Trump administration rolls out new US cyber strategy after 15-year gap
The White House unveiled a new national cyber strategy focused on stronger defenses, threat disruption, critical infrastructure, and innovation.
FIRST says 2026 could bring more than 50,000 new CVEs
FIRST forecasts that newly disclosed CVEs could exceed 50,000 in 2026, raising the pressure on already stretched vulnerability teams.
AI may help spot smartphone phishing, but it won’t stop the surge alone
Dark Reading reports Omdia found smartphone phishing is bypassing on-device protections, while AI helps both defenders and attackers.
Gru-linked BlueDelta sharpens credential-harvesting operations across Europe and Eurasia
Recorded Future says GRU-linked BlueDelta is refining phishing and session-theft campaigns targeting government, energy, and research groups.
Tentacles of ‘0ktapus’ threat group victimize 130 firms
The 0ktapus campaign hit 130+ firms by spoofing Okta MFA flows, showing how phishable authentication can enable wide account takeover.
VoidStealer uses debugger trick to steal Chrome’s encryption key
VoidStealer reportedly bypasses Chrome ABE with a debugger trick, exposing cookies, passwords, and session tokens to account hijacking.
Rapid7 says exploit windows are shrinking to days after vulnerability disclosure
Rapid7 says the median time from vulnerability disclosure to CISA KEV inclusion has dropped to five days in 2025.
ClickFix campaigns use fake AI installers to push MacSync infostealer on macOS
Three ClickFix campaigns are using fake AI installers to trick macOS users into running terminal commands that deploy the MacSync infostealer.
Oracle patches critical flaw in Identity Manager that could allow unauthenticated remote code execution
Oracle fixed CVE-2026-21992, a critical 9.8 flaw in Identity Manager and Web Services Manager enabling unauthenticated remote code execution.
Microsoft patches two publicly disclosed zero-days in March security update
Microsoft fixed 79 flaws in March, including two publicly disclosed zero-days affecting Windows SmartScreen and Microsoft Office.
Cloud attackers are shifting from stolen credentials to software exploits, Google Cloud says
Google Cloud says attackers increasingly breach cloud environments through software exploits instead of stolen credentials.
Hackers exploited critical Langflow bug within 20 hours of disclosure
Sysdig says attackers started exploiting Langflow RCE flaw CVE-2025-3248 within 20 hours of disclosure, hitting exposed instances.