Security

CISA GovCloud leak exposed AWS keys and internal passwords on GitHub since November 2025, revealing dangerous contractor security lapses.

TruKinetics DHS contract training SRT criticized after founder's 4 deadly shootings. Immigration shift exposes vendor vetting gaps.

Well-incentivized ransomware industry dynamics are on display after Instructure's agreement with ShinyHunters over 275 million student records.

YellowKey exploit bypasses default Windows 11 BitLocker. Attackers can access encrypted drives. Here's what you need to do.

KongTuke uses Microsoft Teams to deliver ModeloRAT in corporate breaches, gaining access in under five minutes.

A critical WinRAR zero-day vulnerability is being actively exploited in targeted attacks, allowing remote code execution.

A critical unpatched Apache Tomcat zero-day is under active attack. The flaw allows RCE via HTTP/2 multiplexing and has already hit telecom infrastructure.

A critical zero-day in Sophos firewalls is being actively exploited by ransomware groups, with no workaround yet available — admins must patch immediately.

Atlassian Confluence zero-day exploited in wild attacks. CISA warns of active exploitation, patch now.

CISA warns of active exploitation of a deserialization flaw in Trimble Cityworks, enabling remote code execution on critical infrastructure.

A critical zero-day vulnerability in VMware vCenter Server is under active exploitation, allowing attackers to gain complete control over virtualized environments.

Linux netfilter zero-day exploited in wild. Critical vulnerability allows remote code execution on affected Linux systems.