Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

The deal, which has yet to be approved by the leaders of the US and Iran, comes as fighting resumes.

The drone crashed in the city of Galati while Russia was carrying out attacks on Ukraine, according to Romania's foreign minister. Russia has not commented.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

The future of the ceasefire between the U.S. and Iran has come into question following the second exchange of fire between the countries in less than ...

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.

The U.S. military has accused Iran of violating a fragile ceasefire after Kuwait reported coming under attack following an American strike against the Islamic Republic. It's the latest flare-up of ...

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Writing code that interacts with LLM services requires bridging two different worlds. Use these tips and techniques to bind ...

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...