A two-year-old WebLogic vulnerability is listed on CISA’s catalog of actively exploited vulnerabilities, signaling attackers to target long-unpatched systems.
A critical buffer overflow vulnerability (CVE-2026-0826) in HP Poly conference phones allows unauthenticated attackers to gain root access and potentially capture voice recordings for AI-based deepfakes.
Large-scale malware distribution operation hijacks legitimate websites through TDS systems to redirect users to malicious sites and reveals critical gaps in the domain trust chain.
China is deploying coordinated spear-phishing with Azureveil malware against targets in Czechia and Taiwan to systematically exfiltrate data from high-value organizations.
Trump strikes a compromise between AI innovation and cybersecurity by establishing voluntary national security reviews for advanced AI models without imposing licensing or pre-approval requirements.