Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT,…

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

Ravie LakshmananMar 12, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of…

Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes

Ravie LakshmananMar 11, 2026Artificial Intelligence / Browser Security Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into…

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Ravie LakshmananMar 11, 2026 Vulnerability / Application Security Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution.…

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Ravie LakshmananMar 11, 2026Cybercrime / Artificial Intelligence Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand,…

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

Ravie LakshmananMar 11, 2026Vulnerability / Enterprise Security SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed…

What Boards Must Demand in the Age of AI-Automated Exploitation

“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For…

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are…

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim’s cloud environment…

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below – chrono_anchor dnp3times time_calibrator…

« Previous
1
…
25
26
27
28
29
…
495
Next »