Cyber ​​Security Hub

In recent days, a trend on the social network Threads has startled many young people as they witnessed their entire personal information being "exposed" after just a few seconds of searching.

Explore penetration testing vs vulnerability scanning to optimize security ROI. Learn how depth and pricing impact your cyber defense

Mới đây, công ty tình báo mối đe dọa mạng Defused đã phát lời cảnh báo quan trọng về việc hệ thống FortiSandbox của Fortinet đang trở thành mục tiêu trong các cuộc tấn công khai thác lỗ hổng.

Google has officially rolled out a major security update for Chrome, addressing 28 vulnerabilities. Among these are several critical flaws that could allow attackers to execute malicious code on targeted systems.

A single click by a user on a trusted link pointing to a legitimate Microsoft domain could have allowed an attacker to covertly extract highly sensitive information, including emails, calendar schedules, and indexed files.

A serious security incident was recently confirmed by Meta, where an artificial intelligence (AI) support tool was exploited by cybercriminals, putting thousands of Instagram user accounts at risk of data exposure and unauthorized access.

This meaningful activity took place continuously for three days, from June 11 to June 13, 2026, at Nguyen Hue walking street, Ho Chi Minh city. It was a special zone within the framework of the "Peaceful Fatherland" Gala art program organized by the Ministry of Public Security.

On the night of June 12, millions of users worldwide suddenly lost access to familiar applications within the Meta ecosystem. This widespread disruption not only caused inconvenience to individual users but also led to a drop of nearly $1 billion in billionaire Mark Zuckerberg's net worth.

A researcher at the cybersecurity firm Calif has just discovered a severe threat named HTTP/2 Bomb, which directly threatens the default configurations of the world's most popular web servers, such as NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora.

To address these vulnerabilities, GitHub has announced significant security-focused modifications arriving with the upcoming npm v12 next month

A newly discovered campaign named Operation TaxShadow has been observed leveraging phishing emails impersonating tax authorities to trick Windows users into downloading dangerous malware. Remarkably, this malware operates entirely within the system memory, leaving minimal digital footprints and making detection and prevention extremely difficult.

A severe security vulnerability is being actively exploited by cybercriminals to infiltrate corporate networks without requiring valid user passwords.

Google has rolled out one of its largest security patch bundles ever for the Chrome browser. Users worldwide, from individuals to large enterprises, are strongly advised to update immediately to defend their systems against a wide array of cyber threats.

Hackers are using fake ticket websites, malicious livestreams, impersonation accounts, and scam applications to exploit the passion of global fans and gaps in corporate security.

CISA has issued an urgent warning regarding a newly patched, high-severity vulnerability within SolarWinds Serv-U. Cybercriminals are actively exploiting this flaw in the wild, with the primary intent of crashing enterprise servers.

Instead of relying on traditional file downloads, these attackers exploit user trust in established platforms to silently exfiltrate highly sensitive data directly from target devices.

Google has officially confirmed the active exploitation of a high-severity zero-day vulnerability impacting the Android operating system. Tracked as CVE-2025-48595, this security flaw has been weaponized in targeted cyberattacks within a limited scope.

A massive supply chain cyberattack has recently been uncovered, turning trusted open-source code libraries into active tools of espionage. Named "Miasma: The Spreading Blight," this dangerous campaign directly endangers development environments and cloud infrastructure through official package releases from Red Hat.

Known for its high security, the Linux ecosystem has just faced a massive challenge. A critical information security vulnerability named CIFSwitch was recently exposed after silently existing for nearly two decades.