Attackers can remotely execute commands on vulnerable industrial robots without requiring authentication Outdated factory robots may expose entire manufacturing networks to devastating cyberattacks ...

Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today to fix a “highly critical” SQL injection vulnerability in the application’s ...

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. UniFi OS is a unified operating system ...

Days after asserting that its online answer-sheet evaluation system had been “neither compromised nor suffered from the vulnerabilities” flagged by cybersecurity researchers, the Central Board of ...

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...

XDR is one of security's buzziest acronyms—and for good reason. XDR, which stands for eXtended Detection and Response, promises to provide more timely and accurate threat detection by gathering and ...