Citrix NetScaler products confirmed to be under exploitation

Security researchers at watchTowr warn that multiple flaws are involved in the early stages of a hacking spree that could rival the 2023 CitrixBleed campaign.

By David Jones • Updated March 30, 2026

Critical flaw in Citrix NetScaler raises fears of new exploitation wave

Researchers warn that security teams need to take immediate mitigation steps before a public proof of concept is released.

By David Jones • Updated March 27, 2026

The CVE Program, a bedrock of global cyber defense, is teetering on the brink

A funding scare, AI and similar international initiatives are raising existential questions about the program’s future.

By Eric Geller • March 24, 2026

Network edge devices still widely used after reaching end-of-life status

A report by VulnCheck shows nation-state hackers often target flaws in aging routers, firewalls and VPNs.

By David Jones • March 23, 2026

CISA urges organizations to harden endpoint security following Stryker attack

The agency is coordinating with the FBI and other agencies amid concerns about additional threat activity involving Microsoft Intune. 

By David Jones • March 19, 2026

Security teams might be overlooking wider threat to Cisco SD-WAN

Researchers from VulnCheck warn that a misattributed proof of concept ignores a separate, high-severity flaw. 

By David Jones • March 17, 2026

Nearly half of exploited zero-day flaws target enterprise-grade technology

A report by Google Threat Intelligence Group warns that AI will be used to speed and scale attacks in 2026.

By David Jones • March 6, 2026

Iran-nexus hackers target flaws in surveillance cameras

The threat activity echoes prior exploitation during the Israeli war with Hamas, a precursor to attacks against critical sectors in the U.S.

By David Jones • Updated March 6, 2026

Ransomware is now less about malware and more about impersonation

Stolen passwords have replaced infectious code as the most common tactic in major breaches, Cloudflare said.

By Eric Geller • March 3, 2026

How Microsoft, partners are tackling ‘huge, huge task’ of making security software safer

The technology giant and third-party security vendors are plotting an ambitious overhaul of how their products interoperate.

By Eric Geller • March 2, 2026

Building a risk-based data sanitization strategy: When to use Cryptographic erasure vs. physical destruction

Build your strategy on risk assessment, not on assumptions that one size fits all.

By Paul Falcone • March 2, 2026

‘Resurge’ malware can remain undetected on devices

CISA previously issued an alert about attacks that exploited a vulnerability in Ivanti Connect Secure.

By David Jones • Updated Feb. 27, 2026

CISA orders agencies to patch Cisco devices now under attack

The vulnerabilities, scored as critical, affect the company’s software-defined wide-area networking (SD-WAN) systems.

By Eric Geller • Feb. 25, 2026

Software vulnerabilities are being weaponized faster than ever

A report by VulnCheck shows threat groups are exploiting a small percentage of critical flaws well before security teams can mitigate.

By David Jones • Feb. 25, 2026

Hackers target vulnerabilities in Roundcube Webmail

CISA has added the flaws, one of which is considered critical, to its Known Exploited Vulnerabilities catalog.

By David Jones • Feb. 23, 2026

BeyondTrust Remote Support exploitation ramps up with backdoors, remote tools

Researchers warn that thousands of instances may still be vulnerable to exploitation activity.

By David Jones • Updated Feb. 20, 2026

Threat groups use AI to speed up and scale cyberattacks

A report from Palo Alto Networks finds hackers are increasingly using stolen identities and exploiting critical vulnerabilities within minutes of disclosure.

By David Jones • Feb. 18, 2026

Hackers exploit zero-day flaw in Dell RecoverPoint for Virtual Machines

Threat actors linked to China have deployed a novel backdoor, according to researchers.

By David Jones • Updated Feb. 18, 2026

Critical flaw in BeyondTrust Remote Support sees early signs of exploitation

The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.

By David Jones • Updated Feb. 16, 2026

SmarterMail facing widespread attacks targeting critical flaws

The business email and collaboration software is being exploited for potential ransomware.

By David Jones • Feb. 12, 2026

The Future of DAST in an AI-First World: Why Runtime Security Testing Remains Critical

Runtime validation is where the gap is widening—and where this shift creates the biggest leap forward.

By Joni Klippert, CEO of StackHawk • Feb. 12, 2026

Majority of Ivanti EPMM threat activity linked to hidden IP

A report by GreyNoise warns the IP address is operating behind bulletproof hosting infrastructure and might not show up in current IoCs. 

By David Jones • Updated Feb. 11, 2026

Extortion attacks on the rise as hackers prioritize supply-chain weaknesses

Consulting firms and manufacturing companies accounted for many of the ransomware victims posted to the dark web in 2025, Intel 471 said.

By Eric Geller • Feb. 11, 2026

Ivanti EPMM exploitation widespread as governments, others targeted

Researchers warn the activity shows evidence of initial access brokers preparing for future attacks.

By David Jones • Feb. 10, 2026

Threat actors target SolarWinds Web Help Desk flaw

Researchers say hackers are using remote monitoring and other tools in compromised environments.

By David Jones • Feb. 9, 2026