The European Commission confirmed a cyberattack affecting part of its cloud systems, now contained, with no impact on internal networks. On March 24, the European Commission detected a cyberattack... Read more »

CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an advisory about a critical vulnerability,... Read more »

A new AITM phishing campaign targets TikTok Business accounts to hijack them for malvertising, continuing tactics seen in earlier Google-themed scams. Push Security researchers uncovered a new wave of... Read more »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Aquasecurity Trivy... Read more »

China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has... Read more »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Langflow to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Langflow flaw,... Read more »

Kaspersky found Coruna iOS exploits reuse updated code from the 2023 Operation Triangulation attacks, suggesting a possible link. Kaspersky researchers discovered that the Coruna iOS exploit kit uses an... Read more »

Researchers found a new skimmer using WebRTC to steal and send payment data, bypassing traditional security controls. Sansec researchers discovered a new payment skimmer that uses WebRTC data channels instead... Read more »