Your APIs are under siege, and attackers are just getting warmed up

Internet-facing systems are handling sustained levels of malicious traffic across APIs, web applications, and DDoS channels. Akamai’s State of the Internet security report places these patterns within the same... Read more »

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level. Tracked as CVE-2026-3888 (CVSS score:... Read more »

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for their involvement in the Democratic People’s Republic of Korea... Read more »

U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ([1, 2]) SharePoint... Read more »

Apple Rolls Out Real-Time Security Fixes Across iPhone, iPad, and Mac

Apple launches Background Security Improvements to fix vulnerabilities in real time, starting with a WebKit flaw affecting Safari on iPhone, iPad, and Mac. The post Apple Rolls Out Real-Time... Read more »

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if successfully exploited, could result in remote code execution. The vulnerabilities are... Read more »

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as CVE-2026-32746... Read more »

Token Security advances AI agent protection with intent-based controls

Token Security has unveiled intent-based AI agent security, a new approach that governs autonomous agents in enterprise environments by aligning their permissions with their intended purpose. As organizations deploy... Read more »

Dropzone AI releases autonomous Threat Hunting agent for continuous SOC detection

Dropzone AI has released the AI Threat Hunter, its newest AI agent that enables security teams to proactively search for threats across their environments around the clock. The AI... Read more »

Backslash adds cross-product support to secure AI skills in developer environments

Backslash Security has revealed new cross-product support for agentic AI Skills within its platform, enabling organizations to discover, assess, and apply security guardrails to Skills used across AI-native software... Read more »
Subscribe to our Newsletter