Aura confirms breach of 900,000 marketing contacts
Aura says an unauthorized party accessed nearly 900,000 marketing contact records, exposing names and email addresses and raising phishing risks.
Leaked Ariomex database sheds light on Iranian crypto sanctions evasion
A leaked Ariomex database may reveal how Iranian actors used crypto to move funds under sanctions pressure, while exposing users to serious privacy ri
Former defense contractor executive gets 7+ years for selling zero-days to Russia
A former L3Harris executive got 7+ years for selling stolen zero-days to a Russian broker, exposing insider risks in the cyber-industrial base.
Google patches Chrome zero-day after confirming in-the-wild exploitation
Google issued an emergency Chrome update for CVE-2024-4671, a high-severity zero-day reportedly exploited in the wild.
NCSC warns critical infrastructure firms to act now after severe attacks hit Polish energy providers
The NCSC is warning critical infrastructure operators to act now after severe disruptive cyber-attacks hit Polish energy providers.
CISA flags actively exploited SolarWinds Web Help Desk flaw
CISA added critical SolarWinds Web Help Desk flaw CVE-2024-28986 to KEV, warning that attackers are already exploiting it in the wild.
AI voice and virtual meeting fraud jumped 1210% in a year, Pindrop says
Pindrop says AI-powered voice and virtual meeting fraud surged 1210% in a year, raising risks for payments, call centers and remote work.
Critical and high-severity n8n sandbox flaws open path to remote code execution
Two severe n8n sandbox flaws could enable remote code execution, putting self-hosted automation servers and stored secrets at risk.
World Leaks claims 1.4TB Nike data breach as extortion-only attacks keep rising
Nike is investigating World Leaks’ claim of a 1.4TB data dump, highlighting the rise of extortion-focused attacks without confirmed encryption.
Microsoft fixes three zero-days in first Patch Tuesday of 2026
Microsoft’s first Patch Tuesday of 2026 fixes three zero-days, including one already exploited, prompting urgent patching.
Google patches Chrome’s fifth zero-day of the year
Google fixed Chrome zero-day CVE-2023-4863, a libwebp flaw under active attack that could allow arbitrary code execution.
How CISOs can survive geopolitical cyberattacks
Geopolitical cyberattacks increasingly favor wipers and disruption, pushing CISOs to focus on segmentation, containment, and recovery.