NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
Ravie LakshmananApr 17, 2026Vulnerability Management The National Institute of Standards and Technology (NIST) has announced changes to the way it...
Hacking
Category Added in a WPeMatico Campaign
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
Ravie LakshmananApr 17, 2026DDoS / Cybercrime An international law enforcement operation has taken down 53 domains and arrested four people...
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Ravie LakshmananApr 17, 2026Vulnerability / Enterprise Security A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active...
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Ravie LakshmananApr 16, 2026Botnet / Cryptomining Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in...
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
Ravie LakshmananApr 16, 2026Hacking News / Cybersecurity News You know that feeling when you open your feed on a Thursday morning...
![[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6vJpO9kksCQDpSksNkqDFNUCbXD70dMGYqI6P9S_XPMY5d8BR8PVdrsVQP1ZJO_-nzL6eQShM3Cap9heQ5kAglsPjfxwIcXPSsf_cfgUVnGQ2XzIWVOuo7JhxMjnHYDN6r9KlQ6LqZJisRZkjatnWChuzUkSlXRa1hFseUPq28PZ5gjGR7L2WzTFdZ3fM/s1600/ghost.jpg)
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
Mohit KumarApr 16, 2026Artificial Intelligence / Enterprise Security In 2024, compromised service accounts and forgotten API keys were behind 68%...
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Ravie LakshmananApr 16, 2026Vulnerability / Network Security Cisco has announced patches to address four critical security flaws impacting Identity Services...
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
The Hacker NewsApr 16, 2026Data Privacy / Compliance A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a...
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
Ravie LakshmananApr 16, 2026Application Security / Threat Intelligence A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform...
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
Ravie LakshmananApr 16, 2026Malware / Threat Intelligence The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign...
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Ravie LakshmananApr 15, 2026Threat Intelligence / Cloud Security Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation...
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Ravie LakshmananApr 15, 2026Web Security / Vulnerability A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management...
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Ravie LakshmananApr 15, 2026Vulnerability / Data Breach A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have...
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader...
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited...
