Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.

Linux explores new way of authenticating developers and their code - here's how it works ...

It looks like a cute little dolphin-themed toy, but the Flipper Zero is a surprisingly powerful learning tool for hacking. Here's how I mastered mine—and how you can, too.

The U.S. Treasury Department has sanctioned a Russian exploit broker who bought stolen hacking tools from a former executive of a U.S. defense contractor.

The former boss of a U.S. hacking tools maker was jailed for selling highly sensitive software exploits to a Russian broker.

Former US defense contractor executive Peter Williams was sentenced to prison for selling exploits to a Russian cyber-tools broker.

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.

The Android ransomware module on the tool’s roadmap extends this further, says the report. “If the developer delivers [the ransomware module], a single Steaelite licence could cover both corporate ...