Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to... Read more »

Nike is investigating a possible cyber incident after the WorldLeaks group claimed it stole data from the company’s systems. Nike is probing a potential security breach after the WorldLeaks... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter UNO reverse card: stealing cookies from cookie stealers ... Read more »

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Researchers identified a new Osiris ransomware used in a November 2025 attack, abusing the POORTRY driver via BYOVD to disable security tools. Symantec and Carbon Black researchers uncovered a... Read more »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a... Read more »

Critical telnetd flaw CVE-2026-24061 (CVSS 9.8) affects all GNU InetUtils versions 1.9.3–2.7 and went unnoticed for nearly 11 years. A critical vulnerability, tracked as CVE-2026-24061 (CVSS score of 9.8),... Read more »

Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Fortinet confirmed attacks bypass FortiCloud SSO on fully patched devices. Threat... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog. The... Read more »