Cybersecurity
Google Chrome Zero-Day Flaws Under Active Attack Prompt Emergency Update
Google has issued an emergency Chrome security update to address two high-severity zero-day vulnerabilities that are actively being exploited in the wild. The flaws, CVE-2026-3909 and CVE-2026-3910, affect Chrome's graphics engine and JavaScript engine respectively, potentially allowing attackers to execute malicious code on vulnerable systems.
Latest
Chicago Cybersecurity Employee Accused of $75M Ransomware Scheme
Federal prosecutors allege Angelo Martino, a former DigitalMint employee, orchestrated ransomware attacks while simultaneously negotiating ransom payments for the victims. The scheme allegedly extracted over $75 million from businesses across multiple industries through coordinated cyberattacks.
Chrome Zero-Day CVE-2026-3910 Exploited in Wild Attacks on V8 Engine
Google has released an emergency Chrome update to patch CVE-2026-3910, a high-severity vulnerability in the V8 JavaScript engine being actively exploited by attackers. The flaw allows remote code execution through malicious HTML pages, marking another significant zero-day threat in 2026.
Telus Probes Cyberattack on Digital Unit by ShinyHunters
Telus Corp. is investigating a cybersecurity breach at its recently reacquired Telus Digital division, where hackers claiming to be ShinyHunters allegedly accessed systems and stole data. The telecom giant says all systems remain operational with no customer service disruptions reported.
Telus Digital Confirms Data Breach After Hacker Claims 1PB Theft
Telus Digital has confirmed a cybersecurity incident following claims by ShinyHunters hackers of stealing nearly 1 petabyte of data. The breach allegedly affects multiple client companies that use Telus Digital's business process outsourcing services.
CrowdStrike Reports 89% Surge in AI-Enabled Cyberattacks
CrowdStrike's 2026 Global Threat Report reveals dramatic escalation in cyber threats, with AI-powered attacks surging 89% and state-backed cloud intrusions increasing 266%. The report highlights concerning trends including record-breaking 27-second attack breakout times and widespread targeting of edge devices.
Data Breach at NADAP Impacts 5,086 NYC Health + Hospitals Patients
A recent data breach involving NYC Health + Hospitals’ partner NADAP has compromised the personal health information of over 5,000 patients. Authorities are responding swiftly to secure the situation and support affected individuals.
Epicenter.tech Breach Exposes Enterprise AI Security Gaps
The Epicenter.tech security breach spanning 2024-2026 highlights critical vulnerabilities in enterprise AI infrastructure and cloud integrations. The incident demonstrates how modern multi-environment architectures create complex security dependencies that traditional cybersecurity models struggle to protect.
Identity Compromise Behind 80% of Cyber Incidents in 2025
Field Effect's 2026 Cyber Threat Outlook reveals that more than 80% of cybersecurity incidents investigated in 2025 stemmed from cloud identity compromise, marking a significant shift in attack methods. The report shows attackers are increasingly bypassing traditional exploits by abusing trusted identities and collaboration platforms like Microsoft Teams.
Cybersecurity Expert Challenges Zero-Day Vulnerability Narrative as Convenient Excuse for Poor Security
Cybersecurity researcher Candy Wong challenges the industry's overreliance on zero-day vulnerabilities as explanations for security breaches, revealing that genuine zero-day exploits account for only 4-12% of attacks, while 88-96% stem from basic security failures like poor patch management and misconfigurations.
HMSA Reports Security Incident, Enhances Cybersecurity Measures
Health Management Systems of America disclosed a security breach involving a single email account. The company has taken steps to secure its systems and protect affected individuals.
Major Data Breach Affects Multiple Mexican Government Agencies
A recent data breach compromised sensitive information from various Mexican government agencies, including SAT, exposing personal data of millions. The incident highlights the growing threat of AI-driven cybercrime.