A newly disclosed Grafana vulnerability is under active exploitation, with attackers targeting enterprise dashboards and infrastructure. Security teams must apply patches immediately.
China’s Ministry of State Security (MSS) has announced a bounty for information on members of Taiwan’s psychological warfare unit, accusing them of separatist activities and cyber influence campaigns. The move signals an escalation in cross-strait information warfare and a growing overlap between propaganda and cybersecurity operations.
When a TikTok video depicting a “wanted: dead or alive” poster of U.S. Attorney General Pam Bondi appeared, major platforms responded. This article unpacks how TikTok, Google and Comcast cooperated with the FBI, the device and IP information they provided, and the broader implications for how threats on social media become federal investigations.
A new XCSSET malware variant for macOS introduces a clipboard hijacker to steal cryptocurrency and expands to Firefox browser data theft. Security researchers warn developers to inspect Xcode projects and apply strong defenses against this evolving threat.
As organisations deploy hundreds of AI agents each year, security teams face unprecedented risk. This article outlines a robust framework to govern AI at scale, align speed with control and embed security from day one.
A sophisticated mobile-fraud campaign dubbed the Smishing Triad is spoofing toll-agency alerts and flooding users with fake unpaid-toll texts. Read on for how the scam works and how to defend your devices.
Microsoft’s emergency out-of-band update (KB5070773) fixes a USB input failure in the Windows Recovery Environment that impacted Windows 11 and Server 2025 devices. This article explains the bug, affected platforms, and recommended actions for IT professionals.
A recently disclosed Chrome RCE exploit uses Wasm and JavaScript to manipulate memory and execute shellcode in the browser. Update to version M137.0.7151.57 immediately to prevent remote compromise.
A Reagan-themed anti-tariff ad paused U.S.–Canada talks. Canada’s prime minister apologized to Trump, seeking to cool tempers, protect exporters, and restart negotiations.
A threat actor has registered over 4,300 look-alike hotel booking domains, launching a large-scale phishing campaign that impersonates major travel brands to steal payment card data from unsuspecting guests.