Latest Cybersecurity News
View all →
Amazon Q Vulnerability: Compromise via MCP Auto-Execution
Severity High CVE CVE-2026-12957 Affected Versions Language server version < 1.65.0 Fixed In Language server version 1.65.0 Vendor Amazon Web Services Status Fixed Wiz Research…
Your First GRC Agent: A Red Teamer’s Walkthrough
By Maril Vernon, GRC Engineering Evangelist, Anecdotes. Every vendor on every panel right now is saying the word “agentic.” But most of them can’t explain…
New Bluekit Phishing-as-a-Service Bypasses MFA to Steal Microsoft Login Credentials
A sophisticated Phishing-as-a-Service (PhaaS) platform called Bluekit has been confirmed operational at scale, with cybersecurity firm Netcraft detecting approximately 70 live hostnames in a single…
Reasonable Reliance: The Test Duty-Holders Are Quietly Being Held To
After a serious incident, investigations usually begin with documentation, but they rarely end there. Certificates are reviewed, maintenance records examined, and procedures traced carefully. Competence,…
Water and Wastewater Systems Become Strategic Targets for Russia, China, and Iran
Water and wastewater systems have become strategic gray‑zone targets for Russia, China, and Iran, driven by chronic underinvestment and weak operational‑technology (OT) defenses that make…
macOS Flaw Allowed Standard Users to Disable CrowdStrike and Kandji Security Tools
Cybersecurity defence firm XM Cyber has found a security flaw in the Apple macOS operating system. The issue centres on a vulnerability within the core…
Insider Threat: Cybersecurity Needs To Go Above And Beyond
26 Jun Insider Threat: Cybersecurity Needs To Go Above And Beyond Posted at 08:11h in Blogs by Taylor Fox This week in cybersecurity from the…
Synology issues critical fix for MailPlus Server vulnerabilities
Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update…
Malware steals Chrome session cookies to take over your accounts
An email attachment leads to the installation of a malicious Chrome extension. Researchers say it is part of a Windows backdoor delivered via a phishing…