WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...

Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files

Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious ...
The Hacker News

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Cisco warns CVE-2026-20127 (CVSS 10.0) in SD-WAN is exploited since 2023 to gain admin access; CISA adds it to KEV and mandates urgent fixes.
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

Why encrypted backups may fail in an AI-driven ransomware era

Why encrypted backups may fail in an AI-driven ransomware era ...
CSO Online

New Serv-U bugs extend SolarWinds’ run of high-severity disclosures

Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.
HealthcareInfoSecurity

Breach Roundup: Finnish Hacker Sentenced to Nearly 7 Years

This week, Finland's Aleksanteri Kivimäki sentenced. ShinyHunters breaches. Laptop farm rancher sentenced. Oregon state ...

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...
CIO

SASE and SSE have a vulnerable blind spot: The endpoint

SSE and SASE can’t protect compromised endpoints, creating a dangerous security gap enterprises must close. Learn how to ...
MindaNews

SPECIAL REPORT | Young, vulnerable: Stories from Mindanao’s trafficked minors

In some stories, they make it across and no one hears from them again. In others, girls -- between 13 and 23 -- ...
Cybernews

One-click disaster: Microsoft’s Entra tokens can grant access to corporate emails, and that’s a problem

Attackers are targeting OAuth tokens to access emails. Learn how ChatGPT permissions highlight risks for Microsoft Entra tenants.
Opinion

The 'Admin Night' TikTok Trend Is a Symptom of a Toxic Culture

The first images that come to mind when you hear “Admin night” might be of a fun evening out for office support staff, but the trend is significantly less entertaining. As one primer on the practice ...