Vulnerability Management: The Complete Guide

A complete guide to vulnerability management: what vulnerabilities are, how they are scored and disclosed, the management lifecycle, and how to build a program.

Netherlands Seizes 800 Servers of Stark Industries, a Bulletproof Hoster Tied to Russia

Dutch financial-crime investigators seized 800 servers and arrested two men tied to Stark Industries, a hosting firm researchers have long described as a bulletproof hoster. The action targets the shared infrastructure layer beneath Russian state-aligned cyber and influence operations.

Ubiquiti Patches Three CVSS 10.0 UniFi OS Flaws — All Remotely Exploitable Without a Login

Ubiquiti has patched three maximum-severity flaws in UniFi OS — the operating system behind its gateways, Dream Machines, and network video recorders. All three are rated CVSS 10.0, and all three are remotely exploitable by an attacker with no privileges.

Trend Micro Apex One Zero-Day CVE-2026-34926 Is Under Active Exploitation

Trend Micro's own Incident Response team discovered CVE-2026-34926, a directory-traversal zero-day in Apex One, while it was being exploited. CISA added it to the KEV catalog with a June 4 federal deadline. Its modest 6.7 CVSS score conceals an environment-wide blast radius.

Megalodon Campaign Backdoored 5,561 GitHub Repositories via Poisoned CI/CD Workflows

An automated campaign called Megalodon pushed 5,718 malicious commits to 5,561 GitHub repositories in six hours, hiding secret-stealing payloads inside CI/CD workflow files. It weaponizes the merge — the most routine action in software development.

Trump Mobile Confirms Third-Party Platform Exposed Customer Names, Addresses, Phone Numbers

Trump Mobile confirmed customer names, email and mailing addresses, phone numbers, and order identifiers were exposed to the open internet via a third-party platform provider, and said it is still evaluating whether it must notify affected customers.

Iran-Nexus APT Screening Serpens Hijacks .NET Apps to Disable Their Own Defenses

Palo Alto Networks' Unit 42 is tracking Screening Serpens, an Iran-nexus APT that fuses DLL sideloading with AppDomainManager hijacking to make .NET applications switch off their own security mechanisms, then deploys six new RATs across the U.S., Israel, and the UAE.

ClickFix Attack Hits Based Apparel: Fake Cloudflare Check Hid a macOS Infostealer

The Based Apparel merchandise site was pulled offline on May 22 after reports it served a ClickFix attack: a fake Cloudflare check whose copy button placed a hidden shell command on the clipboard for visitors to paste into their own terminal.

KimWolf DDoS-for-Hire Botmaster Arrested: Canada Charges 23-Year-Old, US Seeks Extradition

Canadian authorities arrested Jacob Butler, 23, of Ottawa, known online as 'Dort,' the alleged operator of the KimWolf DDoS-for-hire botnet. The US has charged him and is seeking extradition. KimWolf allegedly grew to nearly two million infected devices.

Types of Cyberattacks: The Complete Guide

A complete guide to the major types of cyberattacks — from malware and phishing to injection, credential, and AI-enabled attacks — and how to defend against each.

Cisco Secure Workload Has a CVSS 10.0 Flaw — Unauthenticated Attackers Can Seize Site Admin of the Tool Built to Contain Them

Cisco patched CVE-2026-20223, a CVSS 10.0 flaw in Cisco Secure Workload: insufficient authentication on internal REST API endpoints lets an unauthenticated attacker seize Site Admin — full control of the microsegmentation platform built to contain attackers.

Europol Dismantles 'First VPN' — the Cybercrime Underground's Most-Used Anonymity Service — and Walks Away With a List of Thousands of Its Users

A Europol- and Eurojust-coordinated operation dismantled First VPN — a service Europol calls the most widely used in the cybercrime underground — arresting an admin, seizing 33 servers, and identifying thousands of cybercrime-linked users. The intelligence yield is the story.