Microsoft Scrambles to Patch 'RoguePlanet' Defender Zero-Day as DragonForce Ransomware Abuses Teams for Stealth Attacks

Accenture Bets $4.175B on OT Security, Acquiring Dragos, runZero, and NetRise

Accenture is making a monumental $4.175 billion investment to secure a leading position in the operational technology (OT) security market. The consulting giant is acquiring a majority stake in OT threat intelligence leader Dragos, while fully acquiring asset...

INC Ransomware Skyrockets to Top-Tier Threat, Claiming Over 830 Victims

The INC ransomware-as-a-service (RaaS) group has rapidly become one of 2026's most prolific threats, claiming over 830 victims since August 2023. Capitalizing on the downfall of rivals like LockBit and BlackCat, INC has scaled its operations by attracting skil...

UK NCSC: Hostile States Behind 75% of Attacks on Critical Infrastructure

The head of the UK's National Cyber Security Centre (NCSC) has issued a stark warning, revealing that hostile state actors are believed to be responsible for 75% of the 200+ cyber incidents targeting the nation's critical infrastructure in the past year. NCSC...

Cisco Patches Critical RCE Flaw (CVE-2026-20181) in ISE with 9.1 CVSS Score

Cisco has released urgent security updates for its Identity Services Engine (ISE) to fix a critical vulnerability, CVE-2026-20181, with a CVSS score of 9.1. The flaw could allow a remote, authenticated administrator to execute arbitrary commands with root priv...

Attacks on Legacy Systems Hit 77% of UK Utility Companies, Report Finds

A new report from cybersecurity firm Bridewell reveals a troubling trend in the UK's critical infrastructure sector: 77% of utility companies have experienced cyber attacks targeting their legacy equipment and outdated operational technology (OT) in the last 1...

Kodak Confirms Data Breach After ShinyHunters Threatens to Leak 2.2M Records

Eastman Kodak Company has confirmed it suffered a data breach after the notorious ShinyHunters extortion group listed the company on its dark web leak site. ShinyHunters claims to have stolen 2.2 million records, including customer PII and internal data, and h...

Atlassian and Splunk Push Critical Patches for RCE and Dependency Flaws

Splunk and Atlassian have issued a series of security updates to address multiple vulnerabilities, some critical. Splunk patched a 9.1 CVSS command injection flaw (CVE-2026-20266) in its AI Toolkit that could lead to remote code execution. Simultaneously, Atla...

WALLIX and Inria Partner to Develop Sovereign AI for Cybersecurity in France

French cybersecurity firm WALLIX and Inria, France's national research institute for digital science, have formed a strategic partnership to accelerate the development of trusted, sovereign artificial intelligence for cybersecurity. Announced at VivaTech 2026,...

Iranian APT 'Screening Serpens' Unleashes New RATs in Espionage Attacks on US, Israel, and UAE

Update:The Iran-linked APT group UNC1549 has expanded its cyber-espionage campaign from regional to global targeting, focusing on the aerospace, aviation, and defense industries. The group now leverages spear-phishing links to fake career portals to deliver custom ma...

Microsoft Confirms 'RoguePlanet' Zero-Day in Defender, Patch in Development

Update:The 'RoguePlanet' zero-day (CVE-2026-50656) in Microsoft Defender is now confirmed to affect Windows Server 2019 and 2022, expanding its potential impact. The vulnerability has been assigned a CVSS score of 7.8. While Microsoft has not observed active exploita...

DragonForce Ransomware Abuses Microsoft Teams Servers for C&C in Novel Attack

Update:Further analysis of the DragonForce ransomware campaign reveals that the 'Backdoor.Turn' malware leveraged a previously undisclosed Huawei driver vulnerability for privilege escalation, allowing the threat actors to achieve SYSTEM-level access. Crucially, the...