Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked… Read More »Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and… Read More »Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and… Read More »Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools… Read More »3 Ways to Start Your Intelligent Workflow Program
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a… Read More »Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to… Read More »Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The… Read More »CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow… Read More »Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor… Read More »Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an… Read More »SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer