APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, researchers at Check Point have said. The attackers leveraged ...

Saga’s US dollar-pegged stablecoin has dropped to $0.75, while the protocol's total value locked has fallen by around 55% over the past 24 hours. Layer-1 blockchain protocol Saga has paused its ...

Security professionals hunting PoCs and exploit code on GitHub might soon walk into a trap, as attackers redirect a known RAT toward them. Researchers have uncovered a stealthy campaign in which the ...

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...

Update: A minibus spending package passed by the House of Representatives on January 8, 2026, effectively cancels the Mars Sample Return program by eliminating almost all funding for future missions.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Admit it: the first thing you think of when ransomware is ...

Earlier this year, a developer was shocked by a message that appeared on his personal phone: “Apple detected a targeted mercenary spyware attack against your iPhone.” “I was panicking,” Jay Gibson, ...

Thousands of networks—many of them operated by the US government and Fortune 500 companies—face an “imminent threat” of being breached by a nation-state hacking group following the breach of a major ...

A hacker has pulled off one of the most alarming AI-powered cyberattacks ever documented. According to Anthropic, the company behind Claude, a hacker used its artificial intelligence chatbot to ...

Ledger chief technology officer Charles Guillemet said that while the immediate danger had passed, the threat still exists. A recent Node Package Manager (NPM) attack stole just $50 worth of crypto, ...

An AI-powered offensive research system has created more than a dozen exploits for vulnerabilities, bringing down the time to develop to less than 15 minutes in many cases, highlighting the impact ...