Security Bulletin

The cyberattack on Mackay Sugar occurred during its peak crushing season, forcing two of its three mills offline and disrupting operations.

As reported by Bleeping Computer, the U.S. Federal Bureau of Investigation (FBI) has issued a warning regarding a trend in cryptocurrency investment scams, commonly known as "pig butchering" or "romance baiting."

The SearchLeak vulnerability, identified as CVE-2026-42824, is a three-stage attack chain developed by Varonis researchers.

1Password, known for its password manager, will integrate Apono's just-in-time access management platform to secure cloud environments and manage AI agent access.

The integration connects Zscaler Private Access, which grants application access based on identity and policy without users landing on the corporate network, with Gigamon Application Metadata Intelligence.

Unit 42 says exploited PAN-OS GlobalProtect flaw remains a VPN risk despite patches.

The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks.

The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables.

Ai has broken our patching system – and here’s what needs to change.

Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to target numerous institutions and exfiltrate sensitive data.

Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures.