Charter confirms data breach after ShinyHunters extortion threat

U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Microsoft Defender can now automatically isolate hacked endpoints

Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart ...

How Varonis Atlas integrates Claude Compliance API for AI governance

AI governance requires visibility into how AI tools interact with enterprise data. Varonis explains how its Atlas platform ...

Webinar: Too many tools are slowing network incident response

IT teams often need to jump between monitoring dashboards, infrastructure tools, ticketing systems, and communication ...

CISA orders feds to patch actively exploited Drupal vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection ...

7-Eleven data breach exposes personal information of 185,000 people

The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of ...

Microsoft: Domain Controller lookup may fail on Windows Server 2016

Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail ...

Anthropic’s restricted Claude Mythos model may be coming to Claude Code

Anthropic appears to be preparing for the public rollout of the Mythos model, which was announced in April as a restricted ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass ...

Ubiquiti patches three max severity UniFi OS vulnerabilities

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges.