Sinisa Markovic
32% of top-exploited vulnerabilities are over a decade old
Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining …
GitHub just made it much harder to ship a vulnerable pull request
GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public …
The devices winning the race to get hacked in 2026
Enterprise networks keep adding connected devices, expanding the attack surface as threat actors target a wider range of systems, many of which are difficult to inventory, …
Russian hackers go after high-value targets through Signal
Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of …
Terminated contract led to $2.5 million cyber extortion scheme
A federal jury convicted Cameron Curry, 27, a Charlotte resident, of carrying out an extensive cyber extortion scheme targeting a Washington, D.C.-based international …
Authorities disrupt four IoT botnets behind record DDoS attacks
The U.S. Justice Department and international partners have disrupted four IoT botnets linked to DDoS attacks that reached 30 terabits per second, among the largest ever recorded.
4chan shrugs off UK regulator, refuses to pay £520,000 in fines over online safety violations
The U.K.’s media regulator Ofcom fined 4chan £450,000 under the Online Safety Act for failing to introduce age checks to stop children from accessing pornographic content on …
Secure endpoint management systems immediately, CISA urges
The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber …
900,000 contact records exposed in Aura data breach
Aura, the online safety service, confirmed that an unauthorized party accessed about 900,000 records, mostly names and email addresses from a marketing tool linked to a …
Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults
Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive …
Elite members of North Korean society fake their way into Western paychecks
Increased federal activity, including indictments over the past year, has drawn attention to a pattern that has been unfolding inside corporate hiring pipelines. North Korean …
Firefox is getting a free built-in VPN
Mozilla is adding a free built-in VPN to Firefox, with the feature arriving in Firefox 149 on March 24. Privacy concerns often follow free VPN services, especially when …
Featured news
Resources
Don't miss
- July 2026 Patch Tuesday forecast: Is CVE tracking still practical?
- The open source library holding up your stack might have one maintainer
- Most data brokers won’t tell you what happened to your deletion request
- Microsoft is rewriting Windows patch guidance because of AI
- Extortion crew hijacks Microsoft 365 accounts via fake passkey setup