A drive-by download attack is a type of cyber threat where malicious software is downloaded and installed on a user’s device without their knowledge or consent simply by visiting a compromised or ...

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...

Cloud-native applications have changed how businesses build and scale software. Microservices, containers, and serverless ...

Sensitive data can be stolen within minutes ...

A website long associated with neo-Nazi propaganda is now redirecting visitors straight to the Department of Homeland ...

Cloudflare has patched a critical zero-day flaw in its Web Application Firewall (WAF) that allowed attackers to bypass its defenses and access origin web servers.

Cisco fixes actively exploited CVE-2026-20045 zero-day enabling unauthenticated RCE in Unified CM and Webex; CISA sets Feb 11, 2026 deadline.

WhisperPair exploits a vulnerability in Google Fast Pair functionality to enable nonconsensual device tracking and pairing.

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...

Explore how Ponzi schemes exploit trust in Telangana, draining savings and evading regulation, with devastating impacts on ...

Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry ...

Arizona Attorney General Kris Mayes is investigating Grok after reports the AI tool created illegal sexual images, including ...