Security Boulevard

Payouts King Takes Aim at the Ransomware Throne

IntroductionIn February 2022, BlackBasta emerged as a successor to Conti ransomware and quickly rose to prominence. BlackBasta was operational for three years until February 2025 when their internal ...
CRN

VMware’s New Tanzu Platform And AI Agents: 10 Security, Data And AI Key Innovations

VMware Tanzu Platform new innovations include AI agent foundations on VCF, a revamped Tanzu Data Intelligence, new AI ...

Oracle Brings Mission-Critical Availability To The Agentic AI Era

Oracle AI Database 26ai introduces Platinum and Diamond availability tiers, post-quantum cryptography, and AI agent data ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
eWeek

One-Click Prompts Land in Chrome's Gemini

Google is rolling out Skills to the Gemini sidebar in Chrome, letting you save any prompt—as simple as "summarize this tab" ...
Security Boulevard

Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)

Critical154Important1Moderate0LowMicrosoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day ...

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.
Redmondmag.com

5 Early Signs of Ransomware

Ransomware attacks are faster, stealthier, and harder to stop than ever. This guide reveals the subtle indicators that attackers leave behind in the earliest stages — before encryption begins — and ...
PharmTech

Hidden Liability: Why Legacy Web Forms Put Life Sciences Organizations at Critical Risk

Legacy web forms used for clinical trial recruitment, adverse event reporting, laboratory data collection, and regulatory ...