Hacker News
A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. The vulnerability, which currently does not have a CVE identifier, is tracked by watchTowr Labs as WT-2026-0001. It was patched by SmarterTools on January 15, 2026, with Build 9511, following responsible disclosure by the exposure management
The Hacker News
A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts. The package, named sympy-dev, mimics SymPy, replicating the latter's project description verbatim in an attempt to deceive unsuspecting users into thinking that they are