Vulnerabilities
A severe vulnerability in the popular Nginx UI management tool is being actively exploited, allowing attackers to bypass authentication and gain full command execution on hosting infrastructure. SAN FRANCISCO, CA — Security researchers have issued an urgent warning following the discovery of CVE-2026-33032, a critical vulnerability in Nginx UI — a widely
Microsoft
The inaugural live hacking event at Microsoft’s Redmond campus resulted in the discovery of nearly 700 vulnerabilities, including over 80 high-impact flaws in Cloud and AI infrastructure. REDMOND, WA — Microsoft has officially concluded its "Zero Day Quest" 2026, awarding a total of $2.3 million to security
Cyber Attacks
The automotive data giant has taken several core systems offline following a targeted ransomware strike, disrupting valuation and pricing services for thousands of dealerships and insurers across Europe. PETERBOROUGH, UK — Autovista Group, a critical provider of data, analytics, and industry insights for the European automotive sector, has confirmed it is
Following a massive Patch Tuesday release addressing 169 vulnerabilities, federal authorities have added two high-risk Microsoft flaws to the Known Exploited Vulnerabilities (KEV) catalog — including a legacy bug from 2009. WASHINGTON, D.C. — The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog, adding a
A severe vulnerability in the popular Nginx UI management tool is being actively exploited, allowing attackers to bypass authentication and gain full command execution on hosting infrastructure. SAN FRANCISCO, CA — Security researchers have issued an urgent warning following the discovery of CVE-2026-33032, a critical vulnerability in Nginx UI — a widely
The inaugural live hacking event at Microsoft’s Redmond campus resulted in the discovery of nearly 700 vulnerabilities, including over 80 high-impact flaws in Cloud and AI infrastructure. REDMOND, WA — Microsoft has officially concluded its "Zero Day Quest" 2026, awarding a total of $2.3 million to security
Security researchers have identified a persistent campaign abusing the popular workflow automation tool n8n to deliver sophisticated malware via phishing emails, bypassing traditional gateway filters. LONDON — Since October 2025, a sophisticated threat actor has been exploiting the webhook functionality of n8n, an open-source workflow automation platform, to facilitate a global
Security researchers claim sensitive contracts and user IDs were indexed by Google due to misconfigured URLs; Fiverr maintains that its core systems remain secure. TEL AVIV — Fiverr, the global freelance services marketplace, is facing intense scrutiny following reports that sensitive user documents — including contracts, project briefs, and personal IDs — were
Matthew Lane, the hacker behind a massive intrusion into student information systems, admits to federal crimes, highlighting the fragile state of K-12 and collegiate data security. CHICAGO, IL — Matthew Lane, a 20-year-old former college student, has admitted to orchestrating one of the most expansive cyberattacks on the American educational system
The Federal Communications Commission has granted Netgear a conditional waiver, allowing the networking giant to continue importing foreign-manufactured hardware through October 2027 while rivals face a total market freeze. WASHINGTON, D.C. — In a decision that has sent shockwaves through the consumer electronics industry, the Federal Communications Commission (FCC) has
Security researchers have identified a persistent campaign abusing the popular workflow automation tool n8n to deliver sophisticated malware via phishing emails, bypassing traditional gateway filters. LONDON — Since October 2025, a sophisticated threat actor has been exploiting the webhook functionality of n8n, an open-source workflow automation platform, to facilitate a global
Security researchers claim sensitive contracts and user IDs were indexed by Google due to misconfigured URLs; Fiverr maintains that its core systems remain secure. TEL AVIV — Fiverr, the global freelance services marketplace, is facing intense scrutiny following reports that sensitive user documents — including contracts, project briefs, and personal IDs — were
Swedish authorities have declassified details of a thwarted "destructive" cyberattack against a thermal power plant, warning of a dramatic escalation in hybrid warfare targeting European energy grids. STOCKHOLM — The Swedish government has formally attributed a sophisticated 2025 cyberattack against a domestic thermal power plant to a pro-Russian hacking
Matthew Lane, the hacker behind a massive intrusion into student information systems, admits to federal crimes, highlighting the fragile state of K-12 and collegiate data security. CHICAGO, IL — Matthew Lane, a 20-year-old former college student, has admitted to orchestrating one of the most expansive cyberattacks on the American educational system
The disruption of the W3LL Panel dismantles a "full-service" cybercrime ecosystem that bypassed Multi-Factor Authentication (MFA) to target thousands of Microsoft 365 enterprise accounts. ATLANTA, GA — In a major blow to the "Phishing-as-a-Service" (PhaaS) industry, the FBI’s Atlanta Field Office and the Indonesian National Police
The global crypto exchange confirms it is the target of a blackmail plot involving internal data, but maintains that core trading systems and client funds remain isolated and secure. SAN FRANCISCO, CA — Kraken, one of the world’s largest cryptocurrency exchanges, is currently navigating an active extortion campaign after a
The addition of both legacy vulnerabilities and 2026 zero-days signals a "two-front war" for defenders: securing modern cloud-facing infrastructure while purging decade-old exploits still being used in the wild. WASHINGTON, D.C. — The Cybersecurity and Infrastructure Security Agency (CISA) has added seven new vulnerabilities to its Known Exploited
RCI Hospitality Holdings, Inc., the dominant operator of upscale nightclubs and sports bars across the United States, has confirmed a cybersecurity incident that resulted in unauthorized access to sensitive internal and client information. HOUSTON, TX — RCI Hospitality Holdings, Inc. (Nasdaq: RICK) has formally disclosed a data breach following an investigation
A sophisticated cybersecurity intrusion has forced a suburban Minnesota school district into a multi-day operational shutdown, highlighting the escalating threat to K-12 digital infrastructure. SPRING LAKE PARK, MN — Spring Lake Park Schools (District 16) canceled all classes and extracurricular activities for a second consecutive day on Tuesday, April 14, as
The launch of the secure, real-time intelligence hub marks a paradigm shift for the self-regulatory organization, moving from static guidance to active, collaborative defense. WASHINGTON, D.C. — The Financial Industry Regulatory Authority (FINRA) has officially launched the Financial Intelligence Fusion Center (FIFC), a centralized and secure portal designed to facilitate
A series of sophisticated breaches over the past month, including a 150GB data theft and a disruption of the country's busiest port, reveals how threat actors are leveraging Large Language Models (LLMs) to dismantle state defenses. MEXICO CITY — The Mexican government is reeling from a wave of high-impact