At least 156 people, including more than a hundred children, were killed in what is being described as the deadliest single attack of the war against Iran. Preliminary investigations indicate US missiles were responsible for the strike.
Look up signals and intelligence for any entity
30d signal volume
Russian airstrikes on Kyiv have killed at least 24 people in what is described as the largest single attack on the Ukrainian capital since the full-scale war began, extending a bombardment that has lasted over 24 hours.
A suspect in an attack at the White House Correspondents' Dinner on Saturday night was prepared for a mass casualty event, according to prosecutors' filing in federal court. U.S. Attorney Jeanine Pirro and her office submitted a memorandum to a judge regarding the case.
A suspect in an attack at the White House Correspondents' Dinner on Saturday night was prepared for a mass casualty event according to prosecutors filing in federal court. U.S. Attorney for the District of Columbia Jeanine Pirro and assistants submitted a memorandum to a judge regarding the suspect's preparation and criminal charges.
A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other malware. This type of attack leverages trusted development infrastructure to distribute malicious code to multiple downstream users and organizations.
A critical remote code execution vulnerability (CVE-2026-1731) has been identified in remote monitoring and management software that could be exploited to deploy ransomware and compromise supply chain integrity. The flaw enables attackers to execute arbitrary code, creating significant risk for downstream organizations and critical infrastructure.
A supply chain attack campaign utilizing sleeper packages has been identified, distributing malicious payloads that enable credential theft, GitHub Actions tampering, and SSH persistence mechanisms. The attack is attributed to the GitHub account 'BufferZoneCorp' which has published malicious Ruby gems and Go modules.
Several npm packages used in SAP's cloud application development ecosystem have been compromised as part of TeamPCP's expanding supply chain attack campaign. This threat impacts organizations relying on SAP cloud development tools and their software dependencies.
Checkmarx disclosed a supply chain security incident where cybercriminals published company data on the dark web, originating from unauthorized access to Checkmarx's GitHub repository. The repository access was facilitated through an initial supply chain attack on March 23, 2026, highlighting vulnerabilities in development infrastructure security.
Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are unpatched. This indicates ongoing cyber operations targeting a critical system component with available exploitation code and limited defensive patching options.
Attackers are conducting a sustained campaign to distribute malicious VS Code extensions through Open VSX that appear legitimate but contain self-propagating malware. This represents a supply chain attack targeting the developer community and the software they produce.
A high-severity SSRF vulnerability in LMDeploy, an open-source toolkit for large language model deployment, is actively being exploited in the wild within 13 hours of public disclosure. CVE-2026-33626 (CVSS 7.5) could allow attackers to access sensitive systems through Server-Side Request Forgery attacks.
China's state-backed groups are deploying covert networks of compromised devices to execute attacks using low-cost, low-risk, and deniable methods. This approach suggests a strategic shift toward sustainable cyber operations with reduced attribution exposure.
CISA has added CVE-2026-33825, a Microsoft Defender Insufficient Granularity of Access Control Vulnerability, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. This vulnerability type is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. CISA urges all organizations to prioritize remediation of KEV Catalog vulnerabilities as part of their vulnerability management practices.
Bluekit is a phishing kit still under development that provides automated domain registration and an AI Assistant to users. This tool reduces technical barriers for conducting phishing attacks and represents an evolution in attack automation capabilities.
A 66-year-old appeared in court charged with attempted murder linked to a bomb attack on a Belfast police station. The charge relates to a significant incident targeting critical law enforcement infrastructure in Northern Ireland.
Two individuals were killed during a home invasion in the Hacienda La Mercedes 1 residential area of San José Pinula. Attackers shot both victims in the head according to initial police investigations.
Cybersecurity researchers are warning of two cybercrime groups (Cordial Spider and Snarky Spider) conducting rapid, high-impact attacks within SaaS environments while leaving minimal traces. These groups are attributed to high-speed data theft operations using sophisticated techniques to evade detection.
CISA added CVE-2026-41940, a missing authentication vulnerability in WebPros cPanel & WHM and WP2 (WordPress Squared), to its Known Exploited Vulnerabilities Catalog based on active exploitation evidence. The vulnerability is classified as a critical function bypass and represents a frequent attack vector for malicious actors. CISA urges all organizations to prioritize remediation as part of their vulnerability management practices, with federal agencies required to remediate by applicable due dates under BOD 22-01.
Ukrainian drones struck several Su-57 fighter jets and an Su-34 fighter-bomber at the Shagol airfield in Russia's Chelyabinsk Region, according to Ukraine's General Staff on May 1. The attack targeted advanced Russian military aircraft at a domestic airbase.
The U.S. Department of Justice announced the sentencing of two cybersecurity professionals to four years each in prison for facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg and Kevin Martin deployed the ransomware against multiple U.S. victims between April and December 2023.
A regime is preparing to intensify military offensives in a state after recently retaking the strategic town of Falam. New attacks are occurring as part of this broader campaign to consolidate territorial control.
A researcher identified five distinct exploit paths resulting from an architectural weakness in Windows Remote Procedure Call (RPC) connection handling to unavailable services. This discovery highlights a fundamental vulnerability in a critical Windows system component that could potentially be leveraged for elevated privilege attacks or lateral movement.
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks targeting TrueConf video conferencing servers in Russia since September 2025, according to Positive Technologies research. The threat actors are leveraging an exploit chain of three vulnerabilities to execute remote commands on vulnerable systems.
A proof of concept study revealed that AI-based attacks unfold too rapidly for human defenders to respond effectively, and demonstrated that the AI system exhibited greater autonomous behavior than anticipated. This finding highlights concerns about the speed advantage of AI attacks and potential unpredictability of AI systems in adversarial contexts.
Gaza death toll rises to 72,608 Israeli attacks in Gaza have killed at least four people and wounded 26 others in the last 24 hours, the enclave's health ministry is reporting. In a statement, the ministry added that the bodies of three people killed in earlier attacks had also been recovered. The latest figures bring the overall toll of people killed by Israel in Gaza since October 2023 to at least 72,608, with 172,445 wounded. The ministry added that, of that total, 828 people have been killed and 2,342 wounded since the ceasefire was implemented in October 2025.
Four killed in Israeli strikes on southern Lebanon Four people have been killed and others wounded in Israeli strikes targeting a number of southern Lebanese towns, Wafa news agency is reporting. According to the report, the attacks struck the towns of Kfar Dajjal and Shoukin. Meanwhile, further attacks targeted the towns of Froun, Adshit, Majdal Zoun, Ghandouriyeh, Zawtar al-Sharqiyah, Harouf, Mleeta, Haboush, and Wadi al-Salouqi in southern Lebanon.
PESHAWAR: A tribal gathering convened by Khyber Pakhtunkhwa Chief Minister Sohail Afridi on Saturday decided that a jirga will be formed to hold talks with the federal government and other stakeholders on drone attacks in the province. In the past few days, CM Afridi has condemned “persistent drone attacks” in KP, even hinting at introducing legislation to criminalise collateral damage in such incidents. On Saturday, a “loya (grand) jirga” was held at CM House, where tribal elders had been invited to decide the future course of action.
U.K. calls antisemitism an emergency as police investigate stabbing attack on 2 Jewish men