Attackers accessed, downloaded code from Grafana Labs’ GitHub
A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization …
201 arrested in INTERPOL disruption of phishing and fraud networks
Operation Ramz, a cybercrime initiative coordinated by INTERPOL across the MENA region, focused on disrupting phishing campaigns, malware activity, and cyber scams that caused …
The AI backdoor your security stack is not built to see
Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious …
Lyrie: Open-source autonomous pentesting agent
Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by …
AI shrinks vulnerability exploitation window to hours
Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State …
Product showcase: McAfee + ChatGPT integration turns doubt into a scam check
McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is …
When ransomware hits, confidence doesn’t restore endpoints
Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The …
Debian 13.5 point release lands with security fixes, bug patches
Debian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more …
Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed …
Google lets Workspace admins apply one policy across all SAML apps
Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal …
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly …
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure …
Featured news
Resources
Don't miss
- Accenture acknowledges security incident following 35GB data theft claim
- Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
- 20 open-source cybersecurity tools to keep your team ready for anything
- macOS is becoming a proving ground for AI agents
- How to implement a continuous offensive security testing program