From May 2026, NIS2 requirements will be actively enforced by EU authorities, the implementation deadline expires and enforcement measures take effect.
The traded dataset is likely a combolist compiled from older password breaches, which attackers can use via credential stuffing and targeted phishing to access Instagram accounts.
A locally hosted open-source language model enables a malware prototype to perform independent reasoning, network exploration, and replication without external AI APIs.
The critical vulnerability CVE-2026-50571 with CVSS 9.3 allows attackers to establish VPN sessions without valid passwords and has been actively exploited against organizations worldwide since May.
Unauthenticated attackers can gain VPN access without a password through a certificate verification flaw in IKEv1 configuration and are being exploited by ransomware groups.
LiteLLM contains critical SQL injection and code execution vulnerabilities that allow complete database access and remote code execution as a system service.
Attackers systematically exploit AI branding in social engineering campaigns to manipulate employees — the attack vector is shifting from technical to behavioral vulnerabilities.