Illinois Representative Delia Ramirez has been appointed as the top Democrat on the House Homeland Security Committee's Cybersecurity and Infrastructure Protection Subcommittee, replacing Eric Swalwell following his resignation from Congress.
A critical Apache ActiveMQ Classic flaw tracked as CVE-2026-34197, dormant in the codebase for 13 years, is being actively exploited just weeks after patched versions were released. CISA has added it to the Known Exploited Vulnerabilities catalog with a federal patch deadline of April 30.
A House Oversight subcommittee roundtable on 'Artificial Intelligence and American Power' turned deeply anxious as lawmakers questioned AI's threat to national security, civil liberties, and humanity itself.
This week's cybersecurity highlights include the Satellite Cybersecurity Act advancing in the Senate, a $90,000 Chrome heap buffer overflow reward, ShinyHunters targeting Rockstar Games and McGraw Hill, and a 16-year-old arrested over a school network breach.
BleepingComputer and Kaseya are hosting a live webinar on May 14, 2026, examining how AI-powered phishing, ransomware, and business email compromise are outpacing MSP defenses and why backup and recovery must be part of every security strategy.
The House approved a stopgap 10-day extension of the warrantless surveillance authority under FISA Section 702, after the Trump administration's push for a clean 18-month reauthorization collapsed amid Republican divisions.
NAKIVO has released Backup & Replication v11.2, delivering automated real-time replication, full VMware vSphere 9 and Proxmox VE 9.0/9.1 support, OAuth 2.0 authentication, and expanded ransomware resilience for over 16,000 customers worldwide.
A code regression introduced by a recent Microsoft Edge update has left Teams desktop users unable to paste content via right-click context menus. Microsoft is rolling out a staged fix while recommending keyboard shortcuts as a workaround.
A critical remote code execution flaw tracked as GHSA-xq3m-2v4x-88gg has been discovered in protobuf.js, a JavaScript library pulling nearly 50 million weekly npm downloads. Proof-of-concept exploit code is now public, though no active in-the-wild attacks have been observed.
Cybersecurity firm Barracuda Networks reports that Tycoon 2FA has lost its dominance among phishing-as-a-service platforms after law enforcement seized 330 of its domains, with threat actors migrating to rivals like Mamba 2FA and EvilProxy while total attacks surged past 23 million.