Your Daily Dose of Cybersecurity News

Technology

FBI warns about fast-growing phishing kit targeting Microsoft 365 users

This platform, distributed via Telegram channels, provides cyber threat actors with AI-generated phishing lures and automated campaign templates, allowing them to capture OAuth tokens without intercep...

May 30, 2026 · SecurityXP Team

Technology

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

The flaw, which affects Ghost versions 3.24.0 through 6.19.0, allows unauthenticated attackers to read arbitrary data from the website database.

May 30, 2026 · SecurityXP Team

Vulnerabilities & Exploits

Critical VMware Zero-Day Vulnerability Under Active Exploitation

A critical remote code execution vulnerability in VMware vCenter Server is being actively exploited in the wild. CVE-2025-1234 carries a CVSS score of 9.8 and affects all recent versions. Immediate patching is recommended.

May 26, 2026 · SecurityXP Team

Latest News

Malware & RansomwareMay 25, 2026·1 min read

Ransomware Attack Disrupts Major Healthcare Provider Operations

A sophisticated ransomware attack has disrupted operations at a major healthcare provider, affecting patient care systems across multiple facilities. Learn about the attack vectors, impact, and mitigation strategies.

AI/ML SecurityMay 24, 2026·1 min read

New EU AI Security Regulations: What Organizations Need to Know

The European Union has introduced comprehensive AI security regulations requiring organizations to implement security measures for AI systems. We break down the requirements, timelines, and compliance steps.

Threat IntelligenceSep 18, 2025·3 min read

CISA Issues Nine Urgent Advisories on Industrial Control Systems Vulnerabilities

In a critical bulletin released on September 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published nine new advisories detailing high-severity vulnerabilities affecti...

Threat IntelligenceSep 18, 2025·2 min read

Critical Google Chrome Zero-Day CVE-2025-10585: What You Need to Know

Google has just patched a critical zero-day vulnerability in its Chrome web browser—CVE-2025-10585—which has been actively exploited in the wild. This flaw, a type confusion issue in Chrome’s V8 Ja...

Threat IntelligenceSep 18, 2025·4 min read

Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems

U.S. Cybersecurity and Infrastructure Security Agency’s new Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems by chaining CVE-2025-4427 and C...

Threat IntelligenceJun 22, 2025·5 min read

MSSP Alert Top 250 for 2024: A Deep Dive into the State of Cybersecurity

Discover the key findings from the 2024 MSSP Alert Top 250 report. Explore trends in MSSP growth, profitability, in-house SOCs, and the critical services defining modern cyber defense.

Threat IntelligenceApr 26, 2025·4 min read

Pakistan-Linked APT36 Exploits "Pahalgam Terror Attack" Theme in Multi-Pronged Cyber Espionage Campaign Against India

In a recent and concerning development in the ongoing cyber conflict landscape, the Pakistan-linked Advanced Persistent Threat (APT) group known as APT36 (also referred to as Transparent Tribe) has...

Threat IntelligenceMar 25, 2025·10 min read

Unpacking CVE-2025-29927: A Deep Dive into the Next.js Path Traversal Vulnerability

Next.js has rapidly become a dominant force in the React ecosystem, lauded for its developer experience and performance optimizations. However, like any complex framework, it's not immune to securi...

Threat IntelligenceSep 7, 2024·6 min read

MITRE ATT&CKcon 5.0: Elevating Cybersecurity Knowledge

Cybersecurity remains at the forefront of the global conversation, and MITRE ATT&CKcon 5.0 is a pivotal event in the field. Scheduled for October 22-23, 2024, in McLean, Virginia, the conference se...

Cloud SecuritySep 5, 2024·3 min read

A CyberRisk Alliance Resource: MSSP Alert – Top 250 MSSPs Service Providers 2023 Edition

As cyber threats evolve, so do the strategies to combat them. The latest MSSP Alert: Top 250 MSSPs Service Providers 2023 Edition , released by CyberRisk Alliance , offers valuable insights in

Security Digest

Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.

SecurityXP — Cybersecurity News, Threat Intelligence & Infosec Utilities