A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Researchers identified a new Osiris ransomware used in a November 2025 attack, abusing the POORTRY driver via BYOVD to disable security tools. Symantec and Carbon Black researchers uncovered a... Read more »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a... Read more »

Critical telnetd flaw CVE-2026-24061 (CVSS 9.8) affects all GNU InetUtils versions 1.9.3–2.7 and went unnoticed for nearly 11 years. A critical vulnerability, tracked as CVE-2026-24061 (CVSS score of 9.8),... Read more »

Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Fortinet confirmed attacks bypass FortiCloud SSO on fully patched devices. Threat... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog. The... Read more »

Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. Under Armour is an American company that designs, manufactures, and sells sportswear,... Read more »

A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered a new Android... Read more »

A SmarterMail flaw (WT-2026-0001) is under active attack just days after its January 15 patch, with no CVE assigned yet. A newly disclosed flaw in SmarterTools SmarterMail is being... Read more »