Kevin Beaumont

A critical, high-severity vulnerability (CVE-2025-14847) in MongoDB, dubbed MongoBleed, is being actively exploited, allowing unauthenticated attackers to remotely steal secrets…

Cisco warns of an active, state-sponsored hacking campaign exploiting a critical zero-day vulnerability in its security appliances, allowing complete device…

Popular online code formatting platforms like JSONFormatter and CodeBeautify are leaking sensitive user data, including passwords and API keys, through…

The Pennsylvania Attorney General's office experienced a ransomware attack in August 2025, leading to a data breach where cybercriminals stole…

Anthropic claims a Chinese threat group used its Claude AI to conduct the first large-scale, largely autonomous cyberattack, with the…

U.S. federal agencies must immediately patch vulnerable Cisco firewalls due to active exploitation of security flaws in Cisco ASA software…

Google's report identifies five AI-generated malware samples, all of which are unsophisticated and pose minimal real-world cybersecurity risk compared to…

A critical Windows Server Update Services (WSUS) vulnerability (CVE-2025-59287) is being actively exploited, allowing attackers to execute arbitrary code and…

British investigators arrested a suspect in West Sussex for a ransomware attack that severely disrupted European air travel by targeting…

Three critical vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway devices, with CVE-2025-7775 already being actively exploited for…

Colt Technology Services experienced a data breach where customer documentation was stolen and is now being auctioned online by the…

Colt Technology Services has confirmed a significant data breach potentially exposing sensitive customer information, revising earlier assurances that the attack…

Colt Technology Services is facing a major cyberattack disrupting critical operations since August 12, with hackers attempting to sell stolen…

Pennsylvania’s Attorney General office experienced a major cyberattack, disrupting email, phone lines, and its website, forcing staff to operate with…

Federal agencies and businesses using Citrix NetScaler systems must urgently patch **CVE-2025-5777** after CISA confirmed active attacks, issuing a strict…

A critical Citrix NetScaler vulnerability (CVE-2025-5777) allows attackers to steal session tokens by exploiting malformed login requests to dump memory…

A critical vulnerability in Citrix NetScaler systems (CVE-2025-5777, CVSS 9.3), dubbed CitrixBleed 2, allows attackers to bypass authentication and compromise…

A new vulnerability dubbed "CitrixBleed 2" in Citrix NetScaler ADC and Gateway systems allows attackers to hijack sessions and bypass…

Microsoft introduced a PowerShell script to restore the accidentally deleted 'inetpub' folder, which is critical for security against privilege escalation…