Cyber Security News

Email filters are important, but they can’t remove phishing risk on their own. Today’s campaigns are built to slip through the cracks, using fresh domains, CAPTCHA checks, fake login pages, OTP theft, and even legitimate RMM tools.

For security leaders, the bigger issue is business exposure. One missed email can slow response, create uncertainty, and leave teams un...

Foxconn has officially confirmed a cyberattack targeting its North American operations after the Nitrogen ransomware gang publicly listed the company on its data leak site, claiming to have stolen a staggering 8 terabytes of sensitive data.

The Nitrogen ransomware group made its move on Monday, posting Foxconn on its breach and extortion portal and asserting it had ...

A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race condition, making it one of the more reliable local privilege escalation exploits seen in recent years.

Discovered by William Bowling of the V12 security team, Fragnesia joins a growing class of dangerous kernel bug...

A cyberattack campaign that tricks users into running malicious commands on their own computers has taken a dangerous new turn. The technique, known as “ClickFix,” has been circulating for some time, but a recent incident revealed that attackers are now pairing it with a 10-year-old open-source Python tool to create a far more resilient form of access.

What was onc...

A critical security flaw has been found in SandboxJS, a widely used JavaScript sandboxing library available on npm. The vulnerability allows attackers to break out of the sandbox entirely and run any code they want directly on the host system.

Tracked as CVE-2026-43898, it carries a maximum severity score of 10.0, which is as serious as a security vulnerability can...