Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

An Amber Alert sent out to the public Thursday about a missing child in South Los Angeles was in the process of being deactivated when it was sent out, officials confirmed to NBC Los Angeles. The ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.

LOS ANGELES (KABC) -- An Amber Alert has been deactivated after a 3-year-old boy who authorities say was taken by his mother in the Los Angeles area was located. The California Highway Patrol issued ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

AI is changing the economics of DeFi attacks, forcing protocols to choose between ideological purity and survival.

Don't waste your time on AI job scams. I spoke with experts about the warning signs to watch for -- and how to tell AI-generated job listings from legitimate opportunities.

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.