Vulnerability
-
Getty Images
Critical flaw in BeyondTrust Remote Support sees early signs of exploitation
The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.
By David Jones • Feb. 13, 2026 -
Getty Images
SmarterMail facing widespread attacks targeting critical flaws
The business email and collaboration software is being exploited for potential ransomware.
By David Jones • Feb. 12, 2026 -
shutterstock.com/whiteMocca
Sponsored by 10KMediaThe Future of DAST in an AI-First World: Why Runtime Security Testing Remains Critical
Runtime validation is where the gap is widening—and where this shift creates the biggest leap forward.
By Joni Klippert, CEO of StackHawk • Feb. 12, 2026 -
Getty Images
Majority of Ivanti EPMM threat activity linked to hidden IP
A report by GreyNoise warns the IP address is operating behind bulletproof hosting infrastructure and might not show up in current IoCs.
By David Jones • Updated Feb. 11, 2026 -
Getty Images
Extortion attacks on the rise as hackers prioritize supply-chain weaknesses
Consulting firms and manufacturing companies accounted for many of the ransomware victims posted to the dark web in 2025, Intel 471 said.
By Eric Geller • Feb. 11, 2026 -
Getty Images
Ivanti EPMM exploitation widespread as governments, others targeted
Researchers warn the activity shows evidence of initial access brokers preparing for future attacks.
By David Jones • Feb. 10, 2026 -
Getty Images
Threat actors target SolarWinds Web Help Desk flaw
Researchers say hackers are using remote monitoring and other tools in compromised environments.
By David Jones • Feb. 9, 2026 -
Getty Images
Critical flaw in SolarWinds Web Help Desk under exploitation
The vulnerability could allow an attacker to achieve remote code execution.
By David Jones • Updated Feb. 5, 2026 -
Getty Images
Autonomous attacks ushered cybercrime into AI era in 2025
Malwarebytes urged companies to adopt continuous monitoring and lock down identity systems as AI models get better at orchestrating intrusions.
By Eric Geller • Feb. 4, 2026 -
Markus Spiske
React2Shell exploitation undergoes significant change in threat activity
Researchers see a sudden consolidation of source IPs since late January.
By David Jones • Updated Feb. 4, 2026 -
Getty Images
Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts
Security researchers warn that the initial threat activity was highly targeted, as a limited number of users were impacted prior to disclosure.
By David Jones • Feb. 3, 2026 -
Getty Images
Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat
A look at the most important trends and issues in cyber this year.
By Cybersecurity Dive Staff • Jan. 30, 2026 -
Justin Sullivan / Staff via Getty Images
Cisco sees vulnerability exploitation top phishing in Q4
The company’s recommendations included monitoring for abuses of multifactor authentication, a growing threat to the enterprise.
By Eric Geller • Jan. 30, 2026 -
Getty Images
CISA, security researchers warn FortiCloud SSO flaw is under attack
The exploitation activity comes weeks after a similar authentication bypass vulnerability was found.
By David Jones • Jan. 29, 2026 -
Getty Images
Corporate workers lean on shadow AI to enhance speed
A report shows senior corporate executives are willing to allow unsanctioned AI use, which could place company data at risk.
By David Jones • Updated Jan. 28, 2026 -
Getty Images
AI tools break quickly, underscoring need for governance
In a new report, the security firm Zscaler said it identified severe vulnerabilities in every enterprise tool it tested — sometimes on its first prompt.
By Eric Geller • Jan. 28, 2026 -
Win McNamee via Getty Images
Interconnectedness, extortion risk make cybersecurity a healthcare C-suite priority
A new report from Trellix reviews the biggest breaches, describes the most effective defenses and profiles the most dangerous attackers.
By Eric Geller • Jan. 27, 2026 -
R. Eskalis/NIST. Retrieved from NIST.
NIST is rethinking its role in analyzing software vulnerabilities
As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.
By Eric Geller • Jan. 23, 2026 -
Getty Images
Critical flaw in Fortinet FortiSIEM targeted in exploitation threat
Researchers originally disclosed the vulnerability in August 2025, however, a proof of concept and an advisory were just released.
By David Jones • Jan. 16, 2026 -
Getty Images
Critical flaw in AWS Console risked compromise of build environment
The CodeBreach vulnerability could have enabled a massive supply chain attack, researchers warn.
By David Jones • Updated Jan. 15, 2026 -
peshkov via Getty Images
Critical vulnerability found in n8n workflow automation platform
The open-source platform is widely used across enterprise environments, leaving thousands of instances at risk.
By David Jones • Jan. 12, 2026 -
Sean Gallup via Getty Images
Telecom sector sees steady rise in ransomware attacks
A new threat intelligence report described a potent mix of unpatched flaws and lax perimeter controls.
By Eric Geller • Jan. 9, 2026 -
Getty Images
Risky shadow AI use remains widespread
A new report offers fresh evidence for why enterprises should prioritize AI governance policies.
By Eric Geller • Jan. 6, 2026 -
Getty Images
Thousands of firewalls at risk as legacy flaw in Fortinet faces renewed threat
The company in December warned of recent attacks targeting a 2020 vulnerability.
By David Jones • Updated Jan. 5, 2026 -
Getty Images
WatchGuard warns critical flaw in Firebox devices facing exploitation
The company said the threat activity is part of a larger campaign against edge devices and internet-exposed infrastructure.
By David Jones • Updated Dec. 23, 2025
