A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory
Poor patch management, increasingly complex IT environments and continued use of obsolete software puts organizations at risk from cyber threats, says the Absolute Security 2026 Resilience Risk Index
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
New UK Online Crime Centre will combine expertise from a range of sources to takedown online channels cyber-scammers rely on
Spain's police force has announced that it has arrested a 20-year-old man who they claim managed to book luxury hotel rooms worth up to €1,000 a night for just one euro cent. Read more in my article on the Hot for Security blog.
Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development
iOS 26.4 Beta adds end-to-end encryption for RCS messaging and enhanced Memory Integrity Enforcement
This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon
Sonatype warns that open source threats became industrialized with a surge in malicious packages in 2025
Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula
Sophisticated malware previously thought to be the work of a well-resourced cyber-crime group was built by one person - with the aid of AI tools