Tag: Cyber Security News

Cybercriminals have launched a sophisticated multi-vector attack campaign targeting fans and teams ahead of the 2025 Belgian Grand Prix, scheduled for July 27 at the iconic Spa-Francorchamps circuit. The threat actors have deployed an arsenal of tactics including phishing emails,…

Read more →

Google has issued an urgent security update for its Chrome browser, patching several vulnerabilities, including a high-severity vulnerability that could allow attackers to manipulate memory and execute arbitrary code on a user’s system. The latest version, Chrome 138.0.7204.183 for Linux…

Read more →

ArmouryLoader burst onto the threat landscape in late 2024 after hijacking the export table of ASUS’s Armoury Crate utility, turning a trusted gaming companion into an initial entry point for sophisticated malware campaigns. Since then, security teams have watched a…

Read more →

The difference between a minor security incident and a devastating breach often comes down to one critical factor: how quickly you can detect and respond to a threat. Hackers rarely target an isolated business: they typically launch campaigns that hit…

Read more →

Over the past year, a previously quiet Chinese threat cluster has surged onto incident-response dashboards worldwide, pivoting from single zero-day hits to an industrialized pipeline of weaponized vulnerabilities. First detected targeting unpatched Fortinet SSL-VPN appliances in late-2024, the group—dubbed “Goujian…

Read more →

France’s leading telecommunications giant Orange confirmed on Monday that it detected a significant cyberattack targeting one of its information systems on Friday, July 25, 2025. The incident has resulted in widespread service disruptions affecting both corporate customers and consumer services,…

Read more →

Multiple critical vulnerabilities affecting SonicWall’s SMA100 series SSL-VPN appliances, highlighting persistent security flaws in network infrastructure devices.  The vulnerabilities, designated CVE-2025-40596, CVE-2025-40597, and CVE-2025-40598, demonstrate fundamental programming errors that enable pre-authentication attacks against firmware version 10.2.1.15. Key Takeaways1. Stack overflow,…

Read more →

A critical security vulnerability has been discovered in CodeIgniter4’s ImageMagick handler, exposing potentially millions of web applications to command injection attacks through malicious file uploads.  The vulnerability, tracked as CVE-2025-54418, received a CVSS score of 9.8, indicating the highest severity…

Read more →

Microsoft Teams is rolling out a significant enhancement to its meeting experience with the introduction of a new meeting join banner designed to streamline user access to scheduled meetings.  The feature, identified by message code MC1115979, represents Microsoft’s continued effort…

Read more →

The latest wave of npm-centric phishing has taken a darker turn with the hijack of the ubiquitous is utility, a module pulled 2.8 million times every week. On 19 July 2025 attackers, armed with stolen maintainer credentials, slipped malicious versions…

Read more →

A critical security vulnerability discovered in Google’s Gemini CLI tool allowed attackers to execute arbitrary malicious commands on developer systems without detection.  The vulnerability, identified by cybersecurity firm Tracebit on June 27, 2025, exploited a combination of prompt injection techniques,…

Read more →

The Python Package Index (PyPI) has issued an urgent warning to developers about an ongoing phishing campaign that exploits domain spoofing techniques to steal user credentials.  This sophisticated attack targets developers who have published packages on the official repository, leveraging…

Read more →

Singapore’s critical infrastructure faces an escalating cyber threat from UNC3886, a sophisticated Chinese state-linked Advanced Persistent Threat (APT) group that has been systematically targeting the nation’s energy, water, telecommunications, finance, and government sectors. The group, which first emerged circa 2021…

Read more →

The commodity infostealer landscape has a new entrant in Raven Stealer, a compact Delphi/C++ binary that hijacks Telegram’s bot API to spirit away victims’ browser secrets. First seen in mid-July 2025 on a GitHub repository operated by the self-styled ZeroTrace…

Read more →

The Linux Foundation has officially released Linux kernel 6.16 on July 27, 2025, marking another milestone in open-source operating system development.  Released by Linus Torvalds, this version focuses on stability improvements and networking enhancements while maintaining the project’s commitment to…

Read more →

Apple quietly slipped a game-changing developer feature into its WWDC 25 announcements: a native containerization stack that lets Macs run Open Container Initiative (OCI) images inside ultra-lightweight virtual machines. In practice, that means you can launch a full Kali Linux…

Read more →

CISA has issued an urgent warning regarding a critical vulnerability in PaperCut NG/MF print management software that threat actors are actively exploiting in ransomware campaigns.  The vulnerability, tracked as CVE-2023-2533, represents a significant security risk to organizations worldwide using the…

Read more →

VM (Virtual Machine) monitoring tools are essential for maintaining the performance, availability, and security of virtualized environments. These tools provide real-time visibility into VM health and performance, enabling administrators to track key metrics such as CPU usage, memory utilization, disk…

Read more →

Cybersecurity researchers have uncovered a sophisticated web shell attack targeting Microsoft Internet Information Services (IIS) servers, allowing threat actors to achieve complete remote control over compromised systems. The malicious script, identified as “UpdateChecker.aspx,” represents a significant escalation in web shell…

Read more →

A critical macOS vulnerability enables attackers to bypass Transparency, Consent, and Control (TCC) protections and steal sensitive user data, including files from protected directories and Apple Intelligence caches.  The vulnerability, dubbed “Sploitlight,” exploits Spotlight plugins to access normally protected information…

Read more →

Anti-phishing tools are essential cybersecurity solutions designed to detect and prevent phishing attacks. These tools identify and block malicious emails, websites, and messages that attempt to deceive users into disclosing sensitive information such as passwords, credit card numbers, and personal…

Read more →

CISA has issued an urgent warning regarding two critical injection vulnerabilities in Cisco’s Identity Services Engine (ISE) that threat actors are actively exploiting.  The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, allow attackers to achieve remote code execution with root privileges…

Read more →

GitHub experienced a widespread outage on July 28, 2025, affecting millions of developers and organizations reliant on its services. The incident, which impacted API requests, issue tracking, and pull requests, highlighted the vulnerabilities in cloud-based collaboration tools essential for software…

Read more →

Cybersecurity researchers have uncovered a sophisticated web shell attack targeting Microsoft Internet Information Services (IIS) servers, allowing threat actors to achieve complete remote control over compromised systems. The malicious script, identified as “UpdateChecker.aspx,” represents a significant escalation in web shell…

Read more →

The cybercriminal landscape has witnessed a dramatic shift with the emergence of sophisticated malware-as-a-service (MaaS) platforms targeting Android devices. Criminal enterprises no longer require extensive technical expertise to deploy advanced mobile threats, as ready-to-use malware kits are now available for…

Read more →

A sophisticated Russian state-sponsored advanced persistent threat (APT) group known as Laundry Bear has emerged as a significant cybersecurity concern, targeting NATO countries and Ukraine through an extensive campaign of espionage and intelligence gathering. Also tracked as Void Blizzard by…

Read more →

The cyberthreat landscape witnessed a concerning evolution in 2025 as the notorious Muddled Libra threat group dramatically shifted their attack methodology, pivoting from traditional phishing campaigns to sophisticated voice-based social engineering targeting organizational call centers and help desks. This Western-based…

Read more →

The Atomic macOS Stealer (AMOS) has undergone a significant evolution, transforming from a traditional information stealer into a sophisticated persistent threat capable of maintaining long-term access to compromised macOS systems. This development marks a critical escalation in the malware’s capabilities,…

Read more →

A sophisticated new information stealer named SHUYAL has emerged in the cybersecurity landscape, demonstrating unprecedented scope in its credential harvesting capabilities. The malware targets login credentials from 19 different web browsers, ranging from mainstream applications like Google Chrome and Microsoft…

Read more →

Russia’s Aeroflot, one of the world’s oldest airlines, has been left scrambling after pro-Ukraine hackers claimed to have “completely destroyed” the carrier’s internal IT infrastructure in a stealthy, year-long campaign. The groups, known as “Silent Crow” and Belarusian counterpart “Cyber…

Read more →

Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential services like energy, water, telecommunications, and government systems, prompting urgent warnings from officials.…

Read more →

The Oyster malware, also known as Broomstick or CleanupLoader, has resurfaced in attacks disguised as popular tools like PuTTY, KeyPass, and WinSCP. This malware, active since at least 2023, tricks users into downloading malicious installers, potentially paving the way for…

Read more →

The women-only dating safety app Tea has suffered a significant cybersecurity incident, with hackers gaining unauthorized access to approximately 72,000 user images, including 13,000 sensitive selfies and identification documents used for account verification.  The breach, which represents one of the…

Read more →

Cybercriminals have allegedly compromised Airpay, one of India’s prominent digital payment gateway providers, exposing sensitive financial data of thousands of users and businesses.  The threat actors are currently advertising the company’s complete database on dark web marketplaces, raising serious concerns…

Read more →

A critical new threat targeting Microsoft SharePoint servers through a sophisticated exploit chain dubbed “ToolShell.” This multi-stage attack combines previously patched vulnerabilities with fresh zero-day exploits to achieve complete system compromise, affecting SharePoint Enterprise Server 2016, SharePoint Server 2019, and…

Read more →

A major cybersecurity breach has exposed the browsing activities of users visiting one of the internet’s most notorious illegal marketplaces.  On Friday, July 18, cybersecurity firm UpGuard discovered an unprotected Elasticsearch database containing approximately 22 million records of web requests,…

Read more →

Unidentified hackers have successfully breached a critical intelligence website used by the CIA and other U.S. agencies to manage sensitive government contracts, according to the National Reconnaissance Office (NRO), the spy satellite service that operates the compromised platform. The cyberattack…

Read more →

Infrastructure monitoring tools are critical for ensuring IT infrastructure’s optimal performance, availability, and security. These tools provide comprehensive visibility into the health and status of various infrastructure components, including servers, networks, storage systems, and applications. Infrastructure monitoring tools help detect…

Read more →

Cloud monitoring tools are essential for maintaining cloud-based services and applications’ performance, availability, and security. These tools provide real-time visibility into cloud infrastructure, enabling monitoring metrics such as resource utilization, application performance, and network traffic. Cloud monitoring tools help identify…

Read more →

A serious security vulnerability has been discovered in LG Innotek’s LNV5110R camera model that could allow cybercriminals to gain complete administrative control over affected devices.  The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on July 24, 2025,…

Read more →

Multiple critical security vulnerabilities affecting Salesforce’s Tableau Server that could allow attackers to execute remote code, bypass authorization controls, and access sensitive production databases.  The vulnerabilities, revealed through a security advisory published on June 26, 2025, impact Tableau Server versions…

Read more →

An Arizona woman received a significant federal prison sentence for orchestrating a sophisticated cybercrime operation that enabled North Korean Information Technology (IT) workers to infiltrate hundreds of American companies while generating millions in revenue for the Democratic People’s Republic of…

Read more →

Welcome to this week’s Cybersecurity Recap. We’re looking at important updates from July 21-27, 2025, in the world of digital threats and defenses. This week has seen significant developments that highlight the ongoing risks of cyber attacks and the need…

Read more →

Major U.S. insurance provider Allianz Life Insurance Company confirmed on Saturday that hackers compromised the personal information of the “majority” of its 1.4 million customers following a sophisticated cyberattack on July 16, 2025. The breach, disclosed in a mandatory filing…

Read more →

Major U.S. insurance provider Allianz Life Insurance Company confirmed on Saturday that hackers compromised the personal information of the “majority” of its 1.4 million customers following a sophisticated cyberattack on July 16, 2025. The breach, disclosed in a mandatory filing…

Read more →

Docker monitoring is the process of keeping tabs on the functionality, state, and resource usage of Docker containers as well as the entire Docker ecosystem. With the help of the well-known containerization technology Docker, programmers may bundle their apps and…

Read more →

BreachForums, the notorious cybercrime discussion board that vanished from the clearnet after a law-enforcement seizure in, quietly re-opened this week under its original administrators and with the entire historical archive of user accounts, posts, and private messages intact. The unexpected…

Read more →

Gaming peripheral manufacturer Endgame Gear has confirmed that hackers successfully compromised its official software distribution system, using the company’s OP1w 4K V2 mouse configuration tool to spread dangerous Xred malware to unsuspecting customers for nearly two weeks. The security breach,…

Read more →

SNMP (Simple Network Management Protocol) monitoring tools are essential for managing and monitoring network devices. They collect and organize information from various network devices, such as routers, switches, servers, and printers. These tools provide real-time data on device performance, network…

Read more →

Microsoft Corp. is investigating whether a leak from its Microsoft Active Protections Program (MAPP) enabled Chinese state-sponsored hackers to exploit critical SharePoint vulnerabilities before patches were fully deployed, according to sources familiar with the matter. The investigation comes as cyber…

Read more →

A sophisticated global botnet campaign targeting VOIP-enabled routers and devices configured with default credentials.  The discovery began when analysts noticed an unusual cluster of malicious IP addresses concentrated in rural New Mexico, leading to the identification of approximately 500 compromised…

Read more →

In today’s mobile-first world, companies often struggle to bridge the gap between their websites and mobile apps. This is where web-to-app funnels come into play. These funnels are designed to guide users from a web touchpoint (such as an ad…

Read more →

Microsoft is currently facing an outage that affects the Microsoft 365 Admin Center, preventing administrators from accessing essential management tools. The issue, which emerged prominently on July 24, 2025, has persisted into the following day, marking the second such incident…

Read more →

API monitoring tools ensure the performance, availability, and reliability of application programming interfaces (APIs) that connect different software systems. These tools continuously track and analyze API requests and responses to detect slow response times, errors, and downtime. By providing real-time…

Read more →

Bandwidth monitoring tools are essential for managing and optimizing network performance. These tools help IT administrators track and analyze network traffic, identify potential bottlenecks, and ensure efficient bandwidth utilization. By providing real-time data on network usage, bandwidth monitoring tools enable…

Read more →

A critical security vulnerability has been discovered in Microsoft Copilot Enterprise, allowing unauthorized users to gain root access to its backend container. This vulnerability poses a significant risk, potentially allowing malicious users to manipulate system settings, access sensitive data, and…

Read more →

Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to SYSTEM-level access on Windows virtual machines.  The vulnerabilities, tracked as CVE-2025-22230 and CVE-2025-22247, affect VMware…

Read more →

Researchers identified 13 critical vulnerabilities in Tridium’s widely-deployed Niagara Framework that could allow attackers to compromise building automation systems and collect sensitive network data.  The vulnerabilities, affecting versions 4.10u10 and earlier, as well as 4.14u1 and earlier, enable attackers with…

Read more →

A new wave of cryptojacking attacks is exploiting the humble 404 error page to sneak malicious binaries past defenders Dubbed “Soco404,” the campaign embeds base64-encoded payloads inside seemingly innocuous error screens hosted on Google Sites and compromised Tomcat servers, then…

Read more →

Digital threats are evolving at an ever-increasing rate, and a new breed of cybersecurity companies is emerging into the limelight as a result. These innovative and dynamic teams are addressing a wide range of issues, including cloud-native vulnerabilities and AI-powered…

Read more →

The world is changing so quickly. Just when you thought you had heard it all, something as genius as a temporary email address came out of the fold. Oh, wait, you haven’t heard of this? Well, then you’re in luck…

Read more →

Every second, AWS processes 1.2 billion API calls. Each one triggers a security check. That’s not just impressive it’s the backbone of what might be the world’s largest security operation. While we’re debating whether AI will change cybersecurity, AWS has…

Read more →

Data breaches pose significant threats to digital advertising platforms, jeopardizing user privacy and trust. Implementing robust security measures within display ad servers is crucial to safeguard sensitive information. Transparent practices, encryption, and routine audits are vital to maintaining data integrity…

Read more →

A rapidly evolving campaign is using a Browser-in-the-Browser (BitB) overlay to impersonate Facebook’s login and siphon user credentials. The lure hinges on a deceptive CAPTCHA challenge that seamlessly morphs into a counterfeit Facebook session window, duping victims across desktops and…

Read more →

Following U.S. Treasury sanctions imposed on July 1, 2025, the notorious bulletproof hosting provider Aeza Group has rapidly migrated its infrastructure to a new autonomous system in an apparent attempt to evade enforcement measures.  Cybersecurity researchers at Silent Push detected…

Read more →

Google Forms, praised for friction-free data collection, has become the unlikely staging ground for rapidly spreading crypto-phishing campaign. First detected in late-2024 but surging in Q2 2025, the ploy begins with an unsolicited email containing a legitimate‐looking forms.gle link that…

Read more →

Attackers are weaponizing India’s appetite for mobile banking by circulating counterfeit Android apps that mimic the interfaces and icons of public-sector and private banks. Surfacing in telemetry logs on 3 April 2025, the impostors travel through smishing texts, QR codes…

Read more →

A newly uncovered campaign is exploiting gamers’ enthusiasm for off-beat indie titles to plant credential-stealing malware on machines. Branded installers for nonexistent games such as “Baruda Quest,” “Warstorm Fire,” and “Dire Talon” are pushed through slick YouTube trailers and Discord…

Read more →

A sophisticated espionage campaign dubbed “Fire Ant” demonstrates previously unknown capabilities in compromising VMware virtualization infrastructure.  Since early 2025, this threat actor has systematically targeted VMware ESXi hosts, vCenter servers, and network appliances using hypervisor-level techniques that evade traditional endpoint…

Read more →

A sophisticated Russian-aligned threat actor known as Hive0156 has intensified its cyber espionage campaigns against Ukrainian government and military organizations, deploying the notorious Remcos Remote Access Trojan through carefully crafted social engineering attacks. The group has demonstrated remarkable persistence in…

Read more →

Spoofed Microsoft SharePoint notifications have been a familiar lure for corporate users, but a wave of campaigns traced between March and July 2025 shows a sharp uptick in both volume and sophistication. The operators register look-alike domains such as “sharepoint-online-docs-secure[.]co”…

Read more →

A major win against cybercrime happened this week, as authorities from around the world teamed up to take down key websites run by the BlackSuit ransomware gang. If you visit the group’s data leak site or their negotiation portal now,…

Read more →

A malicious pull request slipped through Amazon’s review process and into version 1.84.0 of the Amazon Q extension for Visual Studio Code, briefly arming the popular AI assistant with instructions to wipe users’ local files and AWS resources. The rogue…

Read more →

The Dropping Elephant advanced persistent threat group has launched a sophisticated cyber-espionage campaign targeting Turkish defense contractors, particularly companies manufacturing precision-guided missile systems. This malicious operation represents a significant evolution in the group’s capabilities, employing a complex five-stage execution chain…

Read more →

A critical zero-day vulnerability in Microsoft SharePoint servers has become a playground for threat actors across the cybercriminal spectrum, with attacks ranging from opportunistic hackers to sophisticated nation-state groups since mid-July 2025. On July 19, 2025, Microsoft confirmed that vulnerabilities…

Read more →

Two high-severity vulnerabilities in TP-Link VIGI network video recorder (NVR) systems could allow attackers to execute arbitrary commands on affected devices.  The security flaws, identified as CVE-2025-7723 and CVE-2025-7724, impact the VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2 models, posing…

Read more →

The newly revealed LAMEHUG campaign signals a watershed moment for cyber-def: Russian state-aligned APT28 has fused a large language model (LLM) directly into live malware, allowing each infected host to receive tailor-made shell commands on the fly. By invoking the…

Read more →

The pro-Russian hacktivist group NoName057(16) has orchestrated a massive distributed denial-of-service campaign targeting over 3,700 unique hosts across thirteen months, according to new research published on July 22, 2025. The group, which emerged in March 2022 shortly after Russia’s full-scale…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware campaign where threat actors are exploiting Hangul Word Processor (.hwp) documents to distribute the notorious RokRAT malware. This marks a significant shift from the malware’s traditional distribution method through malicious shortcut (LNK) files,…

Read more →

WhoFi surfaced last on the public repository ArXiv, stunning security teams with a proof-of-concept that turns ordinary 2.4 GHz routers into covert biometric scanners. Unlike camera-based systems, this neural pipeline fingerprints the unique way a body distorts Wi-Fi channel state…

Read more →

CitrixBleed 2 (CVE-2025-5777) erupted in 2025 when researchers uncovered an out-of-bounds read in Citrix NetScaler ADC and Gateway that lets an unauthenticated request siphon memory straight from the appliance. The flaw is triggered by a malformed POST sent to /p/u/doAuthentication.do,…

Read more →

Threat researchers are warning of twin Chinese-nexus espionage operations—“Operation Chat” and “Operation PhantomPrayers”—that erupted in the weeks preceding the Dalai Lama’s 90th birthday, exploiting heightened traffic to Tibetan-themed websites to seed Windows hosts with sophisticated backdoors. By compromising a legitimate…

Read more →

Researchers have developed a new Metasploit exploit module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server that are being actively exploited in the wild.  The module, designated as pull request #20409 in the Metasploit Framework repository, addresses CVE-2025-53770 and CVE-2025-53771,…

Read more →

Critical security vulnerabilities affecting SonicWall SMA 100 series SSL-VPN appliances that could allow remote attackers to execute arbitrary JavaScript code and potentially achieve code execution without authentication.  The vulnerabilities affect SMA 210, 410, and 500v models running firmware version 10.2.1.15-81sv…

Read more →

GitLab has released critical security patches addressing multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with versions 18.2.1, 18.1.3, and 18.0.5 now available for immediate deployment.  The release includes fixes for six distinct security vulnerabilities, including…

Read more →

A sophisticated WordPress malware campaign has been discovered operating through the rarely monitored mu-plugins directory, giving attackers persistent access to compromised websites while evading traditional security measures. The malicious code, identified as wp-index.php, exploits WordPress’s “must-use plugins” functionality to maintain…

Read more →

Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow attackers to escalate privileges and execute malicious code with administrative rights.  The vulnerability, tracked as CVE-2025-8069, affects multiple versions of the…

Read more →

Modern software supply-chains rely on millions of third-party components, making package repositories a lucrative for attackers. Over the past year, a string of high-profile compromises—from the xz-utils backdoor to the solana/webjs typosquatting incident—has shown how stealthy code can poison widely…

Read more →

UNC3944, a financially driven threat organization associated with “0ktapus,” “Octo Tempest,” and “Scattered Spider,” launched a sophisticated cyber campaign that used social engineering and hypervisor-level attacks to target VMware vSphere environments in the retail, airline, and insurance industries. Google Threat…

Read more →

CISA has issued an urgent warning about a critical vulnerability in Google Chromium that threat actors are actively exploiting.  The vulnerability, designated as CVE-2025-6558, poses a significant security risk to millions of users across multiple web browsers that utilize the…

Read more →

A sophisticated cyber espionage campaign dubbed “Operation CargoTalon” has emerged, specifically targeting Russia’s aerospace and defense sectors through carefully crafted spear-phishing attacks. The operation, which surfaced in late June 2025, employs a multi-stage infection chain designed to deploy the EAGLET…

Read more →

A sophisticated new variant of the ACRStealer information-stealing malware has emerged, demonstrating advanced evasion techniques and leveraging legitimate platforms for covert command-and-control operations. The malware, which has been actively distributed since early 2024, represents a significant evolution in cybercriminal tactics…

Read more →

The cybersecurity landscape faces a new threat as the notorious Mimo threat actor, previously known for targeting Craft content management systems, has significantly evolved its operations to compromise Magento ecommerce platforms. This expansion represents a dangerous shift toward high-value targets…

Read more →

Cybercriminals have evolved their social engineering tactics with a sophisticated malware campaign that exploits users’ trust in financial institutions. The latest threat involves a malicious LNK file masquerading as a credit card security email authentication popup, specifically targeting unsuspecting users…

Read more →

The brief lull following May’s multinational takedown of the Lumma Stealer infrastructure proved deceptive. Within weeks, telemetry again lit up with fresh command-and-control (C2) beacons, revealing that the information-stealing malware had swapped overt marketplace promotion for quieter channels while expanding…

Read more →

Five Nevada men, including a German citizen, received prison sentences of up to 84 months for operating Jetflicks, one of the largest illegal television streaming services in United States history.  The defendants generated millions in criminal profits by distributing copyrighted…

Read more →

A fresh strain of the long-running macOS.ZuRu family has surfaced, hiding inside a doctored of the popular Termius SSH client and quietly turning developer workstations into remote footholds. First seen in late May 2025, the 248 MB rogue disk image…

Read more →

An investigation led by the French Police and Paris Prosecutor, in close cooperation with their Ukrainian counterparts and Europol, has resulted in the arrest of the suspected administrator of xss[.]is, one of the world’s most influential Russian-speaking cybercrime platforms. The…

Read more →

A dual U.S.-China citizen and former Silicon Valley engineer has pleaded guilty to stealing critical military technology secrets designed to protect American national security interests.  Chenguang Gong, 59, of San Jose, admitted to transferring over 3,600 classified files containing advanced…

Read more →

Phishing attacks are evolving rapidly, allowing cybercriminals to bypass traditional security systems like email filters and static defenses. As a result, many businesses are left vulnerable to credential theft, often without realizing the threat until it’s too late. Early detection is key, and…

Read more →