Security News Feed Aggregated from trusted cybersecurity sources

Total Articles

Security News

Latest cybersecurity news from CISA, Krebs on Security, and other trusted sources

1288

CVE Mentions

Sources

Filter by source: All Sources darkreading hackernews krebs sans

darkreading Apr 21, 2026 at 19:12

Exploits Turn Windows Defender into Attacker Tool

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are unpatched.

Read Article

darkreading Apr 21, 2026 at 15:29

Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk

The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply chains.

Related CVEs: CVE-2026-1731

Read Article

darkreading Apr 21, 2026 at 12:00

Chinese APT Targets Indian Banks, Korean Policy Circles

China is spying on India's financial sector, for some reason, and it's not putting much effort into it, judging by some stale TTPs.

Read Article

darkreading Apr 21, 2026 at 10:52

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execution.

Read Article

darkreading Apr 20, 2026 at 21:01

Vercel Employee's AI Tool Access Led to Data Breach

Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," a researcher noted.

Read Article

darkreading Apr 20, 2026 at 21:00

Serial-to-IP Devices Hide Thousands of Old and New Bugs

The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.

Read Article

darkreading Apr 20, 2026 at 14:33

WhatsApp Leaks User Metadata to Attackers

Strangers can infer limited info about you without knowing or messaging you, which could theoretically aid certain kinds of malicious activity.

Read Article

darkreading Apr 17, 2026 at 19:51

How NIST's Cutback of CVE Handling Impacts Cyber Teams

Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment.

Read Article

darkreading Apr 17, 2026 at 19:05

Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate new-device login flow.

Read Article

darkreading Apr 17, 2026 at 14:47

Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones.

Read Article

darkreading Apr 17, 2026 at 13:00

Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs

The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role.

Read Article

darkreading Apr 16, 2026 at 21:47

NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities

The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws.

Read Article

darkreading Apr 16, 2026 at 19:42

North Korea Uses ClickFix to Target macOS Users' Data

Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs.

Read Article

darkreading Apr 16, 2026 at 19:07

'Harmless' Global Adware Transforms Into an AV Killer

A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender.

Read Article

darkreading Apr 16, 2026 at 15:28

Two-Factor Authentication Breaks Free from the Desktop

Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world.

Read Article

darkreading Apr 16, 2026 at 15:16

Microsoft's Original Windows Secure Boot Certificate Is Expiring

The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon.

Read Article

darkreading Apr 16, 2026 at 06:00

6-Year Ransomware Campaign Targets Turkish Homes & SMBs

While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption.

Read Article

darkreading Apr 15, 2026 at 21:45

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files.

Read Article

darkreading Apr 15, 2026 at 19:30

Navigating the Unique Security Risks of Asia's Digital Supply Chain

Regulatory differences, interconnected digital ecosystems, and the rise of AI have created a complex supply chain Asian organizations must wrangle.

Read Article

darkreading Apr 15, 2026 at 15:12

Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now

Quantum computers are coming and may impact systems in unexpected ways, and it will "take years to be fully quantum-safe, if ever," cryptography expert warns.

Read Article

About Security News

This feed aggregates the latest cybersecurity news from trusted sources to help you stay informed about emerging threats, vulnerabilities, and security trends.

Our Sources

CISA Alerts - Official US Gov
Krebs on Security
BleepingComputer
The Hacker News
Dark Reading
SANS ISC

Security News

About Security News

Our Sources

Security Hub