A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to... Read more »

Cisco Talos says a China-linked group, tracked as UAT-8837, has targeted North American critical infrastructure since last year. Cisco Talos reports that threat group UAT-8837, likely linked to China,... Read more »

A data breach at Canada’s investment watchdog, Canadian Investment Regulatory Organization (CIRO), impacted about 750,000 people. The Canadian Investment Regulatory Organization (CIRO) is Canada’s national self-regulatory body overseeing investment... Read more »

Cisco fixed a maximum severity AsyncOS flaw in Secure Email products, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco fixed a critical AsyncOS flaw, tracked as... Read more »

A critical Modular DS WordPress flaw (CVE-2026-23550) is actively exploited, enabling unauthenticated privilege escalation. Threat actors are actively exploiting a critical Modular DS WordPress vulnerability tracked as CVE-2026-23550 (CVSS... Read more »

South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests... Read more »

Palo Alto Networks addressed a flaw impacting GlobalProtect Gateway and Portal, for which a proof-of-concept (PoC) exploit exists. Palo Alto Networks addressed a high-severity vulnerability, tracked as CVE-2026-0227 (CVSS score: 7.7),... Read more »