A newly disclosed vulnerability in the GNU InetUtils telnet daemon (telnetd) has raised serious concerns after remaining unnoticed for almost 11 years. The flaw is tracked as CVE-2026-24061 and carries a CVSS score of 9.8 (Critical). It impacts GNU InetUtils…
Security researchers have revealed details about a new ransomware strain named Osiris, linked to an attack against a large food service franchisee operator in Southeast Asia in November 2025. According to investigators from Symantec and VMware Carbon Black Threat Hunter…
Microsoft has issued a warning about a complex, multi-stage phishing campaign targeting organizations in the energy sector, where attackers combine adversary-in-the-middle (AitM) phishing with business email compromise (BEC) tactics to spread across multiple victims. According to Microsoft’s Defender Security Research…
Cybersecurity researchers are warning about a new attack campaign where threat actors are using stolen credentials to install legitimate Remote Monitoring and Management (RMM) tools, giving them stealthy and persistent remote control over victim systems. Instead of relying on traditional…
Fortinet has confirmed it is working on a complete fix for a FortiGate authentication issue tied to FortiCloud SSO, after detecting new exploitation attempts — including cases where devices were already running the latest available firmware at the time of…
AI agents are changing how work gets done inside companies. They can schedule meetings, pull data, run workflows, write code, and take actions automatically. In many cases, they move faster than people ever could, and that speed is boosting productivity…
A cyberattack described by Polish officials as the most serious assault on the country’s energy infrastructure in years has been linked to the Russian state-backed hacking group Sandworm. The incident happened during the final week of December 2025 and targeted…
Security researchers have uncovered a weakness inside the web control panel used by operators of the StealC malware, turning the attackers’ own infrastructure into an unexpected source of intelligence. The flaw is a cross-site scripting (XSS) vulnerability that allowed researchers…
Several AMD EPYC processor families have been found vulnerable to a new hardware-level attack that undermines protections designed for confidential virtual machines. The affected chips include both standard and embedded variants across the EPYC 7003, 8004, 9004, and 9005 series.…
Not long ago, the cloud was sold as the ultimate fix for security risks and reliability problems. The promise was simple: move everything to managed platforms and let someone else worry about uptime and protection. In exchange for that convenience,…
