Latest Cybersecurity News
View all →
Device code phishing attacks surge 37x as new kits spread online
Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year. In this…
Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild
Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already being actively exploited by threat…
Anthropic Ends Claude Subscription Access for Third-Party Tools Like OpenClaw
Anthropic has officially shut down third-party AI agent access to its Claude subscription services, pulling the plug on unauthorized external integrations. This move marks a…
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
A coordinated group of hackers is currently targeting Open Source Maintainers, particularly those managing Node.js and npm, following a high-profile attack on the popular Axios…
FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation…
The State of Trusted Open Source Report
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption…
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
A threat actor has been exploiting vulnerable Next.js applications to compromise systems and exfiltrate credentials at scale, Cisco’s Talos security researchers warn. Tracked as UAT-10608,…
Hong Kong Hospital Authority apologises for data breach involving 56,000 patients
Hong Kong’s privacy watchdog and police are investigating a large-scale data leak involving more than 56,000 patients served by the Hospital Authority, which reported the…
Claude Code is still vulnerable to an attack Anthropic has already fixed
The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a vulnerability documented in the code. The vulnerability,…