A new phishing campaign abuses the .arpa TLD to host malicious content and hides its location via Cloudflare’s infrastructure.

Forty-two cybersecurity-related merger and acquisition (M&A) deals were announced by companies in February 2026.

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

A newly discovered InstallFix campaign relies on malicious commands on cloned installation webpages to trick victims into installing malware.

New U.S. cybersecurity strategy outlines six pillars aimed at deterring cyber threats, protecting critical infrastructure, ...

Recent Cisco Catalyst SD-WAN vulnerability, initially exploited as a zero-day, is now being used more frequently by threat actors.

Google says 90 zero-day vulnerabilities were exploited in the wild in 2025, and an increasing percentage were aimed at enterprises.

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

Security firms monitoring US-Israel-Iran cyberattacks report that while hacktivist attacks spiked, state-sponsored actors ...

LexisNexis has confirmed a data breach after hackers leaked data allegedly stolen from its systems, but impact is limited.

The FBI is investigating “suspicious activities” on a system that contains sensitive information related to surveillance ...

CVE-2021-22681, an old vulnerability affecting ICS products from Rockwell Automation, has been exploited in attacks.