CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...

A hacker tricked a popular AI coding tool into installing OpenClaw — the viral, open-source AI agent OpenClaw that “actually does things” — absolutely everywhere. Funny as a stunt, but a sign of what ...

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.

The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government ...

Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. On January 26, ...

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...

Apologies if I missed this in the article - does this equally affect Office for the Mac as well as the PC? Click to expand... Don't know, although the CVE link should have that info. But there are ...

New research finds that 48% of cyberattacks involve your web browser - and AI is only making matters worse. Follow these best practices to protect yourself.

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.