The News.
Daily intel.

Daily breach reporting, CVE disclosures, malware analyses, and threat campaigns. Yesterday's incidents, this morning's coverage — written by practitioners for the analysts and defenders who need it first.

148

Articles

143

Updated this month

14k+

Monthly readers

Showing 109–117 of 148 articles 143 updated this month

Beginner 3.8k

News 3 min read

Chrome 147 and Firefox 150 Patch Critical Code Execution Vulnerabilities

Chrome 147 and Firefox 150 address critical and high-severity arbitrary code execution vulnerabilities. Firefox 150 also patches 271 AI-found bugs. Update both browsers now.

Beginner 4.1k

News 6 min read

Pentagon Signs AI Deals With Seven Tech Companies for Classified Network Use

DoD signs AI integration agreements with Google, Microsoft, AWS, Nvidia, OpenAI, Reflection, and SpaceX to deploy AI on classified systems via GenAI.mil. Anthropic excluded over autonomous weapons dispute.

Intermediate 2.6k

News 7 min read

CISA AA26-097A: CyberAv3ngers Target 5,219 Exposed Rockwell Allen-Bradley PLCs

CISA advisory AA26-097A: Iranian IRGC-linked CyberAv3ngers exploit internet-exposed Rockwell Allen-Bradley PLCs using legitimate Studio 5000 software. 5,219 devices at risk.

Beginner 3.7k

News 6 min read

Microsoft Defender Removes Trusted DigiCert Root Certificates Worldwide

Microsoft Defender signature update 1.449.424.0 incorrectly flags DigiCert root CAs as Trojan:Win32/Cerdigent.A!dha and removes them from Windows. Fix: update to 1.449.430.0.

Beginner 2.5k

News 4 min read

Microsoft tests modern Windows Run, says it's faster than legacy dialog

Microsoft tests modern Windows: Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance i...

Beginner 419

News 4 min read

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

Criminal Securonix ThreatQ Collaborate: Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate ex...

Beginner 3.8k

News 4 min read

NSA GRASSMARLIN CVE-2026-6807: XXE Flaw in End-of-Life OT Tool Has No Patch

CVE-2026-6807 in NSA GRASSMARLIN exposes an XXE info disclosure flaw in an ICS/SCADA network mapping tool that is end-of-life with no patch available.

Intermediate 561

News 7 min read

ConsentFix v3 Bypasses Azure MFA via Automated OAuth Abuse

ConsentFix v3 automates OAuth code theft in Microsoft Entra ID, bypassing MFA and Conditional Access on Azure CLI and first-party apps. No patch available.

Beginner 2.2k

News 6 min read

Bluekit Phishing Kit Bundles AI Assistant and 40 Templates for Scalable Campaigns

Bluekit is a new PhaaS platform with 40+ templates, AI assistant, anti-bot evasion, session theft, and Telegram exfiltration — targeting Gmail, GitHub, iCloud, Ledger, and more.