Google Cloud
Google researchers uncover criminal zero-day exploit likely built with AI
Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source …
Attackers use MS Teams, fake mailbox repair utility to breach organizations
A threat group has penetrated corporate networks by impersonating IT helpdesk staff on Microsoft Teams, tricking employees into downloading malware and surrendering their …
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be …
North Korean hackers linked to Axios npm supply chain compromise
The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of …
Attackers are handing off access in 22 seconds, Mandiant finds
Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 …
Software vulnerabilities push credential abuse aside in cloud intrusions
Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access …
China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)
A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since …
ShinyHunters flip the script on MFA in new data theft attacks
Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in …
F5 NGINXaaS for Google Cloud protects cloud-native applications
F5 launched F5 NGINXaaS for Google Cloud, a cloud-native application delivery-as-a-service solution. Developed in collaboration with Google Cloud, this offering addresses the …
AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations
Google and its Mandiant threat intelligence unit have released AuraInspector, an open-source tool aimed at auditing data access paths in Salesforce Experience Cloud …
Security teams debate how much to trust AI
AI is reshaping how organizations operate, defend systems, and interpret risk. Reports reveal rising AI-driven attacks, hidden usage across enterprises, and widening gaps …
Exploited SonicWall zero-day patched (CVE-2025-40602)
SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the …
Featured news
Resources
Don't miss
- Sandyaa: Open-source autonomous security bug hunter
- The hidden risk of non-human identities in AI adoption
- Researchers open-source a Wi-Fi cyber range for security training
- Android pushes new scam, theft, and AI protections in 2026 update wave
- Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days