One Rented VM. Sixteen Years. And a Clean Path to the Whole Server.
A newly disclosed KVM flaw VM escape bug lets one rented cloud instance break out and hijack the entire host server.
Stay updated with the latest cybersecurity news, threat intelligence, and industry updates from secure.com.
A newly disclosed KVM flaw VM escape bug lets one rented cloud instance break out and hijack the entire host server.
New research shows the vast majority of outdated WordPress sites are running old code that attackers scan for daily.
A single Windows device ID drove the Scattered Spider arrest, showing how attackers get traced long after the attack.
New BeyondTrust vulnerabilities let attackers bypass login and grab admin control, and self-hosted users need to patch now.
Researchers just confirmed the first LLM-driven ransomware attack, and the AI ran every step on its own.
Bad Epoll (CVE-2026-46242) is a zero-day Linux kernel flaw that lets any unprivileged user escalate to root on Linux servers, desktops, and Android devices.
The PolinRider supply chain attack shows how North Korean hackers are hiding malware inside trusted developer tools.
OpenAI Patch the Planet pairs AI with human reviewers to hunt and fix flaws in the open source code that runs much of the internet.
The CodeStorm phishing kit slips past email filters and MFA to steal Microsoft 365 logins in real time, and it is hitting many companies at once.
A newly disclosed Squidbleed Squid proxy vulnerability has been hiding in the software since 1997 and can leak other people's data.
A Mastra npm supply chain attack quietly turned 144 trusted AI packages into a credential-stealing trap.
The RokaRolla banking trojan turns one bad download into full control of your Android phone.