Category: Cyber Security News

The global spyware market continues its alarming expansion, with new research revealing the emergence of 130 additional entities spanning 46 countries between 1992 and 2024. This shadowy ecosystem of surveillance technologies has grown from 435 documented entities in the initial…

Read more →

A sophisticated new attack tool targeting jailbroken iOS devices has emerged, representing a significant escalation in digital identity fraud capabilities.  The discovery by iProov’s threat intelligence team reveals a highly specialized tool designed to perform advanced video injection attacks on…

Read more →

Detecting remote employment fraud has become a critical priority for organizations striving to secure their digital onboarding processes and safeguard sensitive systems. In recent months, threat actors posing as legitimate hires have leveraged sophisticated tactics to bypass pre-hire screenings and…

Read more →

UK law enforcement has arrested two individuals linked to the notorious Scattered Spider cybercriminal group, including 19-year-old Thalha Jubair from London, who faces charges in connection with over 120 network intrusions that resulted in more than $115 million in ransom…

Read more →

Krasnoyarsk Regional Airlines (KrasAvia) confirmed a sophisticated cyberattack that has rendered its primary online services inoperable.  The breach targeted the airline’s web portal and associated back-end systems, including the Passenger Service System (PSS) and flight planning applications.  As a result,…

Read more →

A sophisticated phishing campaign has recently emerged, targeting Facebook users with carefully crafted emails designed to harvest login credentials. Attackers leverage the platform’s own external URL warning system to cloak malicious links, presenting URLs that appear legitimate while redirecting victims…

Read more →

SolarWinds has released an advisory regarding a security incident involving the Salesloft Drift integration for Salesforce, which led to unauthorized data access. The company confirmed that its own systems were not impacted by the breach, but is treating the matter…

Read more →

The Russian covert influence network CopyCop has significantly expanded its disinformation campaign, establishing over 200 new fictional media websites since March 2025. This expansion represents a marked escalation in Russian information warfare efforts, targeting democratic nations with sophisticated artificial intelligence-driven…

Read more →

The cyberthreat landscape has witnessed the emergence of another sophisticated ransomware operation as GOLD SALEM, a new threat actor group also known as Warlock Group, has been actively compromising enterprise networks since March 2025. This emerging ransomware collective has successfully…

Read more →

When an incident happens, there’s no time to waste.  SOC teams must react fast to protect their organization, and this requires more than expertise. Strong solutions tailored to the needs of businesses can make all the difference.  The secret to…

Read more →

Cloudflare has published a detailed post-mortem explaining the significant outage on September 12, 2025, that made its dashboard and APIs unavailable for over an hour. The company traced the incident to a software bug in its dashboard that, combined with…

Read more →

Microsoft is integrating free, on-device artificial intelligence capabilities into the classic Notepad application for Windows 11 users with Copilot+ PCs. The update introduces powerful text generation and editing tools, including “Summarize,” “Write,” and “Rewrite,” without requiring a subscription. The new…

Read more →

In 2025, the Model Context Protocol (MCP) revolutionizes AI agent integration, making it seamless for tools, databases, and workflows to work harmoniously in enterprises and developer workspaces. Top MCP servers power next-generation automation and data-driven applications, connecting everything from cloud…

Read more →

A zero-click vulnerability discovered in ChatGPT’s Deep Research agent allowed attackers to exfiltrate sensitive data from a user’s Gmail account without any user interaction. The flaw, which OpenAI has since patched, leveraged a sophisticated form of indirect prompt injection hidden…

Read more →

A critical vulnerability in Microsoft’s Entra ID could have allowed an attacker to gain complete administrative control over any tenant in Microsoft’s global cloud infrastructure. The flaw, now patched, was discovered in July 2025 and has been assigned CVE-2025-55241. The…

Read more →

Attackers injected malicious code into GitHub Actions workflows in a widespread campaign to steal Python Package Index (PyPI) publishing tokens. While some tokens stored as GitHub secrets were successfully exfiltrated, PyPI administrators have confirmed that the platform itself was not…

Read more →

In recent months, cybersecurity researchers have exposed a tangled web of hidden alliances among leading ransomware operations, reshaping how defenders perceive these threats. Historically treated as distinct entities—Conti, LockBit, Evil Corp, and others—ransomware groups have evolved into a dynamic marketplace…

Read more →

The infamous Everest ransomware group has reportedly included Bayerische Motoren Werke AG (BMW) as a high-profile target, claiming the theft of a significant amount of critical internal documents from the German automotive manufacturer. According to information surfaced, Everest claims to…

Read more →

SonicWall has issued an urgent advisory urging all customers to perform an Essential Credential Reset after security researchers discovered that MySonicWall configuration backup files were inadvertently exposed on public storage.  The sensitive files contained encrypted passwords, pre-shared keys, and TLS…

Read more →

Jenkins has released critical updates addressing four security flaws that unauthenticated and low-privileged attackers could exploit to disrupt service or glean sensitive configuration details.  Administrators running Jenkins weekly releases up to 2.527 or the Long-Term Support (LTS) stream up to…

Read more →