ENISA, the EU’s Cybersecurity Agency, is strengthening its ties with the US-funded Common Vulnerabilities and Exposures (CVE) program, a top leader of the agency has announced. Invited to speak at VulnCon26’s opening keynote in Scottsdale, Arizona, on April 14, Nuno Rodrigues… Read More "ENISA Seeks Top-Tier Status in CVE Program"
A total of 201 individuals were arrested, and 382 additional suspects were identified in a law enforcement crackdown on phishing and malware threats in the Middle East and North Africa (MENA) region. Named Operation Ramz, the 13-country effort also resulted… Read More "201 Arrested in Crackdown on Cybercrime in Middle East, North Africa"
Cyble Named a Challenger in the Inaugural 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies One of the only two vendors recognized as a Challenger out of 17 evaluated vendors in the first-ever Gartner® evaluation of cyberthreat intelligence market. In… Read More "Cyble Named A Challenger In The Inaugural 2026 Gartner® Magic Quadrant™ For Cyberthreat Intelligence Technologies"
Ravie LakshmananMay 19, 2026Vulnerability / Email Security Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails… Read More "SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access"
“AI-driven attacks accelerate adversary actions and adaptation, so a slow recovery increases the window for re-compromise,” she adds, warning that extended outages can create cascading failures across interdependent internal and third-party systems. Additionally, manual work-arounds deployed during and after an… Read More "7 tips for accelerating cyber incident recovery"
A popular open source developer has revealed that hackers stole its codebase and tried to blackmail the firm into paying a ransom. Grafana Labs produces AI-powered analytics and visualization app Grafana. It said in a series of posts on X… Read More "Grafana Labs Confirms Hackers Stole Source Code"
Once someone submits a takedown request, a platform has up to 48 hours to determine whether it is valid. If it decides that it is, then it has to remove both the content reported and any identical copies. Several larger… Read More "How to Make Apps and Websites Remove Your Nonconsensual Nudes"
Ravie LakshmananMay 19, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version… Read More "Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer"
Threat actors are eschewing traditional malware-driven attacks in order to bypass security tools and socially engineer their victims, according to a new study from Bridewell. The consulting specialist made the claims in its Cyber Threat Intelligence Report 2026, published on May… Read More "Hackers Bypass Security Tools to Target Users Directly"
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. “The attack affects packages tied to the npm maintainer… Read More "Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account"
