ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

French authorities said that government cybersecurity researchers will stop certifying security products that lack ...

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

The final bell rang Thursday at Infosecurity Europe 2026 — the 31st edition of Europe's largest annual cybersecurity gathering — as the industry's most uncomfortable thesis moved from theoretical to ...

SentinelLabs researchers have discovered new malware that removes malicious code planted by the TeamPCP supply chain hackers and replaces it with its own. Named PCPJack, the framework was discovered ...

A logic flaw sitting undetected in the Linux kernel for nearly nine years lets any unprivileged local user gain root access on virtually every mainstream Linux distribution shipped since 2017, ...

With practical quantum computers predicted to arrive in the next decade or so, technologists worry about the risks to encrypted data traveling over current Web protocols. But a new infrastructure ...

As cybersecurity threats continue to grow in scale, sophistication and intent, it’s vital for organizations to understand the top actors, emerging risks and evolving techniques shaping the landscape ...

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...

Google’s Threat Intelligence Group reports that new malware strains use LLMs mid-execution to generate, rewrite, and obfuscate malicious code in real time. Threat actors are now actively deploying ...

In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT group behind the attacks is BladedFeline, an Iranian threat actor ...