APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Google's Threat Intelligence Group says hackers are using AI for recon, phishing, and malware. Here's what it found and why it matters for everyday users.

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

The goal of cybersecurity has shifted from protecting digital perimeters to addressing threats that change more quickly than conventional defenses can keep up.

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

Sam Altman-led OpenAI accused DeepSeek of ongoing efforts to free-ride on the capabilities developed by OpenAI.

The company identified over 100,000 prompts it suspects were intended to extract proprietary reasoning capabilities.

In the memo, sent Thursday to the House Select Committee on China, OpenAI said that DeepSeek had used so-called distillation techniques as part of “ongoing efforts to free-ride on the capabilities ...