Attackers can disable Cisco firewalls and WLAN controllers

Cisco has released important security updates for various network products. Primarily, DoS attacks are possible.

TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password

TP-Link patched high-severity Archer NX router flaws, including one that could let attackers upload rogue firmware without ...

'Cybercriminals are industrializing deception': new report reveals how major global cybercrime syndicates have infiltrated trusted domains with millions now at risk - he…

NordVPN & TechRadar uncover three global cybercrime campaigns Legacy FCKeditor flaw exploited to hijack 1,300+ domains; ...
Morning Overview on MSN

Leaked iPhone exploit kit on GitHub targets older iOS versions

An exploit kit known as Coruna has appeared on GitHub, bundling working attack code for several Apple iOS vulnerabilities ...
HealthcareInfoSecurity

Breach Roundup: Tycoon2FA Phishing Platform Rebounds

Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a ...
The Hacker News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

The CVE Program, a bedrock of global cyber defense, is teetering on the brink

A funding scare, AI and similar international initiatives are raising existential questions about the program’s future.
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...
The Hacker News

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

CVE-2025-32975 exploited since March 2026 on unpatched KACE SMA systems, enabling admin takeover and payload delivery.