Sitemap - Cyber Transaction Payment Gateway

Posts

News

MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants - 28 November 2025
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan - 27 November 2025
Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update - 27 November 2025
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories - 27 November 2025
Gainsight Expands Impacted Customer List Following Salesforce Security Alert - 27 November 2025
Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets - 26 November 2025
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist - 26 November 2025
When Your $2M Security Detection Fails: Can your SOC Save You? - 26 November 2025
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps - 26 November 2025
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools - 26 November 2025
RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware - 26 November 2025
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams - 25 November 2025
Little Rock Psychologist Indicted by Federal Grand Jury for Defrauding Medicare and Arkansas Blue Cross Blue Shield - 25 November 2025
Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys - 25 November 2025
Software companies must be held liable for British economic security, say MPs - 25 November 2025
Russia arrests young cybersecurity entrepreneur on treason charges - 25 November 2025
JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers - 25 November 2025
UK privacy regulator has seen ‘collapse in enforcement activity,’ rights coalition says - 25 November 2025
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens - 25 November 2025
Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware - 25 November 2025
3 SOC Challenges You Need to Solve Before 2026 - 25 November 2025
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users - 25 November 2025
Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub - 24 November 2025
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions - 24 November 2025
Introducing Sophos DNS Protection for Endpoints - 24 November 2025
The Sophos Central UAE region is now live! - 24 November 2025
Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft - 24 November 2025
⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More - 24 November 2025
Modernizing trust: How UADY transformed campus security with Sophos - 24 November 2025
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs - 24 November 2025
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access - 24 November 2025
SEC Voluntarily Dismisses SolarWinds Litigation - 23 November 2025
Ph: Department of the Interior and Local Government to probe alleged data breach by hackers - 23 November 2025
A Swath of Bank Customer Data Was Hacked. The F.B.I. Is Investigating. - 23 November 2025
China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services - 22 November 2025
Cyberattack disables Onsolve Code Red emergency alert system across St. Louis region - 22 November 2025
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability - 22 November 2025
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks - 22 November 2025
Des Moines Man Charged with Computer Fraud - 21 November 2025
CrowdStrike catches insider feeding information to ScatteredLapsus$Hunters - 21 November 2025
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation - 21 November 2025
Two suspected Scattered Spider hackers plead not guilty over Transport for London cyberattack - 21 November 2025
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security - 21 November 2025
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains - 21 November 2025
Why IT Admins Choose Samsung for Mobile Security - 21 November 2025
Fired techie admits sabotaging ex-employer, causing $862K in damage - 21 November 2025
Attleboro investigating ‘cybersecurity incident’ impacting city’s IT systems - 21 November 2025
SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny - 21 November 2025
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity - 21 November 2025
Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows - 20 November 2025
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet - 20 November 2025
WhatsApp compromise leads to Astaroth deployment - 20 November 2025
Threat actors have reportedly launched yet another campaign involving an application connected to Salesforce - 20 November 2025
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves - 20 November 2025
Russian hackers target IVF clinics across UK used by thousands of couples - 20 November 2025
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices - 20 November 2025
CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat - 20 November 2025
Large medical lab in South Africa suffers multiple data breaches - 20 November 2025
Researchers claim ‘largest leak ever’ after uncovering WhatsApp enumeration flaw - 20 November 2025
US, allies sanction Russian bulletproof hosting services for ransomware support - 20 November 2025
Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt - 20 November 2025
TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign - 19 November 2025
Securing your network for the holidays - 19 November 2025
Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices - 19 November 2025
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001) - 19 November 2025
Report released on PowerSchool cyber attack - 19 November 2025
French agency Pajemploi reports data breach affecting 1.2M people - 19 November 2025
Eurofiber admits crooks swiped data from French unit after cyberattack - 19 November 2025
Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience Bill - 19 November 2025
Princeton University Data Breach Impacts Alumni, Students, Employees - 19 November 2025
Sue The Hackers – Google Sues Over Phishing as a Service - 19 November 2025
WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide - 19 November 2025
Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software - 19 November 2025
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts - 19 November 2025
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates - 19 November 2025
Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild - 18 November 2025
From bad to worse: Doctor Alliance hacked again by same threat actor - 18 November 2025
Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar - 18 November 2025
Meta Expands WhatsApp Security Research with New Proxy Tool and $4M in Bounties This Year - 18 November 2025
Advancing Cybersecurity for Microsoft Environments - 18 November 2025
Surveillance tech provider Protei was hacked, its data stolen, and its website defaced - 18 November 2025
From point-in-time audits to continuous confidence: How Sophos IT transformed identity defense - 18 November 2025
Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks - 18 November 2025
Researchers Detail Tuoni C2’s Role in an Attempted 2025 Real-Estate Cyber Intrusion - 18 November 2025
Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages - 18 November 2025
Beyond IAM Silos: Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities - 18 November 2025
Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale - 18 November 2025
Microsoft Mitigates Record 5.72 Tbps DDoS Attack Driven by AISURU Botnet - 18 November 2025
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability - 17 November 2025
New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT - 17 November 2025
5 Reasons Why Attackers Are Phishing Over LinkedIn - 17 November 2025
⚡ Weekly Recap: Fortinet Exploited, China’s AI Hacks, PhaaS Empire Falls & More - 17 November 2025
Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT - 17 November 2025
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time - 17 November 2025
Checkout.com Discloses Data Breach After Extortion Attempt - 16 November 2025
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet - 15 November 2025
Draft UK Cyber Security and Resilience Bill Enters UK Parliament - 15 November 2025
Washington Post hack exposes personal data of John Bolton, almost 10,000 others - 15 November 2025
Five U.S. Citizens Plead Guilty to Helping North Korean IT Workers Infiltrate 136 Companies - 15 November 2025
Did you hear the one about the ransom victim who made a ransom installment payment after they were told that it wouldn’t be accepted? - 14 November 2025
Suspected Russian hacker reportedly detained in Thailand, faces possible US extradition - 14 November 2025
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels - 14 November 2025
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets - 14 November 2025
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks - 14 November 2025
Infostealers: The silent doorway to identity attacks — and why proactive defense matters - 14 November 2025
Chinese Hackers Use Anthropic’s AI to Launch Automated Cyber Espionage Campaign - 14 November 2025
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns - 14 November 2025
Fortinet FortiWeb Flaw Actively Exploited in the Wild Before Company’s Silent Patch - 14 November 2025
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests’ Payment Data - 13 November 2025
Case Study: University of West England uses Sophos solutions to protect thousands of students across multiple campuses - 13 November 2025
Sophos named a Leader in the KuppingerCole 2025 Leadership Compass for Email Security - 13 November 2025
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain - 13 November 2025
When Attacks Come Faster Than Patches: Why 2026 Will be the Year of Machine-Speed Security - 13 November 2025
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown - 13 November 2025
End of the game for cybercrime infrastructure: 1025 servers taken down - 13 November 2025
District of Massachusetts Allows Higher-Ed Student Data Breach Claims to Survive - 13 November 2025
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories - 13 November 2025
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks - 13 November 2025
Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack - 13 November 2025
November Patch Tuesday does its chores - 12 November 2025
Doctor Alliance Data Breach: 353GB of Patient Files Allegedly Compromised, Ransom Demanded - 12 November 2025
Amendment 13 is gamechanger on data security enforcement in Israel - 12 November 2025
A Wiltshire police breach posed possible safety concerns for violent crime victims as well as prison officers - 12 November 2025
St. Thomas Brushed Off Red Flags Before Dark-Web Data Dump Rocks Houston - 12 November 2025
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform - 12 November 2025
Defending the future: Our commitment to responsible AI in cybersecurity - 12 November 2025
Almost two years later, Alpha Omega Winery notifies those affected by a data breach. - 12 November 2025
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws - 12 November 2025
Sophos Firewall v22: Your top-requested features - 12 November 2025
Court of Appeal reaffirms MFSA liability in data leak case, orders regulator to shoulder costs - 12 November 2025
[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR - 12 November 2025
Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack - 12 November 2025
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security - 12 November 2025
Google Launches ‘Private AI Compute’ — Secure AI Processing with On-Device-Level Privacy - 12 November 2025
WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks - 11 November 2025
Army gynecologist took secret videos of patients during intimate exams, lawsuit says - 11 November 2025
A jailed hacking kingpin reveals all about the gang that left a trail of destruction - 11 November 2025
The Case for Making EdTech Companies Liable Under FERPA - 11 November 2025
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites - 11 November 2025
Gates Down: Third Circuit Says Breaking Employer Computer Access Policies Is Not Hacking - 11 November 2025
NHS providers reviewing stolen Synnovis data published by cyber criminals - 11 November 2025
Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers - 11 November 2025
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories - 11 November 2025
CISO’s Expert Guide To AI Supply Chain Attacks - 11 November 2025
Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon - 10 November 2025
Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature - 10 November 2025
Short-term renewal of cyber information sharing law appears in bill to end shutdown - 10 November 2025
Yanluowang ransomware IAB pleads guilty - 10 November 2025
New Browser Security Report Reveals Emerging Threats for Enterprises - 10 November 2025
⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More - 10 November 2025
HIPAA, but for non-Covered Entities? - 10 November 2025
Lawsuit Alleges Ex-Intel Employee Hid 18,000 Sensitive Documents Prior to Leaving the Company - 10 November 2025
GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs - 10 November 2025
Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware - 10 November 2025
Manassas City Public Schools close on Monday due to cyberattack - 9 November 2025
San Joaquin County Superior Court concludes sensitive info leaked in data breach - 9 November 2025
Microsoft Uncovers ‘Whisper Leak’ Attack That Identifies AI Chat Topics in Encrypted Traffic - 8 November 2025
Defense Contractors Are Silencing Their Cybersecurity Watchdogs - 8 November 2025
NCCIA arrests man over massive data breach involving millions of Pakistanis - 8 November 2025
ALT5 Sigma sues former consultant over alleged data breach - 7 November 2025
Fourth Circuit Weighs in on Standing in Data Breach Class Actions - 7 November 2025
Is your cyberinsurance paid up? Are you sure? - 7 November 2025
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp - 7 November 2025
From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools - 7 November 2025
Everest Group Interview on Collins Aerospace Breach — Daily Dark Web - 7 November 2025
Breaking Up With Edtech Is Hard to Do - 7 November 2025
Benworth Capital Partners negotiated with threat actors after more than 25,000 lenders had data stolen - 7 November 2025
Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation - 7 November 2025
Attorney General James and Multistate Coalition Secure $5.1 Million from Illuminate Education For Failing to Protect Students’ Data - 7 November 2025
Android Hit by 0-Click RCE Vulnerability in Core System Component - 7 November 2025
Enterprise Credentials at Risk – Same Old, Same Old? - 7 November 2025
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts - 7 November 2025
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities - 7 November 2025
EU Parliament committee votes to advance controversial Europol data sharing proposal - 6 November 2025
Clop Ransomware group claims the breach of The Washington Post - 6 November 2025
The Congressional Budget Office was hacked. It says it has implemented new security measures. - 6 November 2025
Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 - 6 November 2025
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine - 6 November 2025
ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More - 6 November 2025
From Tabletop to Turnkey: Building Cyber Resilience in Financial Services - 6 November 2025
Hackers defraud multiple lawmakers, a Pakistan Senate committee told - 6 November 2025
Journalists going solo on Substack at risk from hackers - 6 November 2025
Kr: Investigation shows KT concealed malware infections, security failures leading to hacking breach - 6 November 2025
Nevada Refused to Pay Cyberattack Ransom as Systems Sat Compromised for Months - 6 November 2025
Pro-Russian hackers target Belgian telecom websites in DDoS attack - 6 November 2025
Bitdefender Named a Representative Vendor in the 2025 Gartner® Market Guide for Managed Detection and Response - 6 November 2025
Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection - 6 November 2025
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach - 6 November 2025
Faster, safer, stronger: Sophos Firewall v22 security enhancements - 5 November 2025
5 ways to strengthen your firewall and endpoint’s defenses against ransomware - 5 November 2025
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly - 5 November 2025
Detecting fraudulent North Korean hires: A CISO playbook - 5 November 2025
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data - 5 November 2025
Swedish IT Company Data Breach Exposes Personal Details of 1.5 Million Users - 5 November 2025
Hack exposes Kansas City, Kansas, Police’s secret officer misconduct list - 5 November 2025
Securing the Open Android Ecosystem with Samsung Knox - 5 November 2025
Phone location data of top EU officials for sale, report finds - 5 November 2025
Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack - 5 November 2025
Software dev accidentally leaks Australian govt documents - 5 November 2025
Something Old and Something New: The False Claims Act and Cybersecurity - 5 November 2025
Why SOC Burnout Can Be Avoided: Practical Steps - 5 November 2025
Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions - 5 November 2025
U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud - 5 November 2025
CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence - 5 November 2025
“Louvre” as a password, outdated software, impossible updates… Ten years of IT security breaches at the world’s leading museum - 4 November 2025
A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces - 4 November 2025
Europol and Eurojust Dismantle €600 Million Crypto Fraud Network in Global Sweep - 4 November 2025
Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks - 4 November 2025
Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed - 4 November 2025
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says - 4 November 2025
Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors - 4 November 2025
Ransomware Defense Using the Wazuh Open Source Platform - 4 November 2025
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks - 4 November 2025
Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit - 4 November 2025
Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel - 4 November 2025
Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive - 3 November 2025
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks - 3 November 2025
The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations - 3 November 2025
⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More - 3 November 2025
Canadian woman stuck since 2021 in Mauritius after passport withheld - 3 November 2025
‘People have had to move house’: Inside the British Library, two years on from devastating cyber attack - 3 November 2025
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data - 3 November 2025
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea - 3 November 2025
University of Pennsylvania says it wasn’t hacked after a vulgar email was sent to campus community - 2 November 2025
Two years after an audit highlighted significant concerns, North Salem Central School District leaves sensitive student data at risk - 2 November 2025
Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak - 1 November 2025
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability - 1 November 2025
UK: Woman charged after NHS patients’ records accessed in data breach - 1 November 2025
Massive Great Firewall Leak Exposes 500GB of Censorship Data - 1 November 2025
Russian Police Bust Suspected Meduza Infostealer Developers - 1 November 2025
OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically - 31 October 2025
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack - 31 October 2025
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats - 31 October 2025
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems - 31 October 2025
How many courts have had sealed and sensitive files exposed by one vendor’s error? - 31 October 2025
Landmark civil penalty of AU$5.8 million issued under Australia’s Privacy Act - 31 October 2025
Ukrainian Conti Ransomware Suspect Extradited to US from Ireland - 31 October 2025
Legal Aid Agency chief admits difficulties understanding impact of cyberattack - 31 October 2025
The MSP Cybersecurity Readiness Guide: Turning Security into Growth - 31 October 2025
Phake phishing: Phundamental or pholly? - 31 October 2025
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers - 31 October 2025
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery - 31 October 2025
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks - 31 October 2025
A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do - 30 October 2025
BRONZE BUTLER exploits Japanese asset management software vulnerability - 30 October 2025
Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks - 30 October 2025
Google’s Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month - 30 October 2025
Snowflake Loses Two More Bids to Dismiss Data Breach Plaintiffs - 30 October 2025
Revealed: Afghan data breach after MoD official left laptop open on train - 30 October 2025
New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL - 30 October 2025
Build a prevention-first defense: The Sophos Cybersecurity Toolkit - 30 October 2025
The Death of the Security Checkbox: BAS Is the Power Behind Real Defense - 30 October 2025
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs - 30 October 2025
ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising - 30 October 2025
UK: FCA fines former employee of Virgin Media O2 for data protection breach - 29 October 2025
Former General Manager for U.S. Defense Contractor Pleads Guilty to Selling Stolen Trade Secrets to Russian Broker - 29 October 2025
Canada says hacktivists breached water and energy facilities - 29 October 2025
US company with access to biggest telecom firms uncovers breach by nation-state hackers - 29 October 2025
Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data - 29 October 2025
New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts - 29 October 2025
Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices - 29 October 2025
Sophos Firewall v22: Health Check - 29 October 2025
The 4TB time bomb: when EY’s cloud went public (and what it taught us) - 29 October 2025
Alan Turing institute launches new mission to protect UK from cyber-attacks - 29 October 2025
China Amends Cybersecurity Law and Incident Reporting Regime to Address AI and Infrastructure Risks - 29 October 2025
Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc - 29 October 2025
Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics - 29 October 2025
Discover Practical AI Tactics for GRC — Join the Free Expert Webinar - 29 October 2025
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux - 29 October 2025
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack - 29 October 2025
Safaricom-Backed M-TIBA Victim of a Possible Data Breach Affecting Millions of Kenyans - 28 October 2025
Some lower-tier ransomware gangs have formed a new RaaS alliance — or have they? - 28 October 2025
New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves - 28 October 2025
New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human - 28 October 2025
Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains - 28 October 2025
Why Early Threat Detection Is a Must for Long-Term Business Growth - 28 October 2025
Is Your Google Workspace as Secure as You Think it is? - 28 October 2025
US declines to join more than 70 countries in signing UN cybercrime treaty - 28 October 2025
Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware - 28 October 2025
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats - 27 October 2025
Another plastic surgery practice fell prey to a cyberattack that acquired patient photos and info - 27 October 2025
X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts - 27 October 2025
New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands - 27 October 2025
⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens - 27 October 2025
NY: Gloversville hit by ransomware attack, paid ransom - 27 October 2025
Ex-CISA head thinks AI might fix code so fast we won’t need security teams - 27 October 2025
On Reports of an Alleged Data Breach Involving G-Xchange, Inc. (GCash) - 27 October 2025
Uncovering Qilin attack methods exposed through multiple cases - 27 October 2025
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Iran’s Critical Infrastructure - 27 October 2025
How a hacking gang held Italy’s political elites to ransom - 27 October 2025
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack - 27 October 2025
ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands - 27 October 2025
UN Cybercrime Convention to be signed in Hanoi to tackle global offences - 25 October 2025
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation - 24 October 2025
Two U.K. teenagers appear in court over Transport of London cyber attack - 24 October 2025
Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability - 24 October 2025
APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign - 24 October 2025
Confidence in ransomware recovery is high but actual success rates remain low - 24 October 2025
Data breach in 42 Latvian municipalities: DVI imposes 300,000 euro fine on ZZ Dats - 24 October 2025
Toys “R” Us Canada customers notified of breach of personal information - 24 October 2025
Gatineau gymnastics centre warns members of possible data breach - 24 October 2025
ModMed revealed they were victims of a cyberattack in July. Then some data showed up for sale. - 24 October 2025
The Cybersecurity Perception Gap: Why Executives and Practitioners See Risk Differently - 24 October 2025
3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation - 24 October 2025
Locking it down: A new technique to prevent LLM jailbreaks - 24 October 2025
Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack - 24 October 2025
North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets - 23 October 2025
ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More - 23 October 2025
Secure AI at Scale and Speed — Learn the Framework in this Free Webinar - 23 October 2025
Kaufman County’s data breach was their second one in three weeks - 23 October 2025
Why Organizations Are Abandoning Static Secrets for Managed Identities - 23 October 2025
“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards - 23 October 2025
Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms - 23 October 2025
Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw - 23 October 2025
Hacking Formula 1: Accessing Max Verstappen’s passport and PII through FIA bugs - 22 October 2025
Protected health information of 462,000 members of Blue Cross Blue Shield of Montana involved in Conduent data breach - 22 October 2025
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files - 22 October 2025
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign - 22 October 2025
Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers - 22 October 2025
We need secure products as much as we need security products - 22 October 2025
Hotel and Casino near Las Vegas Strip suffers data breach, documents say - 22 October 2025
TX: Kaufman County Faces Cybersecurity Attack: Courthouse Computer Operations Disrupted - 22 October 2025
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys - 22 October 2025
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch - 22 October 2025
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach - 22 October 2025
Bridging the Remediation Gap: Introducing Pentera Resolve - 22 October 2025
Why You Should Swap Passwords for Passphrases - 22 October 2025
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware - 22 October 2025
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution - 22 October 2025
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution - 22 October 2025
PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign - 21 October 2025
Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams - 21 October 2025
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns - 21 October 2025
KT Chief to Resign After Cybersecurity Breach Resolution - 21 October 2025
Securing AI to Benefit from AI - 21 October 2025
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm - 21 October 2025
JFL Lost Up to $800,000 Weekly After Cyberattack, CEO Says No Patient or Staff Data Was Compromised - 21 October 2025
Romanian prisoner hacks prison IT system in plot made for a Netflix movie - 21 October 2025
Introducing Sophos Identity Threat Detection and Response (ITDR) - 21 October 2025
Announcing the latest evolution of our Security Operations portfolio - 21 October 2025
Getting salty with LLMs: SophosAI unveils new defense against jailbreaking at CAMLIS 2025 - 21 October 2025
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network - 21 October 2025
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers - 21 October 2025
Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets - 20 October 2025
Sophos Intelix for Microsoft Copilot now brings threat intelligence directly into Copilot - 20 October 2025
From inbox clutter to costly compromise: Why email threats still matter - 20 October 2025
Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials - 20 October 2025
John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt - 20 October 2025
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches - 20 October 2025
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign - 20 October 2025
⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More - 20 October 2025
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems - 20 October 2025
UK: ‘Catastrophic’ attack as Russians hack files on EIGHT MoD bases and post them on the dark web - 19 October 2025
A business’s cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why? - 19 October 2025
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide - 19 October 2025
Before Their Telegram Channel Was Banned Again, ScatteredLAPSUS$Hunters Dropped Files Doxing Government Employees - 18 October 2025
Scenes from a “No Kings” Protest, 10-18-25 - 18 October 2025
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs - 18 October 2025
No Kings. Not Today. Not Ever. - 18 October 2025
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT - 18 October 2025
Massachusetts hospitals Heywood, Athol say outage was a cybersecurity incident - 17 October 2025
Data BreachesProsper Data Breach Impacts 17.6 Million Accounts - 17 October 2025
An arrested man’s lawyer claims his client can’t be ShinyHunters’ leader. His argument wasn’t persuasive. - 17 October 2025
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware - 17 October 2025
Threat Intelligence Executive Report – Volume 2025, Number 5 - 17 October 2025
Identity Security: Your First and Last Line of Defense - 17 October 2025
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices - 17 October 2025
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign - 17 October 2025
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets - 16 October 2025
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites - 16 October 2025
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts - 16 October 2025
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks - 16 October 2025
Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform - 16 October 2025
The Alliance That Wasn’t: A Critical Analysis of ReliaQuest’s Q3 2025 Ransomware Report - 16 October 2025
Beware the Hidden Costs of Pen Testing - 16 October 2025
Oracle silently fixes zero-day exploit leaked by ShinyHunters - 16 October 2025
Gov’t seeks police probe of KT for allegedly obstructing data breach investigation - 16 October 2025
Qilin Ransomware and the Ghost Bulletproof Hosting Conglomerate - 16 October 2025
Integris Health Agrees to $30 Million Settlement Over 2023 Data Breach - 16 October 2025
F5 discloses breach tied to nation-state threat actor - 16 October 2025
Anti-Israel cyberattack disrupts operations at Kelowna airport - 16 October 2025
Heritage Provider Network $49.99M Class Action Settlement - 16 October 2025
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More - 16 October 2025
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack - 16 October 2025
Sophos Firewall v22 is now available in early access - 15 October 2025
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months - 15 October 2025
October Patch Tuesday beats January ’25 record - 15 October 2025
F5 network compromised - 15 October 2025
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion - 15 October 2025
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks - 15 October 2025
Obsession with cyber breach notification fuelling costly mistakes - 15 October 2025
Capita hit with £14m fine for personal data breach in 2023 cyber attack - 15 October 2025
How Attackers Bypass Synced Passkeys - 15 October 2025
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped - 15 October 2025
Inspiring Futures: Empowering the Next Generation of Girls in Tech - 15 October 2025
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access - 15 October 2025
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control - 15 October 2025
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login - 15 October 2025
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year - 14 October 2025
Attorney General James Secures $14.2 Million from Car Insurance Companies Over Data Breaches - 14 October 2025
Discord blamed a vendor for its data breach — now the vendor says it was ‘not hacked’ - 14 October 2025
Shift left, stay ahead: The case for early threat prevention - 14 October 2025
What AI Reveals About Web Applications— and Why It Matters - 14 October 2025
RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing - 14 October 2025
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions - 14 October 2025
Moving Beyond Awareness: How Threat Hunting Builds Readiness - 14 October 2025
$19M in Settlements Underscore Cybersecurity Risks for TPAs and Insurers - 14 October 2025
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels - 14 October 2025
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain - 14 October 2025
Months After Being Notified, a Software Vendor is Still Exposing Confidential and Sealed Court Records - 13 October 2025
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More - 13 October 2025
Cybersecurity Awareness Month: 10 tips to Stay Safe Online that anyone can use - 13 October 2025
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk - 13 October 2025
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor - 13 October 2025
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors - 13 October 2025
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns - 13 October 2025
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs - 13 October 2025
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login - 12 October 2025
From sizzle to drizzle to fizzle: The massive data leak that wasn’t - 12 October 2025
In a few days, the PowerSchool hacker will learn his sentence, and his life as he has known it will end. - 11 October 2025
They were victims of a massive data breach in 2009. Interior Health denied it for a decade. - 11 October 2025
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts - 11 October 2025
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks - 11 October 2025
Watsonville Community Hospital had a data breach — or two. It would be helpful to know which. - 10 October 2025
Telstra Denies Scattered Spider Data Breach Claims Amid Ransom Threats - 10 October 2025
WhatsApp Worm Targets Brazilian Banking Customers - 10 October 2025
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries - 10 October 2025
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers - 10 October 2025
Don’t breathe that sigh of relief just yet: BreachForums is gone, but the Salesforce leak site isn’t - 10 October 2025
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation - 10 October 2025
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign - 10 October 2025
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart? - 10 October 2025
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability - 10 October 2025
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw - 10 October 2025
BreachForums Seized — Again! - 9 October 2025
SonicWall Says All Firewall Backups Were Accessed by Hackers - 9 October 2025
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware - 9 October 2025
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps - 9 October 2025
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More - 9 October 2025
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks - 9 October 2025
Missing Risk Analysis Cost NY CPA Firm $175K—But Not the Big Group Whose Data Was Breached in 2019 - 9 October 2025
SaaS Breaches Start with Tokens – What Security Teams Must Watch - 9 October 2025
Discord Confirms 70,000 Government IDs Exposed in Third-Party Breach - 9 October 2025
Shad White’s office finds nearly a third of Mississippi’s state agencies fail cybersecurity requirements - 9 October 2025
California’s New Delete Request Tool Impacts Data Brokers and Residents - 9 October 2025
Vn: Major hospitals hit by cyberattacks, patient data sold on hacker forums - 9 October 2025
California Sets 30 Day Deadline for Data Breach Notifications - 9 October 2025
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine - 9 October 2025
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme - 9 October 2025
Policyholder Plot Twist: Cyber Insurer Sues Policyholder’s Cyber Pros - 8 October 2025
DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape - 8 October 2025
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks - 8 October 2025
The State of Ransomware in Healthcare 2025 - 8 October 2025
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave - 8 October 2025
Qantas says ‘legal protections in place’ as ScatteredLAPSUS$Hunters group threatens to release personal data - 8 October 2025
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem - 8 October 2025
US law firm with major political clients hacked in spying spree linked to China - 8 October 2025
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now - 8 October 2025
Step Into the Password Graveyard… If You Dare (and Join the Live Session) - 8 October 2025
Salesforce Tells Clients It Won’t Pay Hackers for Extortion - 8 October 2025
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks - 8 October 2025
U.K.: Two arrested over cyber attack which stole thousands of nursery children’s data - 7 October 2025
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers - 7 October 2025
Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them - 7 October 2025
California hospitals can escape fines if workers expose patient info - 7 October 2025
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities - 7 October 2025
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise - 7 October 2025
Harris Health discloses insider-wrongdoing breach that went on for a decade - 7 October 2025
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware - 7 October 2025
13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely - 7 October 2025
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks - 7 October 2025
Developing: Salesforce data leak site being seized? Looks like it. - 6 October 2025
Case Study: How Advance2000 keeps 10K+ users secure with Sophos - 6 October 2025
I called American Income Life Insurance to alert them to a data breach involving 150,000 customers. Here’s why they didn’t find out. - 6 October 2025
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations - 6 October 2025
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers - 6 October 2025
5 Critical Questions For Adopting an AI Security Solution - 6 October 2025
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More - 6 October 2025
NSW gov contractor uploaded Excel spreadsheet of flood victims’ data to ChatGPT - 6 October 2025
Update on the emerging CL0P extortion campaign targeting Oracle E-Business Suite - 6 October 2025
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files - 6 October 2025
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks - 6 October 2025
Just days before its data might be leaked, Qantas Airways obtained a permanent injunction - 4 October 2025
PowerSchool hit by Salesloft Drift campaign, but hackers claim that there is no risk of harm or ransom - 4 October 2025
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief - 4 October 2025
Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day - 4 October 2025
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer - 3 October 2025
Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads - 3 October 2025
More Salesforce customer attacks revealed in new leak site by Scattered LAPSUS$ Hunters (1) - 3 October 2025
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL - 3 October 2025
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security - 3 October 2025
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT - 3 October 2025
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild - 3 October 2025
Flagstar Agrees to $31.5 Million Deal in Accellion-Breach Suit - 2 October 2025
Judge throws out lawsuit against Columbus over data breach - 2 October 2025
Hackers say they have deleted children’s pictures and data after nursery attack backlash - 2 October 2025
Legal Practice Board of Western Australia begins notifying data breach victims - 2 October 2025
When it rains, it pours? Kido had a second incident to address - 2 October 2025
Clop extortion emails claim theft of Oracle E-Business Suite data - 2 October 2025
The Identity Theft Resource Center Remains Open to Victims Amid Government Shutdown - 2 October 2025
Red Hat confirms security incident after hackers breach GitLab instance - 2 October 2025
Leak of patient records feared as Israeli hospital hit by cyberattack demanding ransom - 2 October 2025
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware - 2 October 2025
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown - 2 October 2025
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware - 2 October 2025
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More - 2 October 2025
Automating Pentest Delivery: 7 Key Workflows for Maximum Impact - 2 October 2025
How to Close Threat Detection Gaps: Your SOC’s Action Plan - 2 October 2025
Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro - 2 October 2025
New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer - 1 October 2025
OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps - 1 October 2025
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover - 1 October 2025
How Leading Security Teams Blend AI + Human Workflows (Free Webinar) - 1 October 2025
Introducing Sophos Advisory Services - 1 October 2025
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users - 1 October 2025
2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising - 1 October 2025
AI-driven medical benefits servicer hit with data breach - 1 October 2025
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones - 1 October 2025
Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs - 1 October 2025
Georgia Tech Research Corporation Agrees to Pay $875,000 to Resolve Civil Cyber-Fraud Litigation - 30 September 2025
$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections - 30 September 2025
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware - 30 September 2025
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024 - 30 September 2025
Stop Alert Chaos: Context Is the Key to Effective Incident Response - 30 September 2025
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake - 30 September 2025
Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits - 30 September 2025
Report: Addressing cybersecurity burnout in 2025 - 30 September 2025
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events - 30 September 2025
U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust - 30 September 2025
Evolving Enterprise Defense to Secure the Modern AI Supply Chain - 30 September 2025
Is your SIEM still serving You? Why it might be time to rethink your security stack - 30 September 2025
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems - 30 September 2025
Sophos named a Leader in the IDC MarketScape™: Worldwide Extended Detection and Response (XDR) Software 2025 - 29 September 2025
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations - 29 September 2025
⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More - 29 September 2025
The State of AI in the SOC 2025 – Insights from Recent Study - 29 September 2025
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package - 29 September 2025
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security - 29 September 2025
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks - 27 September 2025
Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked - 27 September 2025
Harrods warns customers their personal data could have been stolen by hackers in new cyber-attack - 27 September 2025
Cyber threat-sharing law set to shut down, along with US government - 27 September 2025
London nurseries hit by hackers, data on 8,000 children stolen - 27 September 2025
Archer Health was leaking protected health information. Criminals appear to have found it. - 26 September 2025
Columbia University Irving Medical Center pays $600K in data breach lawsuit settlement - 26 September 2025
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam - 26 September 2025
ApolloMD notifies patients of 11 physician practices affected by a June cyberattack - 26 September 2025
Teens arrested by Dutch police reportedly suspected of spying for Russia - 26 September 2025
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks - 26 September 2025
‘No Harm, No Foul:’ Courts Take Tougher Line on Data-Breach Suits - 26 September 2025
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions - 26 September 2025
HeartCrypt’s wholesale impersonation effort - 26 September 2025
CISA Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices - 26 September 2025
Neon, the No. 2 social app on the Apple App Store, pays users to record their phone calls and sells data to AI firms - 26 September 2025
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module - 26 September 2025
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure - 26 September 2025
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware - 26 September 2025
Judge orders release of teen accused in 2023 casino cyberattacks - 25 September 2025
Salesforce AI Hack Enabled CRM Data Theft - 25 September 2025
Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network - 25 September 2025
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive - 25 September 2025
Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection - 25 September 2025
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers - 25 September 2025
Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More - 25 September 2025
CTEM’s Core: Prioritization and Validation - 25 September 2025
Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds - 25 September 2025
Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed - 25 September 2025
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software - 25 September 2025
Verily Faces Lawsuit Over Alleged HIPAA Violations - 24 September 2025
Motility Data Breach Exposes Social Security Numbers & Affects 760,000 Consumers - 24 September 2025
Volvo Group Data Breach Affects Workforce PII - 24 September 2025
ClaimPix Data Leak Exposes 5 Million Customer Records - 24 September 2025
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike - 24 September 2025
Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms - 24 September 2025
UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors - 24 September 2025
Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models - 24 September 2025
U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General Assembly - 24 September 2025
NY DFS Superintendent Adrienne A. Harris Extends Blockchain Analytics Guidance to New York State Banking Organizations - 24 September 2025
Lotte Card reissues 650,000 cards after data leak, protects 1.28 million customers - 24 September 2025
Suspected cyberattack disrupts Circle K chain’s operations in Hong Kong - 24 September 2025
Ukrainian Intelligence Hackers Breach Crimean Servers: Uncovered War Crimes Evidence and Russian Military Lists - 24 September 2025
Cybercriminals cash out with casino giant’s employee data - 24 September 2025
Man arrested in UK over alleged cyberattack that affected European airports - 24 September 2025
New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus - 24 September 2025
iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks - 24 September 2025
How One Bad Password Ended a 158-Year-Old Business - 24 September 2025
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials - 24 September 2025
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability - 24 September 2025
Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security - 23 September 2025
U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN - 23 September 2025
Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries - 23 September 2025
ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service - 23 September 2025
Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation - 23 September 2025
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw - 23 September 2025
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security - 23 September 2025
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells - 23 September 2025
No Need to Hack When It’s Leaking: App for outing Charlie Kirk’s critics leaked its users’ personal data - 22 September 2025
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks - 22 September 2025
⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More - 22 September 2025
Data Leak? Crypto.com Fires Back At ‘Unfounded’ Allegations - 22 September 2025
Stellantis detects breach at third-party provider for North American customers - 22 September 2025
How to Gain Control of AI Agents and Non-Human Identities - 22 September 2025
What happens when a cybersecurity company gets phished? - 22 September 2025
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants - 22 September 2025
The Pennsylvania Attorney General’s Office Updates Ransomware Attack Incident - 21 September 2025
When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on - 21 September 2025
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams - 21 September 2025
Cyberattack disrupts European airports including Heathrow, Brussels - 20 September 2025
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer - 20 September 2025
Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell - 20 September 2025
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent - 20 September 2025
Teen Suspect Surrenders in 2023 Las Vegas Casino Cyberattack Case - 19 September 2025
UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware - 19 September 2025
Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability - 19 September 2025
SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers - 19 September 2025
‘I Was a Weird Kid’: Jailhouse Confessions of a Teen Hacker - 19 September 2025
Medical Associates of Brevard notifies 246,711 patients after cyberattack - 19 September 2025
17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge - 19 September 2025
How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines - 19 September 2025
FOIA Document on Breach of Sensitive DHS Domestic Intelligence Sharing Portal - 19 September 2025
Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine - 19 September 2025
U.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber Attack - 19 September 2025
CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428 - 18 September 2025
SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers - 18 September 2025
Two teenage suspected Scattered Spider members charged in UK over TfL hack - 18 September 2025
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader - 18 September 2025
K-12 schools face cybersecurity risks inside and outside of the classroom - 18 September 2025
Survival Flight reports second cybersecurity incident in less than a year - 18 September 2025
How CISOs Can Drive Effective AI Governance - 18 September 2025
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers - 18 September 2025
KR: Lotte Card hack exposes data of 3 million users - 18 September 2025
Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service - 18 September 2025
Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions - 18 September 2025
JLR ‘cyber shockwave ripping through UK industry’ as supplier share price plummets by 55% - 17 September 2025
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks - 17 September 2025
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks - 17 September 2025
Tiffany discloses data breach involving gift cards — second breach disclosure in recent months - 17 September 2025
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts - 17 September 2025
From Quantum Hacks to AI Defenses – Expert Guide to Building Unbreakable Cyber Resilience - 17 September 2025
GOLD SALEM’s Warlock operation joins busy ransomware landscape - 17 September 2025
Self-propagating supply chain attack hits 187 npm packages - 17 September 2025
Rethinking AI Data Security: A Buyer’s Guide - 17 September 2025
Latvian health authority official and IT company head fined for data breach - 17 September 2025
Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims - 17 September 2025
Ransomware’s new frontier: Extortion attacks evolve in Asia Pacific - 17 September 2025
DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM - 17 September 2025
RaccoonO365 Phishing Network Shut Down After Microsoft and Cloudflare Disrupt 338 Domains - 17 September 2025
Not all Endpoint protection is created equal - 16 September 2025
Scattered Spider Tied to Fresh Attacks on Financial Services - 16 September 2025
Conor Brian Fitzpatrick Re-Sentenced: Three years in prison plus 20 years supervised release for former BreachForums owner - 16 September 2025
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover - 16 September 2025
Sophos supports Objective-See Foundation to advance macOS security and inclusive cybersecurity education - 16 September 2025
New fugitive uploaded to EU Most Wanted list for major ransomware attacks - 16 September 2025
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids - 16 September 2025
New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site - 16 September 2025
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack - 16 September 2025
Securing the Agentic Era: Introducing Astrix’s AI Agent Control Plane - 16 September 2025
FBI ‘aware’ of Anchorage health clinic data breach as hackers claim 60K patients impacted - 16 September 2025
SEC to Notify Crypto Businesses of Technical Violations Before Taking Action: Report - 16 September 2025
Jaguar Land Rover issues update on job safety after cyber attack - 16 September 2025
Cybercrime Government News People Recorded Future US national charged in Finnish psychotherapy center extortion - 16 September 2025
China slaps 1-hour deadline on reporting serious cyber incidents - 16 September 2025
Sophos tops G2 Fall 2025 Reports: #1 Overall in MDR and Firewall - 16 September 2025
Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds - 16 September 2025
40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials - 16 September 2025
Former Defense Contractor Sentenced to Over 10 Years in Prison for Attempted Espionage - 15 September 2025
Update: Kering confirms Gucci and other brands hacked; claims no conversations with hackers? - 15 September 2025
Hackers claim access to law enforcement portals, but do they really have access? - 15 September 2025
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs - 15 September 2025
Ex-WhatsApp cybersecurity executive says Meta endangered billions of users in new suit - 15 September 2025
Alphabet’s Verily covered up HIPAA violations, whistleblower says in lawsuit - 15 September 2025
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More - 15 September 2025
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now - 15 September 2025
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns - 15 September 2025
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks - 15 September 2025
Union urges government intervention with 100,000 jobs at risk after JLR cyber attack - 14 September 2025
Uvalde CISD to close most of next week due to ransomware issue - 14 September 2025
Interview with Valéry Rieß-Marchive – Managing Leaks in Ransomware Negotiations - 13 September 2025
China’s Great Firewall suffers its biggest leak ever as 500GB of source code and docs spill online — censorship tool has been sold to three different countries - 13 September 2025
FBI Flash Alert: Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances for Data Theft and Extortion - 13 September 2025
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks - 13 September 2025
“Pompompurin’s” re-sentencing is scheduled for Tuesday. What will the judge do this time? - 12 September 2025
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms - 12 September 2025
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks - 12 September 2025
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning - 12 September 2025
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit - 12 September 2025
U.S. Senator accuses Microsoft of “gross cybersecurity negligence” - 12 September 2025
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage - 12 September 2025
Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories - 12 September 2025
Going Dark: ShinyHunters/ScatteredSpider/LAPSUS$ Say Goodbye - 11 September 2025
Exclusive: High-end fashion retailers Gucci, Balenciaga, Brioni, and Alexander McQueen hit by Salesforce attacks - 11 September 2025
“Omni” wins a round in his extradition case - 11 September 2025
Kivimäki walks free during appeal over Vastaamo data breach - 11 September 2025
Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity - 11 September 2025
Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence - 11 September 2025
SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers - 11 September 2025
Cracking the Boardroom Code: Helping CISOs Speak the Language of Business - 11 September 2025
Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts - 11 September 2025
AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto - 11 September 2025
September Patch Tuesday handles 81 CVEs - 10 September 2025
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems - 10 September 2025
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems - 10 September 2025
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs - 10 September 2025
Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety - 10 September 2025
The State of Ransomware in Education 2025 - 10 September 2025
The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services - 10 September 2025
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations - 10 September 2025
Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises - 10 September 2025
SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws - 9 September 2025
Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts - 9 September 2025
HHS Releases Updated Security Risk Assessment Tool - 9 September 2025
“LockerGoga,” “MegaCortex,” and “Nefilim” Ransomware Administrator Charged with Ransomware Attacks - 9 September 2025
Kosovo National Pleads Guilty To Operating An Online Criminal Marketplace - 9 September 2025
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks - 9 September 2025
New enhancements to the Sophos AI Assistant - 9 September 2025
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities - 9 September 2025
English Court of Appeal Rules on Compensation for Data Breaches - 9 September 2025
MO: City of St. Joseph hit by cyberattack, data potentially acquired in breach - 9 September 2025
[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them - 9 September 2025
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs - 9 September 2025
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks - 9 September 2025
Massive NPM Supply Chain Attack Hits Crypto Wallets - 9 September 2025
How Leading CISOs are Getting Budget Approval - 9 September 2025
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack - 9 September 2025
45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage - 8 September 2025
Vietnam’s national credit registration and reporting agency hacked; most of the population affected - 8 September 2025
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies - 8 September 2025
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms - 8 September 2025
You Didn’t Get Phished — You Onboarded the Attacker - 8 September 2025
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More - 8 September 2025
CISA Delays Cyber Incident Reporting Rule for Critical Infrastructure - 8 September 2025
Salesloft+Drift Update on Investigation Results - 7 September 2025
CISA orders federal agencies to patch Sitecore zero-day following hacking reports - 7 September 2025
Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign - 6 September 2025
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys - 6 September 2025
Idaho man who threatened his hacking victims appeals his sentence in Georgia - 5 September 2025
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation - 5 September 2025
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations - 5 September 2025
SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild - 5 September 2025
Qantas CEO, top executives lose $522,000 in pay for major cyber breach - 5 September 2025
Automation Is Redefining Pentest Delivery - 5 September 2025
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages - 5 September 2025
Department of State employee sentenced for transmitting national defense information to suspected Chinese government agents - 4 September 2025
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module - 4 September 2025
Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries - 4 September 2025
CIS launches Commercial Cloud MDR, Powered by Sophos, to protect SLTT government organizations - 4 September 2025
CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited - 4 September 2025
Google Fined $379 Million by French Regulator for Cookie Consent Violations - 4 September 2025
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions - 4 September 2025
Salesloft Drift Breach Rolls Up Cloudflare, Palo Alto, Zscaler, and Others - 3 September 2025
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers - 3 September 2025
Texas sues PowerSchool over breach compromising info of over 880,000 students, teachers - 3 September 2025
Jaguar Land Rover production impacted by cyberattack; Scattered Spider/ShinyHunters claims responsibility - 3 September 2025
District of Arizona Clarifies Causes of Action Available for Breach of Health Data - 3 September 2025
Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack - 3 September 2025
Detecting Data Leaks Before Disaster - 3 September 2025
Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure - 3 September 2025
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats - 3 September 2025
Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack - 3 September 2025
CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation - 3 September 2025
Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations - 2 September 2025
Hackers Threaten to Submit Artists’ Data to AI Models If Art Site Doesn’t Pay Up - 2 September 2025
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE - 2 September 2025
Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control - 2 September 2025
Shadow AI Discovery: A Critical Part of Enterprise AI Governance - 2 September 2025
Innovation unlocked: Sophos Endpoint is now integrated with Taegis MDR and XDR - 2 September 2025
Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices - 2 September 2025
Bail for 2 Hong Kong doctors accused of leaking data to implicate surgeon - 2 September 2025
Watchdog orders Lotte Card to compensate victims of hack - 2 September 2025
Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial - 2 September 2025
Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware - 2 September 2025
Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets - 2 September 2025
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans - 1 September 2025
Gmail’s protections are strong and effective, and claims of a major Gmail security warning are false. - 1 September 2025
⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More - 1 September 2025
When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider - 1 September 2025
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics - 1 September 2025
Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling - 30 August 2025
Massachusetts AG Secures $795,000 Settlement for Alleged Data Security and Breach Notification Failures by Peabody Properties Inc. - 30 August 2025
Huge Fines Imposed by Thailand’s PDPC: A Major Alert on Data Privacy Violations (Thailand) - 30 August 2025
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices - 30 August 2025
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution - 29 August 2025
Empowering Rural Education: Sophos India’s Volunteering Initiative - 29 August 2025
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign - 29 August 2025
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication - 29 August 2025
Can Your Security Stack See ChatGPT? Why Network Visibility Matters - 29 August 2025
Fake ID website busted; Dutch police deal a blow to criminal infrastructure - 29 August 2025
FBI cyber cop: Salt Typhoon pwned ‘nearly every American’ - 29 August 2025
EuroFins cancer screening hack far bigger than thought, agency says - 29 August 2025
3rd Circuit Clarifies Scope of Computer Fraud Abuse Act With Employer’s Policies - 29 August 2025
CISA steps in to help Nevada state government recover from cyberattack - 29 August 2025
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available - 29 August 2025
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain - 29 August 2025
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page - 29 August 2025
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations - 29 August 2025
TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies - 29 August 2025
A hacker used AI to automate an ‘unprecedented’ cybercrime spree, Anthropic says - 28 August 2025
We Get Privacy For Work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics - 28 August 2025
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names - 28 August 2025
TransUnion notifying more than 4.4 U.S. million consumers of data breach - 28 August 2025
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide - 28 August 2025
Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec - 28 August 2025
Defend what matters: Introducing Sophos Endpoint for Legacy Platforms - 28 August 2025
South Korea fines SK Telecom US$97M over data breach - 28 August 2025
Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them - 28 August 2025
Taiwanese associated with Chinese group behind cyberattacks arrested - 28 August 2025
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials - 28 August 2025
U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits - 28 August 2025
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks - 27 August 2025
Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier - 27 August 2025
Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model - 27 August 2025
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors - 27 August 2025
ShadowSilk Hits 36 Government Targets in Central Asia and APAC Using Telegram Bots - 27 August 2025
A Bold New Look for a Bold Future: Sophos’ Reimagined Brand - 27 August 2025
The 5 Golden Rules of Safe AI Adoption - 27 August 2025
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra - 27 August 2025
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data - 27 August 2025
DOGE accused of copying entire Social Security database to insecure cloud system - 26 August 2025
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks - 26 August 2025
Church of England alleged to have breached abuse survivors’ data - 26 August 2025
OH: West Chester Township investigates second cyberattack this month - 26 August 2025
Velociraptor incident response tool abused for remote access - 26 August 2025
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station - 26 August 2025
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 - 26 August 2025
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers - 26 August 2025
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners - 26 August 2025
Farmers Insurance says 1 million customers affected by cyberattack on third-party vendor - 26 August 2025
Auchan retailer data breach impacts hundreds of thousands of customers - 26 August 2025
Cyberattack on Israeli ‘kosher’ internet provider - 26 August 2025
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands - 26 August 2025
Silver State goes dark as cyberattack knocks Nevada websites offline - 26 August 2025
CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git - 26 August 2025
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps - 26 August 2025
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 - 25 August 2025
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats - 25 August 2025
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads - 25 August 2025
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More - 25 August 2025
Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations - 25 August 2025
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing - 25 August 2025
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot - 24 August 2025
Google Deletes Millions of Android Apps After Malware Discovery - 24 August 2025
The EU NIS2 Directive and intra-group IT services - 24 August 2025
Attorney General James Sues Company Behind Zelle for Enabling Widespread Fraud - 23 August 2025
Major Cyberattack Disrupts Communication On Dozens Of Iranian Ships - 23 August 2025
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets - 23 August 2025
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection - 22 August 2025
African authorities dismantle massive cybercrime and fraud networks, recover millions - 22 August 2025
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown - 22 August 2025
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage - 22 August 2025
Developer jailed for taking down employer’s network with kill switch malware - 22 August 2025
Automation Is Redefining Pentest Delivery - 22 August 2025
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware - 22 August 2025
“Cleanup in Aisle 4:” Telegram is a mess of fake ShinyHunters channels - 21 August 2025
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks - 21 August 2025
Intel Websites Compromised, Allowing Hackers Access to Employee and Confidential Data - 21 August 2025
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages - 21 August 2025
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger - 21 August 2025
MPOWERHealth victim of cyberattack; protected health information involved - 21 August 2025
Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025 - 21 August 2025
Noah Urban aka “King Bob” of Scattered Spider, sentenced to 10 years in prison, $13 million restitution - 21 August 2025
Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft - 21 August 2025
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks - 21 August 2025
FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage - 20 August 2025
DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft - 20 August 2025
Threat Intelligence Executive Report – Volume 2025, Number 4 - 20 August 2025
Taegis MDR/XDR now work with Sophos Firewall’s Active Threat Response - 20 August 2025
Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts - 20 August 2025
Pharmaceutical Company Inotiv Confirms Ransomware Attack - 20 August 2025
Orange Belgium S A informs its customers about a cyberattack - 20 August 2025
UK Cannabis Clinic CB1 Medical Investigating As Patients Affected By Major Data Leak - 20 August 2025
🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do - 20 August 2025
From Impact to Action: Turning BIA Insights Into Resilient Recovery - 20 August 2025
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms - 20 August 2025
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks - 20 August 2025
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems - 19 August 2025
New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code - 19 August 2025
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution - 19 August 2025
The State of Ransomware in Retail 2025 - 19 August 2025
Why Your Security Culture is Critical to Mitigating Cyber Risk - 19 August 2025
U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback - 19 August 2025
HHS OCR Settles HIPAA Ransomware Security Rule Investigation with BST & Co. CPAs, LLP - 19 August 2025
When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics - 19 August 2025
Two agencies in one state investigated and fined Healthplex. Was that one too many? - 19 August 2025
PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks - 19 August 2025
Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures - 18 August 2025
Microsoft’s Nuance coughs up $8.5M to rid itself of MOVEit breach suit - 18 August 2025
Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware - 18 August 2025
⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More - 18 August 2025
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks - 18 August 2025
Wazuh for Regulatory Compliance - 18 August 2025
18 Arrested as Gurugram Call Centre Data Leak Fuels Massive SBI Credit Card Scam - 17 August 2025
Government papers found in an Alaskan hotel reveal new details of Trump-Putin summit - 16 August 2025
ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure - 16 August 2025
Data breach at Fundamental Administrative Services affected 56,235 patients at long-term care facilities - 16 August 2025
NYDFS Secures $2 Million Cybersecurity Settlement with Healthplex, Inc. - 16 August 2025
UK: HMRC sacks dozens of staff for snooping on taxpayers - 16 August 2025
Kokomo24/7, provider of telehealth services for LAUSD students, reports data breach - 16 August 2025
Thousands more Afghans affected by second data breach, ministers say - 16 August 2025
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware - 16 August 2025
Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools - 15 August 2025
U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions - 15 August 2025
Zero Trust + AI: Privacy in the Age of Agentic AI - 15 August 2025
Keenan & Associates settles 2023 data breach litigation for $14M - 15 August 2025
Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution - 15 August 2025
Two Defendants Plead Guilty To Fraud Scheme Involving Data Stolen From Hospital Patients - 14 August 2025
New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks - 14 August 2025
Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS - 14 August 2025
Have You Turned Off Your Virtual Oven? - 14 August 2025
New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits - 14 August 2025
Appeals Court Upholds FCC Data Breach Rules for Hacked Telecoms - 14 August 2025
Children’s Health Ireland faces investigation over data breach of health records at Tallaght Hospital - 14 August 2025
Simple Steps for Attack Surface Reduction - 14 August 2025
SAG-AFTRA Members Settle Lawsuit Against Union Health Plan Over Data Breach - 14 August 2025
Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses - 14 August 2025
CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog - 13 August 2025
August Patch Tuesday includes blasts from the (recent) past - 13 August 2025
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks - 13 August 2025
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws - 13 August 2025
AI SOC 101: Key Capabilities Security Leaders Need to Know - 13 August 2025
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code - 13 August 2025
Site Behind Major SSN Leak Returns With Detailed Data on Millions: How to Opt Out - 13 August 2025
NL: Hacked lab paid ransom: ‘Millions of euros demanded’ - 13 August 2025
Russia Is Suspected to Be Behind Breach of Federal Court Filing System - 13 August 2025
Webinar: What the Next Wave of AI Cyberattacks Will Look Like — And How to Survive - 13 August 2025
Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws - 13 August 2025
Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics - 13 August 2025
Updating: Two Telegram channels and two accounts banned, one bounty offered, and BreachForums goes down - 12 August 2025
Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks - 12 August 2025
Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager - 12 August 2025
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses - 12 August 2025
New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks - 12 August 2025
Enhancements and new offerings for Sophos’ email security portfolio - 12 August 2025
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions - 12 August 2025
North Korean Kimsuky Hackers Suffer Data Breach as Insiders Leak Information Online - 12 August 2025
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors - 12 August 2025
Hackers post stolen St. Paul data online as efforts to reset city employee passwords surge forward - 11 August 2025
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications - 11 August 2025
Justice Department Announces Coordinated Disruption Actions Against BlackSuit (Royal) Ransomware Operations - 11 August 2025
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls - 11 August 2025
⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More - 11 August 2025
NL: Hackers breach cancer screening data of almost 500,000 women - 11 August 2025
6 Lessons Learned: Focusing Security Where Business Value Lives - 11 August 2025
7-Zip Vulnerability Lets Hackers Write Files and Run Malicious Code - 11 August 2025
KR: Yes24, the largest Internet bookstore in Korea, suffered its second ransomware attack in two months - 11 August 2025
Korea wins world’s top hacking contest for 4th consecutive year - 11 August 2025
Why Ransomware Attacks Are Decreasing in 2025 - 11 August 2025
Violent Crypto Crimes Surge in 2025 Amid Massive Data Leaks - 11 August 2025
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately - 11 August 2025
Connex Credit Union notifies 172,000 members of hacking incident - 10 August 2025
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP - 10 August 2025
Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation - 10 August 2025
Federal judiciary says it is boosting security after cyberattack; researcher finds new leaks - 10 August 2025
Bank of America Refused To Reimburse Georgia Customer After Hackers Hit Account. Then a News Station Showed Up. - 10 August 2025
NCERT Issues Advisory on “Blue Locker” Ransomware Targeting Pakistan’s Key Institutions - 10 August 2025
Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models - 10 August 2025
Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks - 9 August 2025
Scattered Spider has a new Telegram channel to list its attacks - 9 August 2025
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems - 9 August 2025
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials - 9 August 2025
SC: Spartanburg County hit by cyberattack, some online services disrupted - 8 August 2025
AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims - 8 August 2025
Pakistan Petroleum thwarts ransomware attempt, says no critical data compromised - 8 August 2025
ShinyHunters sent Google an extortion demand; Shiny comments on current activities - 8 August 2025
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes - 8 August 2025
Leaked Credentials Up 160%: What Attackers Are Doing With Them - 8 August 2025
Air France and KLM alert customers to data breach on external platform - 8 August 2025
6.4 million Bouygues Telecom just had their data exposed in a huge data breach – and it’s the second to hit French telecoms operators in a month - 8 August 2025
Samourai CEO Keonne Rodriguez and Samourai CTO William Lonergan Hill Pled Guilty to Operating a Money Transmitting Business, Samourai Wallet, That Transmitted Over $200 Million in Criminal Proceeds - 8 August 2025
AU: Privacy watchdog sues Optus over mass data breach in 2022 - 8 August 2025
GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions - 8 August 2025
Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job - 7 August 2025
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others - 7 August 2025
6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits - 7 August 2025
Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes - 7 August 2025
SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day - 7 August 2025
The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense - 7 August 2025
Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups - 7 August 2025
Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need - 7 August 2025
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft - 6 August 2025
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams - 6 August 2025
Google reveals it became one of the Salesforce attack victims in June - 6 August 2025
Shared secret: EDR killer in the kill chain - 6 August 2025
Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools - 6 August 2025
AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals - 6 August 2025
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems - 6 August 2025
Ohio law to require local governments to formally approve ransomware payments - 6 August 2025
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures - 6 August 2025
CISA Adds 3 D-Link Router Flaws to KEV Catalog After Active Exploitation Reports - 6 August 2025
AI Is Transforming Cybersecurity Adversarial Testing – Pentera Founder’s Vision - 6 August 2025
39-year-old Nigerian extradited to US from France over alleged hacking - 5 August 2025
Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied - 5 August 2025
More than 1 million patients affected by DaVita ransomware attack; those are preliminary numbers - 5 August 2025
ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections - 5 August 2025
Scattered Spider is NOT quiet. They’re just under another name now. - 5 August 2025
Cisco discloses data breach impacting Cisco.com user accounts - 5 August 2025
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval - 5 August 2025
Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild - 5 August 2025
Rubrik & Sophos Enhance Cyber Resilience for Microsoft 365 - 5 August 2025
Exclusive: Brosix and Chatox promised to keep your chats secured. They didn’t. - 5 August 2025
Cencora & The Lash Group reach $40M settlement in data breach class action - 5 August 2025
Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks - 5 August 2025
How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents - 5 August 2025
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign - 5 August 2025
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported - 5 August 2025
Thai hospital fined 1.2 million baht for data breach via snack bags - 4 August 2025
Follow-up: Qilin responds to claims by affiliate and leak by competitor - 4 August 2025
New York Upgrades Its Firewall Against Cyberattacks - 4 August 2025
Dutch Prosecution Service begins phased system reboot after cyberattack - 4 August 2025
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers - 4 August 2025
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally - 4 August 2025
Man-in-the-Middle Attack Prevention Guide - 4 August 2025
⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More - 4 August 2025
The Wild West of Shadow IT - 4 August 2025
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads - 4 August 2025
Are Scattered Spider and ShinyHunters one group or two? And who did France arrest? - 3 August 2025
Why we shouldn’t just repeat ransomware groups’ claims, Sunday edition - 3 August 2025
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign - 2 August 2025
Aftermath: More than 99% of providers opted to have Change Healthcare notify patients of its massive data breach - 2 August 2025
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft - 2 August 2025
HCA Healthcare settled two lawsuits this week; one was over its 2023 data breach - 2 August 2025
Qilin Ransomware Affiliate Panel Login Credentials Exposed Online - 2 August 2025
Highlands Oncology Group notifies 113,575 people after ransomware attack by Medusa - 2 August 2025
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices - 2 August 2025
Oklahoma Substantially Amends Its Data Breach Notification Statute - 1 August 2025
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection - 1 August 2025
Palo Alto Networks investigating ransomware threat related to SharePoint exploitation - 1 August 2025
Hackers leak purported Aeroflot data as Russia denies breach - 1 August 2025
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts - 1 August 2025
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown - 1 August 2025
Six months after discovering an attack, Northwest Radiologists notifies almost 350,000 Washington State residents - 1 August 2025
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them - 1 August 2025
In Singapore, 147,000 customer records exposed in Cycle & Carriage data breach - 1 August 2025
UK: Physiotherapist who accessed patient’s personal data to visit her home is struck off - 1 August 2025
Genoa Community Hospital discloses breach discovered in March - 1 August 2025
Dermatology Clinics Affected by Practice Management Company Data Breach - 1 August 2025
As ransomware gangs threaten physical harm, ‘I am afraid of what’s next,’ ex-negotiator says - 1 August 2025
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks - 1 August 2025
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant - 31 July 2025
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install - 31 July 2025
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps - 31 July 2025
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud - 31 July 2025
Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs - 31 July 2025
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals - 31 July 2025
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials - 31 July 2025
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto - 31 July 2025
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies - 31 July 2025
Sophos named a Leader in the 2025 Frost Radar™ for Managed Detection and Response - 31 July 2025
Sophos Endpoint: Consistently AAA rated – Q2 2025 SE Labs Endpoint Protection Report - 31 July 2025
Florida prison data breach exposes visitors’ contact information to inmates - 31 July 2025
Progressive Southeastern Insurance Company - 31 July 2025
WA: Cyber-attacks problem for small hospitals - 31 July 2025
State Legislation: Augmented data broker, data breach requirements advance in California - 31 July 2025
Marysville School District provides update on data breach - 31 July 2025
State Legislation : Rhode Island Enacts New Financial Institutions Cybersecurity Law With Immediate Effect - 31 July 2025
Dollar Tree denies ransomware claims, says stolen data is from defunct discount chain - 31 July 2025
Hackers Allegedly Breach Nokia’s Internal Network - 31 July 2025
Hacker Arrested for Data Theft Targeting Spanish Bank Customers - 31 July 2025
New adult safeguarding toolkit to help protect vulnerable adults’ data - 31 July 2025
Oops! Catasauqua employees’ Social Security numbers, other data accidentally sent to government watchdog group - 30 July 2025
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits - 30 July 2025
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome - 30 July 2025
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools - 30 July 2025
Product Walkthrough: A Look Inside Pillar’s AI Security Platform - 30 July 2025
Intelligence cyberattack on Crimea. Documents confirming abduction of children from Ukraine found - 30 July 2025
Seminole County Schools recovers money taken by hackers - 30 July 2025
Hackers wipe out Rs 384 crore from Bengaluru cryptocurrency firm Neblio Technologies; firm says inside job - 30 July 2025
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers - 30 July 2025
EU-wide Breach Notification Template on the Horizon - 30 July 2025
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero - 30 July 2025
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure - 30 July 2025
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware - 30 July 2025
Minnesota National Guard deployed; St. Paul declares state of emergency in response to cyberattack - 29 July 2025
GOLD BLADE Remote DLL Sideloading Attack Deploys RedLoader - 29 July 2025
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain - 29 July 2025
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44 - 29 July 2025
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims - 29 July 2025
Why React Didn’t Kill XSS: The New JavaScript Injection Playbook - 29 July 2025
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks - 29 July 2025
How the Browser Became the Main Cyber Battleground - 29 July 2025
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation - 29 July 2025
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads - 28 July 2025
Advancing cybersecurity for K-12 and libraries: Strategic considerations for the FCC Cybersecurity Pilot Program - 28 July 2025
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More - 28 July 2025
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach - 28 July 2025
Two Data Breaches in Three Years: McKenzie Health - 28 July 2025
AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher - 28 July 2025
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure - 28 July 2025
Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot - 28 July 2025
Sophos’ Secure by Design 2025 Progress - 28 July 2025
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure - 28 July 2025
Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide - 27 July 2025
Scattered Spider is running a VMware ESXi hacking spree - 27 July 2025
BreachForums — the one that went offline in April — reappears with a new founder/owner - 26 July 2025
Fans React After NASCAR Confirms Ransomware Breach - 26 July 2025
Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack - 26 July 2025
Infinite Services notifying employees and patients of limited ransomware attack - 26 July 2025
The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app - 26 July 2025
Au: Qantas hackers gave airline 72-hour deadline - 25 July 2025
Honeywell vulnerability exposes building systems to cyber attacks - 25 July 2025
Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files - 25 July 2025
U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm - 25 July 2025
Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor - 25 July 2025
Au: Junior doctor faces fresh toilet spying charges as probe widens to other major hospitals - 25 July 2025
Recent public service announcements of note — parents should take special note of these - 25 July 2025
Average Brit hit by five data breaches since 2004 - 25 July 2025
Overcoming Risks from Chinese GenAI Tool Usage - 25 July 2025
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks - 25 July 2025
BlackSuit ransomware site seized as part of Operation Checkmate - 24 July 2025
The day after XSS.is forum was seized, it struggles to come back online — but is it really them? - 24 July 2025
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments - 24 July 2025
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems - 24 July 2025
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing - 24 July 2025
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices - 24 July 2025
Sophos captures multiple honors at SE Labs Awards 2025 - 24 July 2025
Pentests once a year? Nope. It’s time to build an offensive SOC - 24 July 2025
China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community - 24 July 2025
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them - 24 July 2025
Korea imposes 343 million won penalty on HAESUNG DS for data breach of 70,000 shareholders - 24 July 2025
Russia suspected of hacking Dutch prosecution service systems - 24 July 2025
U.S. nuclear and health agencies hit in Microsoft SharePoint breach - 24 July 2025
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems - 24 July 2025
Europol Arrests XSS Forum Admin in Kyiv After 12-Year Run Operating Cybercrime Marketplace - 24 July 2025
Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access - 24 July 2025
Paying cyberattackers is wrong, right? Should Taos County’s incident be an exception? - 23 July 2025
HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan - 23 July 2025
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware - 23 July 2025
Beyond “Better Together”: Maximize your Microsoft 365 security with Sophos MDR - 23 July 2025
Key figure behind major Russian-speaking cybercrime forum targeted in Ukraine - 23 July 2025
IVF provider Genea notifies patients about the cyberattack earlier this year. - 23 July 2025
France Travail: At least 340,000 job seekers victims of new hack - 23 July 2025
Cyberattacks Paralyze Major Russian Restaurant Chains - 23 July 2025
Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack - 23 July 2025
Legal Silence and Chilling Effects: Injunctions Against the Press in Cybersecurity - 23 July 2025
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials - 23 July 2025
#StopRansomware: Interlock - 23 July 2025
Kerberoasting Detections: A New Approach to a Decade-Old Challenge - 23 July 2025
Five fundamentals for a cyber-resilient future - 23 July 2025
Suspected XSS Forum Admin Arrested in Ukraine - 23 July 2025
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages - 23 July 2025
Small world: The revitalization of small AI models for cybersecurity - 23 July 2025
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF - 23 July 2025
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks - 23 July 2025
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups - 22 July 2025
PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada - 22 July 2025
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate - 22 July 2025
Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access - 22 July 2025
Hungarian police arrest suspect in cyberattacks on independent media - 22 July 2025
British institutions to be banned from paying ransoms to Russian hackers - 22 July 2025
Two more entities have folded after ransomware attacks - 22 July 2025
How to Advance from SOC Manager to CISO? - 22 July 2025
Data breach feared after cyberattack on AMEOS hospitals in Germany - 22 July 2025
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access - 22 July 2025
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure - 21 July 2025
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents - 21 July 2025
SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild - 21 July 2025
Assessing the Role of AI in Zero Trust - 21 July 2025
⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More - 21 July 2025
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks - 21 July 2025
Inquiry launched after identities of SAS soldiers leaked in fresh data breach - 21 July 2025
Global hack on Microsoft product hits U.S., state agencies, researchers say - 21 July 2025
PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse - 21 July 2025
3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics - 20 July 2025
Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access - 20 July 2025
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks - 20 July 2025
EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware - 20 July 2025
Premier Health Partners issues a press release about a breach two years ago. Why was this needed now? - 20 July 2025
Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K - 20 July 2025
UK sanctions Russian cyber spies accused of facilitating murders - 20 July 2025
Bitcoin holds steady as hackers drain over $40 million from CoinCDX, India’s top exchange - 20 July 2025
Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack - 20 July 2025
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations - 20 July 2025
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers - 20 July 2025
Authorities released free decryptor for Phobos and 8base ransomware - 19 July 2025
Government will ‘robustly defend’ compensation claims from Afghans put at risk by data breach - 19 July 2025
Singapore Facing ‘Serious’ Cyberattack by Espionage Group With Alleged China Ties - 19 July 2025
Missouri Adopts New Data Breach Notice Law - 18 July 2025
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks - 18 July 2025
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns - 18 July 2025
China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones - 18 July 2025
Sophos announces UAE data center - 18 July 2025
Qantas obtains injunction to prevent hacked data’s release - 18 July 2025
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign - 18 July 2025
Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe - 18 July 2025
Ransomware attack disrupts Korea’s largest guarantee insurer - 18 July 2025
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware - 18 July 2025
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services - 18 July 2025
Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices - 18 July 2025
Global operation targets NoName057(16) pro-Russian cybercrime network in Operation Eastwood - 18 July 2025
More than 100 British government personnel exposed by Ministry of Defence data leak - 18 July 2025
New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers - 18 July 2025
North Country Healthcare responds to Stormous’s claims of a breach - 17 July 2025
Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more? - 17 July 2025
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters - 17 July 2025
Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods - 17 July 2025
DOGE Denizen Marko Elez Leaked API Key for xAI - 17 July 2025
Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies - 17 July 2025
RansomedVC is back — and is still attacking its competitors - 17 July 2025
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner - 17 July 2025
Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine - 17 July 2025
CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025 - 17 July 2025
Texas Enacts Electronic Health Record Data Localization Law - 17 July 2025
United Australia Party confirms ransomware attack, personal data and email correspondence exposed - 17 July 2025
Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors - 17 July 2025
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code - 17 July 2025
Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy - 16 July 2025
Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms - 16 July 2025
UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit - 16 July 2025
AI Agents Act Like Employees With Root Access—Here’s How to Regain Control - 16 July 2025
Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access - 16 July 2025
Police disrupt “Diskstation” ransomware gang attacking NAS devices - 16 July 2025
70% of healthcare cyberattacks result in delayed patient care, report finds - 16 July 2025
Meta fixes bug that could leak users’ AI prompts and generated content - 16 July 2025
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code - 16 July 2025
Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild - 16 July 2025
Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time - 16 July 2025
Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - 16 July 2025
Sweet 16: Sophos named a Leader (again) in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms - 15 July 2025
Mississippi Law Firm Sues Cyber Insurer Over Coverage for Scam - 15 July 2025
Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors - 15 July 2025
Ukrainian Hackers Wipe 47TB of Data from Top Russian Military Drone Supplier - 15 July 2025
Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools - 15 July 2025
Ministry of Defence data breach timeline - 15 July 2025
Computer Whiz Gets Suspended Sentence over 2019 Revenue Agency Data Breach - 15 July 2025
Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years - 15 July 2025
AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe - 15 July 2025
Securing Agentic AI: How to Protect the Invisible Identity Access - 15 July 2025
State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments - 15 July 2025
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign - 15 July 2025
New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries - 14 July 2025
The Unusual Suspect: Git Repos - 14 July 2025
Ransomware in Italy, strike at the Diskstation gang: hacker group leader arrested in Milan - 14 July 2025
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More - 14 July 2025
Gravity Forms Breach Hits 1M WordPress Sites - 14 July 2025
A year after cyber attack, Columbus could invest $23M in cybersecurity upgrades - 14 July 2025
SophosAI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job - 14 July 2025
CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center - 14 July 2025
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks - 14 July 2025
Stormous claims to have protected health info on 600,000 patients of North Country Healthcare. The data appear fake. - 13 July 2025
Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases - 13 July 2025
Multiple lawsuits filed against Doyon Ltd over April 2024 data breach and late notification - 13 July 2025
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs - 12 July 2025
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub - 12 July 2025
Chinese hackers suspected in breach of powerful DC law firm - 12 July 2025
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch - 12 July 2025
Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities - 12 July 2025
McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records - 11 July 2025
Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach. - 11 July 2025
Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed - 11 July 2025
Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident - 11 July 2025
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257) - 11 July 2025
German court offers EUR 5000 compensation for data breaches caused by Meta - 11 July 2025
Obligations under Canada’s data breach notification law - 11 July 2025
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution - 11 July 2025
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals - 11 July 2025
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild - 11 July 2025
Securing Data in the AI Era - 11 July 2025
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises - 11 July 2025
Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information - 10 July 2025
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads - 10 July 2025
Sophos Central firewall management update - 10 July 2025
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord - 10 July 2025
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs - 10 July 2025
What Security Leaders Need to Know About AI Governance for SaaS - 10 July 2025
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App - 10 July 2025
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods - 10 July 2025
UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks - 10 July 2025
July Patch Tuesday offers 127 fixes - 10 July 2025
At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy - 10 July 2025
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs - 10 July 2025
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets - 9 July 2025
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware - 9 July 2025
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme - 9 July 2025
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines - 9 July 2025
Avantic Medical Lab hacked; patient data leaked by Everest Group - 9 July 2025
Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks - 9 July 2025
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server - 9 July 2025
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware - 8 July 2025
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play - 8 July 2025
Integrated Oncology Network victim of phishing attack; multiple locations affected - 8 July 2025
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension - 8 July 2025
HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan - 8 July 2025
BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally - 8 July 2025
RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks - 8 July 2025
5 Ways Identity-based Attacks Are Breaching Retail - 8 July 2025
Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined - 8 July 2025
HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations - 8 July 2025
Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms - 8 July 2025
CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation - 8 July 2025
SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools - 7 July 2025
Strengthening cyber resilience: Introducing Internal Attack Surface Management (IASM) for Sophos Managed Risk - 7 July 2025
Manufacturing Security: Why Default Passwords Must Go - 7 July 2025
⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More - 7 July 2025
Five youths arrested on suspicion of phishing - 7 July 2025
TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors - 7 July 2025
Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure - 6 July 2025
Kentfield Hospital victim of cyberattack by World Leaks, patient data involved - 5 July 2025
Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims - 5 July 2025
Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present) - 5 July 2025
Brazil’s central bank service provider hacked, $140M stolen - 5 July 2025
India’s Max Financial says hacker accessed customer data from its insurance unit - 5 July 2025
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS - 5 July 2025
Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties - 5 July 2025
Nova Scotia Power Data Breach Exposed Information of 280,000 Customers - 4 July 2025
No need to hack when it’s leaking: Brandt Kettwick Defense edition - 4 July 2025
NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors - 4 July 2025
SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched - 4 July 2025
Louis Vuitton Korea suffers cyberattack as customer data leaked - 4 July 2025
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros - 4 July 2025
Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It - 4 July 2025
Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission - 4 July 2025
Threat Intelligence Executive Report – Volume 2025, Number 3 - 3 July 2025
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams - 3 July 2025
Hunters International to provide free decryptors for all victims as they shut down - 3 July 2025
Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones - 3 July 2025
Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks - 3 July 2025
Cyberattacks Disrupt Iran’s Bread Distribution, Payments Remain Frozen - 3 July 2025
Hacker with ‘political agenda’ stole data from Columbia, university says - 3 July 2025
SEC and SolarWinds Seek Settlement in Securities Fraud Case - 3 July 2025
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets - 3 July 2025
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms - 3 July 2025
The Hidden Weaknesses in AI SOC Tools that No One Talks About - 3 July 2025
Sophos Firewall Recognized as the #1 Overall Firewall Solution by G2 Users - 3 July 2025
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials - 3 July 2025
DOJ investigates ex-ransomware negotiator over extortion kickbacks - 2 July 2025
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign - 2 July 2025
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns - 2 July 2025
That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat - 2 July 2025
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns - 2 July 2025
Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers - 2 July 2025
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks - 2 July 2025
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware - 2 July 2025
Senator Chides FBI for Weak Advice on Mobile Security - 2 July 2025
One in Five Law Firms Hit by Cyberattacks Over Past 12 Months - 2 July 2025
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware - 2 July 2025
Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale - 2 July 2025
Qantas customers involved in mammoth data breach - 1 July 2025
Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits - 1 July 2025
Esse Health provides update about April cyberattack and notifies 263,601 people - 1 July 2025
CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach. - 1 July 2025
TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns - 1 July 2025
New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status - 1 July 2025
International Criminal Court hit with cyber attack during NATO summit - 1 July 2025
Terrible tales of opsec oversights: How cybercrooks get themselves caught - 1 July 2025
A New Maturity Model for Browser Security: Closing the Last-Mile Risk - 1 July 2025
Pembroke Regional Hospital reported canceling appointments due to service delays from “an incident” - 1 July 2025
Iran-linked hackers threaten to release emails allegedly stolen from Trump associates - 1 July 2025
Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation - 1 July 2025
U.S. Arrests Key Facilitator in North Korean IT Worker Scheme, Seizes $7.74 Million - 1 July 2025
Microsoft Removes Password Management from Authenticator App Starting August 2025 - 1 July 2025
U.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, OT Networks, and Critical Infrastructure - 30 June 2025
National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud - 30 June 2025
Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects - 30 June 2025
Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks - 30 June 2025
Using AI to identify cybercrime masterminds - 30 June 2025
⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more - 30 June 2025
Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories - 30 June 2025
Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized - 30 June 2025
Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data - 30 June 2025
Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t - 30 June 2025
Ontario health agency atHome ordered to inform 200,000 patients of March data breach - 30 June 2025
50 Customers of French Bank Hit by Insider SIM Swap Scam - 30 June 2025
Bolton Walk-In Clinic patient data leak locked down (finally!) - 30 June 2025
Horizon Healthcare RCM discloses ransomware attack in December - 29 June 2025
Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield - 29 June 2025
Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report - 28 June 2025
FBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering - 28 June 2025
Battlefords Union Hospitals notifies patients of employee snooping in their records - 28 June 2025
Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024 - 28 June 2025
Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns - 28 June 2025
GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool - 28 June 2025
Alert: Scattered Spider has added North American airline and transportation organizations to their target list - 27 June 2025
Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected - 27 June 2025
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign - 27 June 2025
Privacy commissioner reviewing reported Ontario Health atHome data breach - 27 June 2025
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack - 27 June 2025
CMS warns Medicare providers of fraud scheme - 27 June 2025
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit - 27 June 2025
Business Case for Agentic AI SOC Analysts - 27 June 2025
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted - 27 June 2025
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors - 27 June 2025
Taking the shine off BreachForums - 26 June 2025
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks - 26 June 2025
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks - 26 June 2025
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access - 26 June 2025
The Hidden Risks of SaaS: Why Built-In Protections Aren’t Enough for Modern Data Resilience - 26 June 2025
Potential Cyberattack Scrambles Columbia University Computer Systems - 26 June 2025
222,000 customer records allegedly from Manhattan Parking Group leaked - 26 June 2025
Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders - 26 June 2025
Ex-student charged with wave of cyber attacks on Sydney uni - 26 June 2025
Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks - 26 June 2025
Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa - 26 June 2025
CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet - 26 June 2025
WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews - 26 June 2025
Breaches have consequences (sometimes) - 25 June 2025
Kansas City Man Pleads Guilty for Hacking a Non-Profit - 25 June 2025
British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France - 25 June 2025
Patient death at London hospital linked to cyber attack on NHS - 25 June 2025
Hackers breach Norwegian dam, open valve at full capacity - 25 June 2025
Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach - 25 June 2025
France issues press statement about arrest of ShinyHunters members - 25 June 2025
nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery - 25 June 2025
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC - 25 June 2025
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure - 25 June 2025
Beware the Hidden Risk in Your Entra Environment - 25 June 2025
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games - 25 June 2025
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks - 25 June 2025
Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs - 25 June 2025
ShinyHunters and team members arrested in France - 25 June 2025
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages - 25 June 2025
Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options - 25 June 2025
Dublin ETB fined €125,000 for data protection breaches - 24 June 2025
From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math - 24 June 2025
Liberty Township in Ohio has recovered its network after a ransomware attack - 24 June 2025
New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public - 24 June 2025
Marquette County Medical Care Facility discloses data breach - 24 June 2025
The State of Ransomware 2025 - 24 June 2025
Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers - 24 June 2025
Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue - 24 June 2025
Between Buzz and Reality: The CTEM Conversation We All Need - 24 June 2025
Industry Letter – June 23, 2025: Impact to Financial Sector of Ongoing Global Conflicts - 24 June 2025
Four REvil ransomware members released after time served on carding charges - 24 June 2025
MNGI Digestive Health settles class action lawsuit stemming from BlackCat attack - 24 June 2025
Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network - 24 June 2025
APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine - 24 June 2025
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues - 24 June 2025
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom - 23 June 2025
Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content - 23 June 2025
DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes - 23 June 2025
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks - 23 June 2025
How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout - 23 June 2025
A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks - 23 June 2025
Why Dumping Sensitive Data on Network Shares is a Liability - 23 June 2025
Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks - 23 June 2025
Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit - 23 June 2025
Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games - 23 June 2025
⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More - 23 June 2025
Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens - 23 June 2025
People’s Republic of China cyber threat activity: Cyber Threat Bulletin - 23 June 2025
Steelmaker Nucor Says Hackers Stole Data in Recent Attack - 23 June 2025
UK: Oxford City Council still investigating cyberattack from earlier this month - 23 June 2025
McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 - 22 June 2025
A state forensics lab was leaking its files. Getting it locked down involved a number of people. - 22 June 2025
CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup - 21 June 2025
Montana Attorney General launches investigation into Lee Enterprises data breach - 21 June 2025
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages - 21 June 2025
Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms - 20 June 2025
AT&T gets preliminary approval for $177 million data breach settlement - 20 June 2025
Aflac notifies SEC of breach suspected to be work of Scattered Spider - 20 June 2025
Former JBLM soldier pleads guilty to attempting to share military secrets with China - 20 June 2025
Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay - 20 June 2025
Russia Expert Falls Prey to Elite Hackers Disguised as US Officials - 20 June 2025
Proposed class action settlement in In re Netgain Technology litigation - 20 June 2025
Tonga’s health system hit by cyberattack - 20 June 2025
No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news - 20 June 2025
Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist - 20 June 2025
Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider - 20 June 2025
6 Steps to 24/7 In-House SOC Success - 20 June 2025
67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers - 20 June 2025
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft - 19 June 2025
Ireland’s Data Protection Commission publishes 2024 Annual Report - 19 June 2025
Secure Vibe Coding: The Complete New Guide - 19 June 2025
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware - 19 June 2025
The headlines suggested Freedman Healthcare suffered a ransomware attack that affected patient data. The reality was quite different. - 19 June 2025
Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session - 19 June 2025
Ryuk ransomware’s initial access expert extradited to the U.S. from Ukraine - 19 June 2025
Runsafe report: Medical device cyberattacks threaten patient care, strain budgets, top concern for healthcare sector - 19 June 2025
Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign - 19 June 2025
Meta Adds Passkey Login Support to Facebook for Android and iOS Users - 19 June 2025
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions - 18 June 2025
Alleged Geisinger hacker will defend himself pro se. - 18 June 2025
Largest Ever Seizure of Funds Related to Crypto Confidence Scams - 18 June 2025
Hospital cyberattack investigation complete, no formal review needed - 18 June 2025
Tallahassee Memorial Healthcare reveals it was also impacted by Cerner/Legacy Oracle cyberattack - 18 June 2025
New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains - 18 June 2025
1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub - 18 June 2025
IMPACT: 170 patients harmed as a result of Qilin’s ransomware attack on NHS vendor Synnovis - 18 June 2025
Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign - 18 June 2025
FedRAMP at Startup Speed: Lessons Learned - 18 June 2025
DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities - 18 June 2025
Cybersecurity takes a big hit in new Trump executive order - 18 June 2025
Scania confirms insurance claim data breach in extortion attempt - 18 June 2025
UBS reports data leak after cyber attack on provider, client data unaffected - 18 June 2025
Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents - 18 June 2025
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability - 18 June 2025
Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict - 18 June 2025
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication - 18 June 2025
Episource notifying 5.4 million patients of cyberattack in January - 17 June 2025
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor - 17 June 2025
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents - 17 June 2025
Investigation of 2024 Helsinki data breach – Report - 17 June 2025
Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware - 17 June 2025
Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms - 17 June 2025
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments - 17 June 2025
Backups Are Under Attack: How to Protect Your Backups - 17 June 2025
Are Forgotten AD Service Accounts Leaving You at Risk? - 17 June 2025
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks - 17 June 2025
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert - 17 June 2025
The Growing Cyber Risks from AI — and How Organizations Can Fight Back - 17 June 2025
Moreno Valley, Calif., Schools Report Data Breach - 17 June 2025
US offering $10 million for info on Iranian hackers behind IOControl malware - 17 June 2025
Sompo Japan Insurance submits improvement plan after info leakage - 17 June 2025
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper - 17 June 2025
HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit - 17 June 2025
Major trial underway for data leak that left 72,000 victims in France - 17 June 2025
Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement - 17 June 2025
Credit Control Corporation data allegedly from 9.1 million consumers listed for sale on forum - 16 June 2025
U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network - 16 June 2025
FTC Provides Guidance on Updated Safeguards Rule - 16 June 2025
Copilot AI Bug Could Leak Sensitive Data via Email Prompts - 16 June 2025
Sentara Health terminates remote employees after realizing they couldn’t be sure who was doing the work. - 16 June 2025
Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment - 16 June 2025
Hackers Break Into Car Sharing App, 8.4 Million Users Affected - 16 June 2025
Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine - 16 June 2025
⚡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More - 16 June 2025
WMATA Train Operators Arrested in Health Care Fraud Scheme - 16 June 2025
Cyberattack pushes German napkin company into insolvency - 16 June 2025
Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data - 16 June 2025
Washington Post investigating cyberattack on journalists, WSJ reports - 15 June 2025
Resource: State Data Breach Notification Laws – June 2025 - 15 June 2025
WestJet investigates cyberattack disrupting internal systems - 14 June 2025
Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?” - 14 June 2025
India: Servers of two city hospitals hacked; police register FIR - 14 June 2025
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets - 13 June 2025
Ph: Coop Hospital confirms probe into reported cyberattack - 13 June 2025
Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month - 13 June 2025
CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk - 13 June 2025
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion - 13 June 2025
June Patch Tuesday digs into 67 bugs - 13 June 2025
Slapped wrists for Financial Conduct Authority staff who emailed work data home - 13 June 2025
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware - 13 June 2025
A guilty plea in the PowerSchool case still leaves unanswered questions - 12 June 2025
School Districts Unaware BoardDocs Software Published Their Private Files - 12 June 2025
WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network - 12 June 2025
Brussels Parliament hit by cyber-attack - 12 June 2025
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes - 12 June 2025
AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar - 12 June 2025
Non-Human Identities: How to Address the Expanding Security Risk - 12 June 2025
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction - 12 June 2025
Former CIA Analyst Sentenced to Over Three Years in Prison for Unlawfully Transmitting Top Secret National Defense Information - 12 June 2025
FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters - 12 June 2025
Sweden under cyberattack: Prime minister sounds the alarm - 12 June 2025
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks - 12 June 2025
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool - 12 June 2025
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks - 11 June 2025
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager - 11 June 2025
Dutch police identify users on Cracked.io - 11 June 2025
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure - 11 June 2025
Why DNS Security Is Your First Defense Against Cyber Attacks? - 11 June 2025
SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords - 11 June 2025
How to Build a Lean Security Model: 5 Lessons from River Island - 11 June 2025
RCMP thumb drive with informant, witness data obtained by criminals: watchdog - 11 June 2025
Help, please: Seeking copies of the PowerSchool ransom email(s) - 11 June 2025
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild - 11 June 2025
Evoke Wellness to Pay $1.9 Million to Settle FTC Claims That They Misled Consumers Seeking Substance Use Disorder Treatment - 10 June 2025
Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud - 10 June 2025
Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps - 10 June 2025
FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware - 10 June 2025
Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users - 10 June 2025
Sophos Emergency Incident Response is now available - 10 June 2025
The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier - 10 June 2025
Former Hilliard treatment center employee accused of selling patient data on dark web - 10 June 2025
Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account - 10 June 2025
Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises - 10 June 2025
CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog - 10 June 2025
Trump Rewrites Cybersecurity Policy in Executive Order - 9 June 2025
Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group - 9 June 2025
Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks - 9 June 2025
Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise - 9 June 2025
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks - 9 June 2025
AMI Group – Travel & Tours notice of ransomware attack - 9 June 2025
Za: Cyber extortionist sentenced to eight years in jail - 9 June 2025
Resource: Insider Threat reports - 9 June 2025
OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups - 9 June 2025
ICE takes steps to deport the Australian hacker known as “DR32” - 8 June 2025
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally - 8 June 2025
Hearing on the Federal Government and AI - 8 June 2025
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025 - 8 June 2025
Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme - 7 June 2025
Data breach of patient info ends in firing of Miami hospital employee - 7 June 2025
Texas DOT investigates breach of crash report records, sends notification letters - 7 June 2025
PowerSchool hacker pleads guilty, released on personal recognizance bond - 6 June 2025
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users - 6 June 2025
Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam - 6 June 2025
Empower Users and Protect Against GenAI Data Loss - 6 June 2025
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV - 6 June 2025
Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments - 6 June 2025
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack - 6 June 2025
New evidence links long-running hacking group to Indian government - 5 June 2025
Zaporizhzhia Cyber Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency - 5 June 2025
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials - 5 June 2025
Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands - 5 June 2025
Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware - 5 June 2025
Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation - 5 June 2025
Germany fines Vodafone $51 million for privacy, security breaches - 5 June 2025
Google: Hackers target Salesforce accounts in data extortion attacks - 5 June 2025
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown - 5 June 2025
CISA Alert: Updated Guidance on Play Ransomware - 5 June 2025
Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes - 5 June 2025
100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC - 5 June 2025
US govt login portal could be one cyberattack away from collapse, say auditors - 5 June 2025
The US Grid Attack Looming on the Horizon - 5 June 2025
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI - 5 June 2025
Almost one year later, U.S. Dermatology Partners is still not being very transparent about their 2024 breach - 4 June 2025
Oklahoma Expands its Security Breach Notification Law - 4 June 2025
Ransomware group Gunra claims to have exfiltrated 450 million patient records from American Hospital Dubai. - 4 June 2025
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App - 4 June 2025
North Shore University Sleep Disorders Center employee charged with secretly recording patients in restrooms - 4 June 2025
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads - 4 June 2025
Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era - 4 June 2025
When ransomware listings create confusion as to who the victim was - 4 June 2025
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks - 4 June 2025
Taiwan’s BitoPro hit by NT$345 million cryptocurrency hack - 4 June 2025
Rajkot civic body’s GIS website hit by cyber attack, over 400 GB data feared stolen - 4 June 2025
The strange tale of ischhfd83: When cybercriminals eat their own - 4 June 2025
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass - 4 June 2025
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack - 3 June 2025
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code - 3 June 2025
Texas gastroenterology and surgical practice victim of ransomware attack - 3 June 2025
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization - 3 June 2025
Romanian Citizen Pleads Guilty to ‘Swatting’ Numerous Members of Congress, Churches, and Former U.S. President - 3 June 2025
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets - 3 June 2025
Vanta bug exposed customers’ data to other customers - 3 June 2025
Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques - 3 June 2025
Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says - 3 June 2025
North Dakota Enacts Financial Data Security and Data Breach Notification Requirements - 3 June 2025
Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion - 3 June 2025
Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues - 3 June 2025
New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch - 2 June 2025
Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open - 2 June 2025
Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed - 2 June 2025
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN - 2 June 2025
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub - 2 June 2025
Sophos Named a 2025 Gartner® Peer Insights™ Customers’ Choice for both Endpoint Protection Platforms and Extended Detection and Response - 2 June 2025
Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU - 2 June 2025
Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics - 2 June 2025
⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More - 2 June 2025
An industry first: Sophos Firewall and NDR Essentials - 2 June 2025
Sophos Firewall v21.5 is now available - 2 June 2025
Akira doesn’t keep its promises to victims — SuspectFile - 2 June 2025
The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats - 2 June 2025
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions - 2 June 2025
Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack - 1 June 2025
Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed - 1 June 2025
Lower Merion School District says a data breach was caused by a computer glitch - 1 June 2025
Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies - 1 June 2025
After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers - 1 June 2025
Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million - 31 May 2025
Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025 - 31 May 2025
Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump - 31 May 2025
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora - 31 May 2025
U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation - 31 May 2025
Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges - 30 May 2025
New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data - 30 May 2025
U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government - 30 May 2025
St. Cloud Provides Update on Ransomware Attack in 2024 - 30 May 2025
Victoria’s Secret takes down website after security incident - 30 May 2025
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams - 30 May 2025
Australian ransomware victims now must tell the government if they pay up - 30 May 2025
Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week. - 30 May 2025
From the “Department of No” to a “Culture of Yes”: A Healthcare CISO’s Journey to Enabling Modern Care - 30 May 2025
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil - 30 May 2025
Websites selling hacking tools to cybercriminals seized - 30 May 2025
U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud - 30 May 2025
ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach - 30 May 2025
Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas - 29 May 2025
ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored - 29 May 2025
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools - 29 May 2025
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers - 29 May 2025
Russian-linked hackers target UK Defense Ministry while posing as journalists - 29 May 2025
Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected - 29 May 2025
UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw - 29 May 2025
Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations - 29 May 2025
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan - 29 May 2025
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints - 29 May 2025
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations - 29 May 2025
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin - 29 May 2025
Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack - 28 May 2025
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore - 28 May 2025
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File - 28 May 2025
From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign - 28 May 2025
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto - 28 May 2025
Banks Want SEC to Rescind Cyberattack Disclosure Requirements - 28 May 2025
Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware - 28 May 2025
MSCS board renews contract with PowerSchool while suing them - 28 May 2025
MathWorks, Creator of MATLAB, Confirms Ransomware Attack - 28 May 2025
Russian hospital programmer gets 14 years for leaking soldier data to Ukraine - 28 May 2025
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch - 28 May 2025
How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds - 28 May 2025
Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats - 28 May 2025
Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets - 27 May 2025
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency - 27 May 2025
Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware - 27 May 2025
AI Agents and the Non‑Human Identity Crisis: How to Deploy AI More Securely at Scale - 27 May 2025
Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages - 27 May 2025
Developments surrounding data breach at Dutch police - 27 May 2025
Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers - 27 May 2025
DragonForce actors target SimpleHelp vulnerabilities to attack MSP, customers - 27 May 2025
Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth’s Stealth Phishing Campaign - 27 May 2025
Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents - 27 May 2025
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto - 26 May 2025
CISO’s Guide To Web Privacy Validation And Why It’s Important - 26 May 2025
Now it’s Tiffany: Another LVMH luxury brand hit by hackers - 26 May 2025
Estonia launches international search for Moroccan citizen wanted over data theft - 26 May 2025
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs - 26 May 2025
Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards - 25 May 2025
Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware - 25 May 2025
Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated - 24 May 2025
PA: York County alerts residents of potential data breach - 24 May 2025
Private Industry Notification: Silent Ransom Group Targeting Law Firms - 24 May 2025
B.C. health authority faces class-action lawsuit over 2009 data breach - 24 May 2025
FTC Finalizes Order with GoDaddy over Data Security Failures - 23 May 2025
Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique - 23 May 2025
Hacker steals $223 million in Cetus Protocol cryptocurrency heist - 23 May 2025
ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices - 23 May 2025
300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide - 23 May 2025
Operation ENDGAME strikes again: the ransomware kill chain broken at its source - 23 May 2025
Mysterious hacking group Careto was run by the Spanish government, sources say - 23 May 2025
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials - 23 May 2025
SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection - 23 May 2025
U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation - 23 May 2025
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs - 23 May 2025
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts - 23 May 2025
16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide - 22 May 2025
Russian national and leader of Qakbot malware conspiracy indicted in long-running global ransomware scheme - 22 May 2025
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks - 22 May 2025
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise - 22 May 2025
Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host - 22 May 2025
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks - 22 May 2025
Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program - 22 May 2025
VanHelsing ransomware builder leaked on hacking forum - 22 May 2025
Texas Doctor Who Falsely Diagnosed Patients as Part of Insurance Fraud Scheme Sentenced to 10 Years’ Imprisonment - 22 May 2025
Identity Security Has an Automation Problem—And It’s Bigger Than You Think - 22 May 2025
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential abuse survivors’ addresses - 22 May 2025
Hack of Opexus Was at Root of Massive Federal Data Breach - 22 May 2025
FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections - 22 May 2025
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics - 21 May 2025
Sophos Firewall v21.5: Streamlined management - 21 May 2025
Disrupting Lumma Stealer: Microsoft leads global action against favored cybercrime tool - 21 May 2025
Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms - 21 May 2025
Researchers Scrape 2 Billion Discord Messages and Publish Them Online - 21 May 2025
Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach - 21 May 2025
Hacker who breached communications app used by Trump aide stole data from across US government - 21 May 2025
Securing CI/CD workflows with Wazuh - 21 May 2025
Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims - 21 May 2025
PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms - 21 May 2025
DragonForce targets rivals in a play for dominance - 21 May 2025
How to Detect Phishing Attacks Faster: Tycoon2FA Example - 21 May 2025
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps - 21 May 2025
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager - 21 May 2025
Massachusetts hacker to plead guilty to PowerSchool data breach - 20 May 2025
Cyberattack brings down Kettering Health phone lines, MyChart patient portal access (1) - 20 May 2025
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery - 20 May 2025
A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist - 20 May 2025
Gujarat ATS arrests 18-year-old for cyberattacks during Operation Sindoor - 20 May 2025
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads - 20 May 2025
Hackers Nab 15 Years of UK Legal Aid Applicant Data - 20 May 2025
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation - 20 May 2025
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware - 20 May 2025
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report - 20 May 2025
UK: Post Office to compensate hundreds of data leak victims - 20 May 2025
Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with ransom demand - 20 May 2025
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization - 20 May 2025
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse - 20 May 2025
Sophos Partners with Capsule on New Cyber Insurance Program - 20 May 2025
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts - 20 May 2025
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes - 19 May 2025
Cocospy stalkerware apps go offline after data breach - 19 May 2025
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer - 19 May 2025
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access - 19 May 2025
⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More - 19 May 2025
Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards - 19 May 2025
Why CTEM is the Winning Bet for CISOs in 2025 - 19 May 2025
Former Sussex Police officer facing trial for rape charged with 18 further offences relating to computer misuse - 18 May 2025
Ex-NSA bad-guy hunter listened to Scattered Spider’s fake help-desk calls: ‘Those guys are good’ - 18 May 2025
Beach mansion, Benz and Bitcoin worth $4.5m seized from League of Legends hacker Shane Stephen Duffy - 18 May 2025
Fresno County fell victim to $1.6M phishing scam in 2020. One suspected has been arrested, another has been indicted. - 18 May 2025
Ransomware Attack on ADP Partner Exposes Broadcom Employee Data - 17 May 2025
Anne Arundel ransomware attack compromised confidential health data, county says - 17 May 2025
Australian national known as “DR32” sentenced in U.S. federal court - 17 May 2025
Alabama Man Sentenced to 14 Months in Connection with Securities and Exchange Commission X Hack that Spiked Bitcoin Prices - 16 May 2025
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations - 16 May 2025
New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors - 16 May 2025
Top 10 Best Practices for Effective Data Protection - 16 May 2025
Breachforums Boss “Pompompurin” to Pay $700k in Healthcare Breach - 16 May 2025
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks - 16 May 2025
Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks - 16 May 2025
[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications - 16 May 2025
Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins - 15 May 2025
HHS Office for Civil Rights Settles HIPAA Cybersecurity Investigation with Vision Upright MRI - 15 May 2025
RIBridges firewall worked. But forensic report says hundreds of alarms went unnoticed by Deloitte. - 15 May 2025
Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit - 15 May 2025
Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 2) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 1) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 3) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 5) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 4) - 15 May 2025
Sophos MDR: New analyst response actions for Microsoft 365 - 15 May 2025
Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom - 15 May 2025
Chinese Hackers Hit Drone Sector in Supply Chain Attacks - 15 May 2025
Pen Testing for Compliance Only? It’s Time to Change Your Approach - 15 May 2025
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper - 15 May 2025
5 BCDR Essentials for Effective Ransomware Defense - 15 May 2025
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers - 15 May 2025
Official Indiana .gov email addresses are phishing residents - 15 May 2025
Cybersecurity incident at Central Point School District 6 - 15 May 2025
$28 million in Texas’ cybersecurity funding for schools left unspent - 15 May 2025
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy - 15 May 2025
Turkish Group Hacks Zero-Day Flaw to Spy on Kurdish Forces - 14 May 2025
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan - 14 May 2025
Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit - 14 May 2025
Sophos Firewall v21.5: DNS protection - 14 May 2025
Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering - 14 May 2025
Cyberattacks on Long Island Schools Highlight Growing Threat - 14 May 2025
Microsoft primes 71 fixes for May Patch Tuesday - 14 May 2025
Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States - 14 May 2025
Dior faces scrutiny, fine in Korea for insufficient data breach reporting; data of wealthy clients in China, South Korea stolen - 14 May 2025
CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users - 14 May 2025
Personal information exposed by Australian Human Rights Commission data breach - 14 May 2025
Twilio denies breach following leak of alleged Steam 2FA codes - 14 May 2025
Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team - 14 May 2025
Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails - 14 May 2025
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns - 14 May 2025
Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server - 14 May 2025
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks - 14 May 2025
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems - 14 May 2025
Nineteen Sophos Women Recognized by CRN’s Women of the Channel - 13 May 2025
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide - 13 May 2025
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads - 13 May 2025
International cybercrime tackled: Amsterdam police and FBI dismantle proxy service Anyproxy - 13 May 2025
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress - 13 May 2025
Deepfake Defense in the Age of AI - 13 May 2025
N.W.T.’s medical record system under the microscope after 2 reported cases of snooping - 13 May 2025
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency - 13 May 2025
Introducing the Sophos MSP Elevate program - 13 May 2025
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency - 13 May 2025
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers - 13 May 2025
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files - 12 May 2025
⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams - 12 May 2025
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That - 12 May 2025
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures - 12 May 2025
Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors - 11 May 2025
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data - 10 May 2025
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection - 10 May 2025
OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities - 9 May 2025
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation - 9 May 2025
Masimo Manufacturing Facilities Hit by Cyberattack - 9 May 2025
Star Health hacker claims sending bullets, threats to top executives: Reports - 9 May 2025
Education giant Pearson hit by cyberattack exposing customer data - 9 May 2025
Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business - 9 May 2025
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials - 9 May 2025
Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials - 9 May 2025
Beyond Vulnerability Management – Can You CVE What I CVE? - 9 May 2025
Lumma Stealer, coming and going - 9 May 2025
Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android - 9 May 2025
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell - 9 May 2025
Putting the dampener on tamperers - 8 May 2025
38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases - 8 May 2025
NICKEL TAPESTRY expands fraudulent worker operations - 8 May 2025
SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root - 8 May 2025
Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware - 8 May 2025
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware - 8 May 2025
Security Tools Alone Don’t Protect You — Control Effectiveness Does - 8 May 2025
Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported - 8 May 2025
UK: Legal Aid Agency hit by cyber security incident - 8 May 2025
60K BTC Wallets Tied to LockBit Ransomware Gang Leaked - 8 May 2025
Georgia hospital defeats data-tracking lawsuit - 8 May 2025
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware - 8 May 2025
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT - 8 May 2025
Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki - 7 May 2025
PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway - 7 May 2025
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - 7 May 2025
Cyberattack puts healthcare on hold for hundreds in St. Louis metro - 7 May 2025
Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY) - 7 May 2025
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws - 7 May 2025
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks - 7 May 2025
Europol: DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains - 7 May 2025
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection - 7 May 2025
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version - 7 May 2025
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization - 7 May 2025
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times - 7 May 2025
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware - 7 May 2025
GlobalX, Airline for Trump’s Deportations, Hacked - 6 May 2025
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet - 6 May 2025
New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims - 6 May 2025
Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches - 6 May 2025
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks - 6 May 2025
IT warning after 160-year-old firm goes into administration following a ransomware attack - 6 May 2025
Entra ID Data Protection: Essential or Overkill? - 6 May 2025
California man pleads guilty to wire fraud for $1 million fraud scheme to steal from his employer - 6 May 2025
Alleged Nomad Bridge Hacker Arrested and Faces US Extradition - 6 May 2025
Google Fixes Actively Exploited Android System Flaw in May 2025 Security Update - 6 May 2025
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence - 6 May 2025
Negotiations with the Akira ransomware group: an ill-advised approach - 5 May 2025
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed - 5 May 2025
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi - 5 May 2025
Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace - 5 May 2025
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors - 5 May 2025
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data - 5 May 2025
Data Breach at Fowler Elementary School District: The Interlock Ransomware Group’s Attack - 4 May 2025
Disney Hacker Who Accessed 1.1 Terabytes of Data Pleads Guilty - 4 May 2025
Patients left in the dark months almost a year after criminals leaked sensitive medical data from Synnovis - 4 May 2025
Co-op hackers boast of ‘stealing 20 million customers’ data’ – as retailer admits impacts of ‘significant’ attack - 3 May 2025
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack - 3 May 2025
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware - 3 May 2025
Acadian Ambulance Seeks Dismissal of Data Breach Lawsuit - 3 May 2025
Hacker hired Telangana man to courier threats to Star Health Insurance MD - 3 May 2025
Saskatoon children’s hospital nurse unlawfully snooped on records of 314 patients: privacy report - 3 May 2025
Dating app Raw exposed users’ location data and personal information - 3 May 2025
Qilin announces attack on Cobb County, Georgia - 3 May 2025
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems - 3 May 2025
US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks - 2 May 2025
“SCAM” is a four-letter word: BreachForums edition - 2 May 2025
Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge - 2 May 2025
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China - 2 May 2025
How to Automate CVE and Vulnerability Advisory Response with Tines - 2 May 2025
OK: Cyberattack shuts down Bartlesville School network, state testing postponed - 2 May 2025
Gov’t orders SKT to notify individual users whose data may have been breached - 2 May 2025
MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks - 2 May 2025
Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support - 2 May 2025
New York’s Latest Cyber Rules Pressure Small Companies, Vendors - 1 May 2025
Raytheon Companies and Nightwing Group to Pay $8.4M to Resolve False Claims Act Allegations Relating to Non-Compliance with Cybersecurity Requirements in Federal Contracts - 1 May 2025
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers - 1 May 2025
Sophos Firewall v21.5: Entra ID SSO for Sophos Connect - 1 May 2025
Why top SOC teams are shifting to Network Detection and Response - 1 May 2025
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign - 1 May 2025
Data breach at collections vendor could affect some Bristol, Tennessee accounts - 1 May 2025
Za: Cell C confirms data breach, warns users to remain vigilant - 1 May 2025
Texas Health and Human Services Commission Notifies Additional Individuals Regarding Insider Wrongdoing Breach - 1 May 2025
Cybersecurity experts investigating “suspicious activity” in Iowa County network - 1 May 2025
Barnstable County Sheriff’s Office Employee On Leave, Suspected In Data Breach - 1 May 2025
45 CHS hospitals were affected by the Oracle Health outage - 1 May 2025
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics - 1 May 2025
New Research Reveals: 95% of AppSec Fixes Don’t Reduce Risk - 1 May 2025
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach - 1 May 2025
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models - 1 May 2025
Investigators don’t know who leaked a Wisconsin Supreme Court draft order on abortion case - 30 April 2025
Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense - 30 April 2025
Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks - 30 April 2025
Google warns of data security risks if Chrome is sold off - 30 April 2025
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool - 30 April 2025
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats - 30 April 2025
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About - 30 April 2025
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control - 30 April 2025
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code - 30 April 2025
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations - 30 April 2025
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems - 29 April 2025
WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy - 29 April 2025
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients - 29 April 2025
Product Walkthrough: Securing Microsoft Copilot with Reco - 29 April 2025
Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products - 29 April 2025
Pro-Russian hackers strike Dutch municipalities with coordinated DDoS attack - 29 April 2025
EFF Leads Prominent Security Experts in Urging Trump Administration to Leave Chris Krebs Alone - 29 April 2025
Marks & Spencer breach linked to Scattered Spider ransomware attack - 29 April 2025
Finding Minhook in a sideloading attack – and Sweden too - 29 April 2025
Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool - 29 April 2025
CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database - 29 April 2025
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More - 28 April 2025
How Breaches Start: Breaking Down 5 Real Vulns - 28 April 2025
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools - 28 April 2025
WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors - 28 April 2025
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised - 28 April 2025
Russian-linked hackers appear to have launched a crippling cyberattack on Western New Mexico University - 27 April 2025
SK Telecom vows to take full responsibility for damage from recent data leak - 27 April 2025
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers - 27 April 2025
North Dakota Expands Data Security Requirements and Issues New Licensing Requirements for Brokers - 26 April 2025
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion - 26 April 2025
Oregon court dismisses lawsuit over 2023 MOVEit data breach affecting 3.5 million Oregonians - 26 April 2025
High Court rules landlord entitled to additional £6m indemnity from insurance broker after data breach - 26 April 2025
Oregon DEQ won’t say if ransomware group took employee data in cyberattack - 26 April 2025
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC - 25 April 2025
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector - 25 April 2025
Scattered Spider Hacking Suspect Extradited to US From Spain - 25 April 2025
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures - 25 April 2025
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions! - 25 April 2025
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures - 25 April 2025
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers - 25 April 2025
Why NHIs Are Security’s Most Dangerous Blind Spot - 25 April 2025
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - 25 April 2025
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers - 25 April 2025
Former Disney employeedwho hacked Disney World restaurant menus in revenge sentenced to 3 years in federal prison - 24 April 2025
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware - 24 April 2025
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure - 24 April 2025
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools - 24 April 2025
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals - 24 April 2025
No need to hack when it’s leaking: Atrium Health edition - 24 April 2025
High court upholds damages in ICBC privacy breach that resulted in shootings, arson - 24 April 2025
HHS Office for Civil Rights Settles Phishing Attack Breach with Health Care Network for $600,000 - 24 April 2025
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests - 24 April 2025
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely - 24 April 2025
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign - 24 April 2025
Blue Shield of California shared the health data of 4.7 million people with Google for years - 24 April 2025
County auditor ordered to pay $80k after cyberattack - 24 April 2025
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads - 23 April 2025
Former U.S. Army Intelligence Analyst Sentenced for Selling Sensitive Military Information to Individual Tied to Chinese Government - 23 April 2025
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack - 23 April 2025
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - 23 April 2025
DOGE Ransomware Hackers Demand $1 Trillion - 23 April 2025
Au: Hacking suspect nabbed over court file data breach - 23 April 2025
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices - 23 April 2025
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp - 23 April 2025
Three Reasons Why the Browser is Best for Stopping Phishing Attacks - 23 April 2025
Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack - 23 April 2025
Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito - 23 April 2025
Cyberattack targets thousands of students, staff members at Baltimore City Public Schools - 22 April 2025
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals - 22 April 2025
Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals - 22 April 2025
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages - 22 April 2025
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials - 22 April 2025
5 Major Concerns With Employees Using The Browser - 22 April 2025
Ex-employee, firm head booked for data theft - 22 April 2025
Hospital Español Auxilio Mutuo de Puerto Rico notifies patients of September 2023 cyberattack - 22 April 2025
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach - 22 April 2025
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware - 22 April 2025
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan - 21 April 2025
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks - 21 April 2025
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More - 21 April 2025
5 Reasons Device Management Isn’t Device Trust - 21 April 2025
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery - 21 April 2025
Chinese Ghost Hackers Hit Hospitals And Factories In America And U.K. - 20 April 2025
Behavioral Health Resources of Washington state updates its data breach disclosure - 20 April 2025
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures - 20 April 2025
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems - 19 April 2025
Baltimore City State’s Attorney’s Office hacked; Data leaked - 19 April 2025
Breaches Within Breaches: Contractual Obligations After a Security Incident - 19 April 2025
Don’t be so quick to claim there’s no reason to believe there’s compromise of patient info: Saturday edition - 19 April 2025
NDPC, Health Ministry Partner to Boost Data Protection in Healthcare - 19 April 2025
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware - 19 April 2025
Radiology practice reportedly working with FBI after ‘data security incident’ - 18 April 2025
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States - 18 April 2025
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader - 18 April 2025
[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach - 18 April 2025
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT - 18 April 2025
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download - 18 April 2025
Moving CVEs past one-nation control - 17 April 2025
HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation with Guam Memorial Hospital Authority - 17 April 2025
Edmond cybersecurity CEO accused of planting malware on hospital computers - 17 April 2025
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates - 17 April 2025
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns - 17 April 2025
Artificial Intelligence – What’s all the fuss? - 17 April 2025
British law firm fined after ransomware group publishes confidential client data - 17 April 2025
Former CISA director Chris Krebs vows to fight back against Trump-ordered federal investigation - 17 April 2025
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords - 17 April 2025
Hacking group Anonymous targets Russia, releases Trump files - 17 April 2025
A whistleblower’s disclosure details how DOGE may have taken sensitive labor data - 17 April 2025
CISA warns of increased breach risks following Oracle Cloud leak - 17 April 2025
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers - 17 April 2025
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution - 17 April 2025
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices - 17 April 2025
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks - 16 April 2025
Nude photos and names: KU Health and Kansas hospital sued for data breach - 16 April 2025
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler - 16 April 2025
Maryland Man Pleads Guilty to Conspiracy to Commit Wire Fraud - 16 April 2025
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024 - 16 April 2025
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins - 16 April 2025
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains - 16 April 2025
Sophos India Volunteers Bring Color to Local Schools - 16 April 2025
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks - 16 April 2025
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense - 16 April 2025
South Africa Introduces Mandatory e-Portal Reporting for Data Breaches - 16 April 2025
Sophos Annual Threat Report appendix: Most frequently encountered malware and abused software - 16 April 2025
The Sophos Annual Threat Report: Cybercrime on Main Street 2025 - 16 April 2025
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users - 16 April 2025
U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert - 16 April 2025
BakerHostetler’s 2025 Data Security Incident Response Report Finds Less Malware Used in 2024 - 15 April 2025
Sophos Firewall v21.5: NDR Essentials - 15 April 2025
4chan hacked, internal data leaked on rival image board - 15 April 2025
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence - 15 April 2025
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders - 15 April 2025
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool - 15 April 2025
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds - 15 April 2025
Kyiv Region Police Expose Hackers Who Infected Notaries’ Computers with Viruses and Changed Data in State Registries - 15 April 2025
The Most Dangerous Hackers You’ve Never Heard Of - 15 April 2025
China accuses US of launching ‘advanced’ cyberattacks, names alleged NSA agents - 15 April 2025
The art of restraint: why not every system should be owned - 15 April 2025
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges - 15 April 2025
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability - 15 April 2025
Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval - 15 April 2025
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading - 14 April 2025
Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft - 14 April 2025
Dialysis firm DaVita hit by ransomware attack - 14 April 2025
⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More - 14 April 2025
Smiley calls for data sharing once Providence gets its schools back from state - 14 April 2025
IAF jet on Myanmar relief operation faced cyber attack in air - 14 April 2025
Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind - 14 April 2025
Psychiatric documents with sensitive patient info found ‘loosely blown about’ near Regina medical clinic - 14 April 2025
Another entity reports the Nationwide Recovery Service data breach of 2024 - 14 April 2025
Queensland has a new breach notification law going into effect July 1, 2025 - 14 April 2025
Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT - 14 April 2025
SK.com allegedly hacked by Qilin - 12 April 2025
UnitedHealth is demanding some struggling doctors immediately repay loans issued after last year’s cyberattack - 12 April 2025
Justice Department Implements Critical National Security Program to Protect Americans’ Sensitive Data from Foreign Adversaries - 11 April 2025
Patient data leaked from cyberattack on Brunswick Medical Center - 11 April 2025
Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit - 11 April 2025
Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors - 11 April 2025
Initial Access Brokers Shift Tactics, Selling More for Less - 11 April 2025
In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks - 11 April 2025
Preservation notice sent to Radford University in widening data leak case - 11 April 2025
No need to hack when it’s leaking: SavantCare edition - 11 April 2025
Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways - 11 April 2025
SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps - 11 April 2025
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation - 11 April 2025
Physicians’ billing and revenue management firm hit by LockBit - 10 April 2025
HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty - 10 April 2025
Major data breach affects multiple Dutch ministries, impact still unclear - 10 April 2025
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes - 10 April 2025
Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses - 10 April 2025
Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns - 10 April 2025
Pulse Urgent Care Center appears to be the victim of a ransomware attack - 10 April 2025
Germany suspects Russian cyber attack on research group - 10 April 2025
Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in Ukraine - 10 April 2025
PlayPraetor Reloaded: CTM360 Uncovers a Play Masquerading Party - 10 April 2025
The Identities Behind AI Agents: A Deep Dive Into AI & NHI - 10 April 2025
Europol Arrests Five SmokeLoader Clients Linked by Seized Database Evidence - 10 April 2025
AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections - 10 April 2025
Industrial-strength April Patch Tuesday covers 135 CVEs - 9 April 2025
Oracle’s statement to customers is still raising questions about its disclosure and transparency - 9 April 2025
Lovable AI Found Most Vulnerable to VibeScamming — Enabling Anyone to Build Live Scam Pages - 9 April 2025
Fall River schools chief: No insurance for cyberattack; says computer system remains down - 9 April 2025
MrBeast sues former employee for stealing confidential files and installing hidden cameras in company offices - 9 April 2025
CISA, experts warn of Crush file transfer attacks after a controversial disclosure - 9 April 2025
2024 Year in Review: Data Breach Litigation - 9 April 2025
New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner - 9 April 2025
Explosive Growth of Non-Human Identities Creating Massive Security Blind Spots - 9 April 2025
CISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE Attacks - 9 April 2025
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware - 9 April 2025
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability - 9 April 2025
Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered - 8 April 2025
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw - 8 April 2025
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings - 8 April 2025
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal - 8 April 2025
Sophos Firewall v21.5 early access is now available - 8 April 2025
E-ZPass toll payment texts return in massive phishing wave - 8 April 2025
UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine - 8 April 2025
Agentic AI in the SOC – Dawn of Autonomous Alert Triage - 8 April 2025
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation - 8 April 2025
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities - 8 April 2025
When the victimizers become the victims…. RansomHub the victim of a takeover? - 7 April 2025
Kaiser fires security exec amid disputed allegations involving a police database breach - 7 April 2025
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks - 7 April 2025
⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More - 7 April 2025
Security Theater: Vanity Metrics Keep You Busy – and Exposed - 7 April 2025
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks - 7 April 2025
Florida man known as “King Bob” pleads guilty to charges related to cryptocurrency theft - 6 April 2025
Unmasking EncryptHub: Help from ChatGPT & OPSEC blunders - 5 April 2025
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws - 5 April 2025
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages - 5 April 2025
Chinese hacker “Crazyhunter” behind ransomware attack on MacKay Hospital, others: CIB - 5 April 2025
Lawsuit: Pharmacist used spyware on UMMS computers to watch women, gain personal information - 5 April 2025
Could Trump Budget Cuts Lead to More Cyberattacks Against Schools? - 5 April 2025
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data - 5 April 2025
Hackers strike Australia’s largest pension funds in coordinated attacks - 4 April 2025
16 months after they experienced a ransomware attack, Dameron Hospital notifies those affected - 4 April 2025
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack - 4 April 2025
Have We Reached a Distroless Tipping Point? - 4 April 2025
OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers - 4 April 2025
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware - 4 April 2025
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code - 4 April 2025
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware - 4 April 2025
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware - 3 April 2025
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware - 3 April 2025
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar - 3 April 2025
Sensitive data was leaked in 2024 Highline Public Schools ransomware attack - 3 April 2025
Hacking Verizon Call Records: A Security Breach with National Security Implications - 3 April 2025
AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock - 3 April 2025
Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent - 3 April 2025
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices - 3 April 2025
Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation - 3 April 2025
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign - 3 April 2025
Lawmakers warn of impact HHS firings will have on medical device cybersecurity efforts - 2 April 2025
Cyberattack Forces Tribal Casino to Shut Down Slots - 2 April 2025
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse - 2 April 2025
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers - 2 April 2025
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers - 2 April 2025
China Regulator Proposes Amendments to Cybersecurity Law - 2 April 2025
UK data centres, hospitals, and energy companies targeted by new cybersecurity laws - 2 April 2025
How SSL Misconfigurations Impact Your Attack Surface - 2 April 2025
It takes two: The 2025 Sophos Active Adversary Report - 2 April 2025
FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites - 2 April 2025
New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth - 2 April 2025
Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign - 1 April 2025
Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform - 1 April 2025
Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing - 1 April 2025
Vitenas Cosmetic Surgery patient data hacked and leaked - 1 April 2025
New Case Study: Global Retailer Overshares CSRF Tokens with Facebook - 1 April 2025
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions - 1 April 2025
Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign - 1 April 2025
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices - 1 April 2025
Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream - 1 April 2025
Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices - 1 April 2025
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp - 31 March 2025
HK: Data breach of 128,000 ‘due to system fix and neglect’ - 31 March 2025
Former GCHQ intern admits top secret data breach risking national security - 31 March 2025
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service - 31 March 2025
National Defense Corporation victim of ransomware attack; discloses breach and declines to pay any ransom. - 31 March 2025
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images - 31 March 2025
⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More - 31 March 2025
5 Impactful AWS Vulnerabilities You’re Responsible For - 31 March 2025
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine - 31 March 2025
Shoot the Messenger, Sunday Edition: Reporting on a leak is not unethical, Hamilton County - 30 March 2025
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion - 30 March 2025
T-Mobile prepares $350 million payments for data breach settlement - 30 March 2025
Canada’s Privacy Commissioner launches breach risk self-assessment tool for organizations - 30 March 2025
United States Unseals Charges Against Aubrey Cottle for Theft of Texas Republican Party Data - 30 March 2025
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features - 30 March 2025
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials - 29 March 2025
BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability - 28 March 2025
How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack - 28 March 2025
Oracle Health breach compromises patient data at US hospitals - 28 March 2025
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA - 28 March 2025
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection - 28 March 2025
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity - 28 March 2025
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it - 28 March 2025
Change Healthcare Seeks Dismissal of Data Breach Lawsuits Brought by Consumers and Medical Providers - 28 March 2025
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps - 28 March 2025
Stealing user credentials with evilginx - 28 March 2025
Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability - 28 March 2025
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts - 28 March 2025
Furry hackers who leaked Project 2025 firm’s data fear leader raided by feds - 27 March 2025
Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US - 27 March 2025
Sophos ranked #1 overall for Firewall, MDR, and EDR in the G2 Spring 2025 Reports - 27 March 2025
Four months after learning of a vendor’s breach, Concord Orthopaedics notifies almost 68,000 patients - 27 March 2025
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records - 27 March 2025
Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure - 27 March 2025
Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks - 27 March 2025
APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware - 27 March 2025
New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It - 27 March 2025
Trump’s Top Aides Suffer Another Series of Embarrassing Data Blunders - 27 March 2025
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior - 27 March 2025
Shifting the sands of RansomHub’s EDRKillShifter - 27 March 2025
Oracle customers confirm data stolen in alleged cloud breach is valid - 27 March 2025
PJobRAT makes a comeback, takes another crack at chat apps - 27 March 2025
Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! - 27 March 2025
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms - 27 March 2025
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems - 27 March 2025
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices - 27 March 2025
Private Data and Passwords of Senior U.S. Security Officials Found Online - 26 March 2025
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations - 26 March 2025
Memo: Hamilton County data breach has gone unreported - 26 March 2025
Defense Contractor MORSECORP Inc. Agrees to Pay $4.6 Million to Settle Cybersecurity Fraud Allegations - 26 March 2025
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment - 26 March 2025
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware - 26 March 2025
Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience - 26 March 2025
Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks - 26 March 2025
How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More - 26 March 2025
American Oversight v. Hegseth, Gabbard, Ratcliffe, Bessent, Rubio, and NARA Regarding Military Actions Planned on Signal Messaging App - 26 March 2025
Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms - 26 March 2025
New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround - 26 March 2025
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks - 26 March 2025
A Sneaky Phish Just Grabbed my Mailchimp Mailing List - 25 March 2025
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker - 25 March 2025
Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years - 25 March 2025
AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface - 25 March 2025
Malaysia’s Anwar says ‘no way’ to US$10 million ransom demand to end airport cyberattack - 25 March 2025
Delete your DNA from 23andMe right now - 25 March 2025
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps - 25 March 2025
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust - 25 March 2025
The Trump Administration Accidentally Texted Me Its War Plans - 24 March 2025
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication - 24 March 2025
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks - 24 March 2025
VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics - 24 March 2025
Ukrainian Railways hit by ‘large-scale, targeted cyberattack’ - 24 March 2025
How to Balance Password Security Against User Experience - 24 March 2025
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More - 24 March 2025
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware - 24 March 2025
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks - 24 March 2025
Trump Administration Begins Shifting Cyberattack Response to States - 23 March 2025
Over 3 million applicants’ data leaked on NYU’s website - 23 March 2025
Attorney General James Secures $975,000 from Auto Insurance Company over Data Breach - 23 March 2025
Union County’s computer network breached, personal information accessed - 23 March 2025
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets - 23 March 2025
Indiana health systems unite to help smaller providers tackle cybersecurity - 22 March 2025
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe - 22 March 2025
HHS’ Office for Civil Rights Settles HIPAA Security Rule Investigation with Health Fitness Corporation; $227k monetary penalty plus corrective action plan - 21 March 2025
No need to hack when it’s leaking: OrthoMinds edition - 21 March 2025
Mission, Texas expects ransomware impact to last months - 21 March 2025
Watsonville Community Hospital still hasn’t notified all those affected by a November data breach; employees are reporting tax refund fraud - 21 March 2025
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools - 21 March 2025
Hacktivists claim cyber-sabotage of 116 Iranian ships - 21 March 2025
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates - 21 March 2025
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers - 21 March 2025
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families - 21 March 2025
10 Critical Network Pentest Findings IT Teams Overlook - 21 March 2025
Ninth Circuit Reverses Probation Sentence for Paige Thompson - 21 March 2025
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility - 21 March 2025
Former University of Michigan Football Quarterbacks Coach and Co-Offensive Coordinator Indicted on Charges of Unauthorized Access to Computers and Aggravated Identity Theft - 20 March 2025
Security Researcher Comments on HIPAA Security Rule - 20 March 2025
Department of Defense civilian employee pleads guilty to taking classified documents - 20 March 2025
The future of MFA is clear – but is it here yet? - 20 March 2025
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users - 20 March 2025
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems - 20 March 2025
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users - 20 March 2025
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model - 20 March 2025
Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data - 20 March 2025
DOGE to Fired CISA Staff: Email Us Your Personal Data - 20 March 2025
Casual White House Starlink Use Is A Cybersecurity Nightmare, A Transparency Problem, And A Weird Marketing Stunt - 20 March 2025
Names, bank info, and more spills from top sperm bank - 20 March 2025
Hong Kong passes its first cybersecurity bill covering critical infrastructure - 20 March 2025
CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation - 20 March 2025
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers - 20 March 2025
CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages - 20 March 2025
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners - 19 March 2025
Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia - 19 March 2025
ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers - 19 March 2025
Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen - 19 March 2025
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security - 19 March 2025
The sixth sense for cyber defense: Multimodal AI - 19 March 2025
Extortion Reboot: Ransomware Crew Threatens Leak to Snowden - 19 March 2025
Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems - 19 March 2025
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise - 19 March 2025
The Escalating Challenge of Insider Threats - 18 March 2025
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors - 18 March 2025
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’ - 18 March 2025
Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security - 18 March 2025
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking - 18 March 2025
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 - 18 March 2025
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads - 18 March 2025
Alleged Data Breach at Korea Aerospace Research Institute Sparks Major Investigation - 18 March 2025
BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse - 18 March 2025
How to Improve Okta Security in Four Steps - 18 March 2025
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation - 18 March 2025
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets - 18 March 2025
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure - 17 March 2025
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions - 17 March 2025
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year - 17 March 2025
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks - 17 March 2025
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More - 17 March 2025
DOGE Staffer Broke Treasury Rules Transmitting Personal Data - 17 March 2025
Microsoft wouldn’t look at a bug report without a video. Researcher maliciously complied - 17 March 2025
Almost one month after Brain Cipher claimed to have attacked them, Pulmonary Physicians of South Florida has yet to publicly confirm or deny any breach - 17 March 2025
What is WikiLeaksV2 doing with a ransomware gang? Spoiler alert: It’s not extortion. - 17 March 2025
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories - 17 March 2025
Courts Are Still Willing To Dismiss Data Breach Lawsuits for Lack of Standing - 16 March 2025
Appellate court upholds sentence for former Uber cyber executive Joe Sullivan - 16 March 2025
FCC proposes new cybersecurity mandates for submarine cable operators in major rule review, seeks public input - 16 March 2025
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal - 15 March 2025
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges - 14 March 2025
GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging - 14 March 2025
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right - 14 March 2025
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom - 14 March 2025
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions - 14 March 2025
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection - 14 March 2025
Dual Russian And Israeli National Extradited To The United States For His Role In The LockBit Ransomware Conspiracy - 13 March 2025
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly. - 13 March 2025
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails - 13 March 2025
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps - 13 March 2025
FMS: YAP Health Services disrupted by ransomware attack - 13 March 2025
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks - 13 March 2025
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025 - 13 March 2025
South Korea: Modetour Network fined 740 million won for hacking incident; Meta loses appeal of 6.7 billion won fine - 13 March 2025
#StopRansomware: Medusa Ransomware - 13 March 2025
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback - 13 March 2025
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk - 13 March 2025
Takeaways from our investigation on AI-powered school surveillance - 12 March 2025
Pinehurst Radiology Associates remains closed more than 1 month after cyberattack - 12 March 2025
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits - 12 March 2025
Swiss critical sector faces new 24-hour cyberattack reporting rule - 12 March 2025
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack - 12 March 2025
Pentesters: Is AI Coming for Your Role? - 12 March 2025
Little fires everywhere for March Patch Tuesday - 12 March 2025
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days - 12 March 2025
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks - 12 March 2025
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks - 11 March 2025
Sophos Recognized as Top Employer in British Columbia, Canada - 11 March 2025
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices - 11 March 2025
Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real Threats - 11 March 2025
Computers containing thousands of patients’ records stolen from Belfast hospital - 11 March 2025
Steganography Explained: How XWorm Hides Inside Images - 11 March 2025
Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida - 11 March 2025
Center for Digestive Health notifies patients of April 2024 cyberattack - 11 March 2025
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches - 11 March 2025
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa - 11 March 2025
CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List - 10 March 2025
Attorney General James Sues National General and Allstate Insurance for Failing to Protect New Yorkers’ Personal Information - 10 March 2025
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials - 10 March 2025
Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links - 10 March 2025
Why The Modern Google Workspace Needs Unified Security - 10 March 2025
Fostering Gender Equality: Sophos Celebrates International Women’s Day with Global Initiatives - 10 March 2025
⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact - 10 March 2025
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools - 10 March 2025
Endless Mountains Health Systems affected by cyberattack; patients alerted to situation - 9 March 2025
Akira ransomware gang used an unsecured webcam to bypass EDR - 9 March 2025
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024 - 8 March 2025
Extensive US public school employee data compromise reported from Carruth Compliance Consulting breach - 8 March 2025
White House cyber director’s office set for more power under Trump, experts say - 8 March 2025
Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data - 7 March 2025
Hackers expose information for 700,000 current and former Chicago students, district says - 7 March 2025
Taipei’s Mackay Memorial Hospital patient information allegedly sold online - 7 March 2025
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations - 7 March 2025
Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide - 7 March 2025
Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive - 7 March 2025
What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey - 7 March 2025
U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website - 7 March 2025
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions - 7 March 2025
Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist - 7 March 2025
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors - 6 March 2025
Expanded management regions for Sophos DNS Protection - 6 March 2025
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom - 6 March 2025
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing - 6 March 2025
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution - 6 March 2025
Outsmarting Cyber Threats with Attack Graphs - 6 March 2025
NHS investigates API flaw that exposed patient data - 6 March 2025
A Brief Reminder About the Florida Information Protection Act - 6 March 2025
Justice Department Charges 12 Chinese Contract Hackers and Law Enforcement Officers in Global Computer Intrusion Campaigns - 6 March 2025
Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters - 6 March 2025
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access - 6 March 2025
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations - 6 March 2025
Whitman Hospital & Medical Clinics In Colfax Suffers Cyber Attack - 5 March 2025
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access - 5 March 2025
Supreme Court declines to weigh in on FQHC’s patient data security liability - 5 March 2025
Rite Aid Agrees to $6.8M Settlement Over Data Breach Lawsuit - 5 March 2025
HCRG Care’s lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn’t comply. - 5 March 2025
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America - 5 March 2025
Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud - 5 March 2025
Defending against USB drive attacks with Wazuh - 5 March 2025
Identity: The New Cybersecurity Battleground - 5 March 2025
Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants - 5 March 2025
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems - 5 March 2025
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates - 4 March 2025
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches - 4 March 2025
Japanese cancer hospital confirms breach; Qilin gang claims responsibility - 4 March 2025
How New AI Agents Will Transform Credential Stuffing Attacks - 4 March 2025
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers - 4 March 2025
Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector - 4 March 2025
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm - 4 March 2025
Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities - 3 March 2025
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail - 3 March 2025
FTC, MGM close to solving dispute over costly 2023 cyberattack - 3 March 2025
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices - 3 March 2025
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks - 3 March 2025
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites - 3 March 2025
⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists - 3 March 2025
FBCS updates the number affected in its 2024 breach to 4,253,394 - 3 March 2025
Info accessed in Rainbow board data breach ‘deleted and has not been shared’ - 3 March 2025
The New Ransomware Groups Shaking Up 2025 - 3 March 2025
Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries - 3 March 2025
Black Basta exposed: A look at a cybercrime data leak and a key member, “Tramp” - 2 March 2025
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language - 1 March 2025
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone - 28 February 2025
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable - 28 February 2025
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs - 28 February 2025
Data Breach Class Action Dismissed After ‘Alter Ego’ Doctrine Fails - 28 February 2025
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme - 28 February 2025
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus - 28 February 2025
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training - 28 February 2025
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations - 27 February 2025
Quantifying ROI: Understanding the impact of cybersecurity products and services on cyber insurance claims - 27 February 2025
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades - 27 February 2025
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals - 27 February 2025
Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware - 27 February 2025
Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested - 27 February 2025
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices - 27 February 2025
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers - 27 February 2025
Imprisoned IRS Contractor Leaked Information of Over 400,000 Taxpayers - 26 February 2025
Medical Billing Vendor Sued Over Health Data Leak ‘Gold Mine’ - 26 February 2025
Business Associate breaches account for the largest percentage of breached patient records - 26 February 2025
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites - 26 February 2025
New license expiration alerts help you avoid protection gaps - 26 February 2025
Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - 26 February 2025
Bluesight’s 2025 Breach Barometer Report Reveals Surge in Healthcare Data Breaches - 26 February 2025
Leaked Black Basta Chat Logs Reveal $107M Ransom Earnings and Internal Power Struggles - 26 February 2025
Belgian prosecutor probes alleged Chinese hacking of intelligence service - 26 February 2025
Ransomware attack on Southern Water cost £4.5 million - 26 February 2025
Malicious PyPI Package “automslc” Enables 104K+ Unauthorized Deezer Music Downloads - 26 February 2025
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries - 26 February 2025
Three Password Cracking Techniques and How to Defend Against Them - 26 February 2025
New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems - 26 February 2025
SOC 3.0 – The Evolution of the SOC and How AI is Empowering Human Talent - 26 February 2025
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation - 25 February 2025
Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware - 25 February 2025
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile - 25 February 2025
DISA Global Solutions reports more than 3.3 million people affected by 2024 data breach, but questions remain - 25 February 2025
RansomHub sends a letter to the editor. Really. - 25 February 2025
2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT - 25 February 2025
GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets - 25 February 2025
5 Active Malware Campaigns in Q1 2025 - 25 February 2025
FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services - 25 February 2025
Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA - 24 February 2025
New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer - 24 February 2025
UK: More details emerge about ransomware attack on HCRG by Medusa - 24 February 2025
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense - 24 February 2025
Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats - 24 February 2025
⚡ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma - 24 February 2025
No need to hack when it’s leaking, Monday edition: TeammateApp - 24 February 2025
Australia Bans Kaspersky Software Over National Security and Espionage Concerns - 24 February 2025
Beverly Hills Plastic Surgeon Jaime Schwartz M.D. Sued for Not Timely Notifying Patients of Two Hacks - 22 February 2025
Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack - 22 February 2025
OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns - 21 February 2025
Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations - 21 February 2025
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands - 21 February 2025
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3 - 21 February 2025
Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025 - 21 February 2025
BlackBasta Ransomware Chatlogs Leaked Online - 21 February 2025
Niva Bupa investigates alleged data leak after cyber threat - 21 February 2025
AI-Powered Deception is a Menace to Our Societies - 21 February 2025
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks - 21 February 2025
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks - 21 February 2025
HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation - 20 February 2025
No need to hack when it’s leaking, Thursday edition: DM Clinical Research - 20 February 2025
CPPA Brings Enforcement Action Against National Public Data - 20 February 2025
Hackers Claim Data Breach at Bulgaria’s Supreme Administrative Court - 20 February 2025
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware - 20 February 2025
Medusa ransomware gang demands $2M from UK private health services provider - 20 February 2025
FBI and CISA Warn of Ghost Ransomware - 20 February 2025
Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors - 20 February 2025
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger - 20 February 2025
Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware - 20 February 2025
Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives - 20 February 2025
PCI DSS 4.0 Mandates DMARC By 31st March 2025 - 20 February 2025
Major IVF provider Genea suffers ‘cyber incident’ - 20 February 2025
How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024 - 20 February 2025
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape - 20 February 2025
Microsoft’s End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now - 20 February 2025
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability - 19 February 2025
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability - 19 February 2025
Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes - 19 February 2025
Sophos Firewall v21 MR1 is now available - 19 February 2025
Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted - 19 February 2025
Hundreds of Dutch medical records bought for pocket change at flea market - 19 February 2025
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection - 19 February 2025
The Ultimate MSP Guide to Structuring and Selling vCISO Services - 19 February 2025
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victims - 19 February 2025
$10 Infostealers Are Breaching Critical US Security: Military and Even the FBI Hit - 19 February 2025
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack - 19 February 2025
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List - 18 February 2025
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations - 18 February 2025
Deal leaks: data protection during M&A - 18 February 2025
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now - 18 February 2025
As US newspaper outages drag on, Lee Enterprises blames cyberattack for encrypting critical systems - 18 February 2025
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks - 18 February 2025
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates - 18 February 2025
The Myth of Jurisdictional Privacy - 18 February 2025
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication - 18 February 2025
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign - 18 February 2025
Debunking the AI Hype: Inside Real Hacker Tactics - 18 February 2025
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials - 18 February 2025
Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers - 18 February 2025
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics - 17 February 2025
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations - 17 February 2025
Ransomware attack affects Michigan casinos and tribal health centers - 17 February 2025
CISO’s Expert Guide To CTEM And Why It Matters - 17 February 2025
⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More - 17 February 2025
New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations - 17 February 2025
California Teenager Sentenced to 48 Months in Prison for Nationwide Swatting Spree - 15 February 2025
Elon Musk’s DOGE Posts Classified Data On Its New Website - 15 February 2025
Humboldt Independent Practice Association’s breach notification leaves questions unanswered - 15 February 2025
School board approves letter to AG for PowerSchool data breach - 15 February 2025
The Art of the Deal? Bitcoin fraudster tied to 2016 hacking of Democrats is Russian released in exchange for U.S teacher - 15 February 2025
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 15 February 2025
Kuwait busts large-scale cyber attacks - 15 February 2025
Memorial Hospital and Manor notifies 120,085 people of November ransomware attack - 15 February 2025
Virginia AG’s office says it was struck by ‘sophisticated cyberattack’ - 15 February 2025
Bill raising the bar for class-action suits in data breach incidents advances - 15 February 2025
Android’s New Feature Blocks Fraudsters from Sideloading Apps During Calls - 15 February 2025
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution - 14 February 2025
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks - 14 February 2025
Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts - 14 February 2025
RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally - 14 February 2025
AI-Powered Social Engineering: Ancillary Tools and Techniques - 14 February 2025
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks - 13 February 2025
Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners - 13 February 2025
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks - 13 February 2025
Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams - 13 February 2025
Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack - 13 February 2025
AI and Security – A New Puzzle to Figure Out - 13 February 2025
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software - 13 February 2025
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux - 13 February 2025
Microsoft Uncovers Sandworm Subgroup’s Global Cyber Attacks Spanning 15+ Countries - 12 February 2025
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability - 12 February 2025
Turbocharge your network with our new 10-gigabit switch - 12 February 2025
How to Steer AI Adoption: A CISO Guide - 12 February 2025
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack - 12 February 2025
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation - 12 February 2025
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now - 12 February 2025
February Patch Tuesday delivers 57 packages - 11 February 2025
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification - 11 February 2025
Sophos AI Assistant: Accelerating security operations with GenAI - 11 February 2025
Phobos Ransomware Affiliates Arrested in Coordinated International Disruption - 11 February 2025
4 Ways to Keep MFA From Becoming too Much of a Good Thing - 11 February 2025
Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions - 11 February 2025
Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks - 11 February 2025
Summerside hospital worker fired for improperly accessing patient files, says Health P.E.I. - 11 February 2025
Uganda court charges senior finance officials with corruption over central bank hacking - 11 February 2025
Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks - 11 February 2025
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment - 11 February 2025
8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation - 11 February 2025
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update - 10 February 2025
Police arrests 4 Phobos ransomware suspects, seizes 8Base sites - 10 February 2025
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores - 10 February 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February] - 10 February 2025
Don’t Overlook These 6 Critical Okta Security Configurations - 10 February 2025
DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects - 10 February 2025
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities - 10 February 2025
XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells - 10 February 2025
Teen on Musk’s DOGE Team Graduated from ‘The Com’ - 9 February 2025
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection - 8 February 2025
Indiana Man Sentenced to 20 Years in Federal Prison for Conspiracies Involving Cyber Intrusion and a Massive $37 Million Cryptocurrency Theft - 7 February 2025
DeepSeek App Transmits Sensitive User and Device Data Without Encryption - 7 February 2025
Attorney General James Releases Statement on DOGE Access to Sensitive Personal Information - 7 February 2025
Treasury agrees to block additional DOGE staff from accessing sensitive payment systems - 7 February 2025
CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE - 7 February 2025
Ransomware Payments Dropped to $813 Million in 2024 - 7 February 2025
Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection - 7 February 2025
AI-Powered Social Engineering: Reinvented Threats - 7 February 2025
India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud - 7 February 2025
Trimble Cityworks Customers Warned of Zero-Day Exploitation - 7 February 2025
Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware - 7 February 2025
Maybe we should all file breach reports against Musk like Kevin did. - 6 February 2025
House Lawmakers Push to Ban AI App DeepSeek From US Government Devices - 6 February 2025
1,000 Apps Used in Malicious Campaign Targeting Android Users in India - 6 February 2025
Hackers target Taliban databases - 6 February 2025
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking - 6 February 2025
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023 - 6 February 2025
Hacker Who Targeted NATO, US Army Arrested in Spain - 6 February 2025
Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security - 6 February 2025
Hacker Conversations: David Kennedy – an Atypical Typical Hacker - 6 February 2025
Cyber Insights 2025: OT Security - 6 February 2025
Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US - 6 February 2025
How Agentic AI will be Weaponized for Social Engineering Attacks - 6 February 2025
Semgrep Raises $100M for AI-Powered Code Security Platform - 6 February 2025
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams - 6 February 2025
7AI Launches With $36 Million in Seed Funding for Agentic Security Platform - 6 February 2025
Cisco Patches Critical Vulnerabilities in Enterprise Security Product - 6 February 2025
Five Eyes Agencies Release Guidance on Securing Edge Devices - 6 February 2025
Security Teams Pay the Price: The Unfair Reality of Cyber Incidents - 6 February 2025
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials - 6 February 2025
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025 - 6 February 2025
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images - 6 February 2025
Top 3 Ransomware Threats Active in 2025 - 6 February 2025
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc - 6 February 2025
Scalable Vector Graphics files pose a novel phishing threat - 5 February 2025
Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested - 5 February 2025
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign - 5 February 2025
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks - 5 February 2025
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts - 5 February 2025
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack - 5 February 2025
Navigating the Future: Key IT Vulnerability Management Trends - 5 February 2025
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks - 5 February 2025
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 - 5 February 2025
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access - 4 February 2025
A 25-Year-Old With Elon Musk Ties Has Direct Access to the Federal Payment System - 4 February 2025
Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden - 4 February 2025
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS - 4 February 2025
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections - 4 February 2025
Cyberattack on NHS causes hospitals to miss cancer care targets - 4 February 2025
Watch Out For These 8 Cloud Security Shifts in 2025 - 4 February 2025
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks - 4 February 2025
AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access - 4 February 2025
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 - 4 February 2025
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score - 4 February 2025
Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform - 3 February 2025
Romanian Men Indicted For Access Device Fraud - 3 February 2025
Canadian Man Charged in $65M Cryptocurrency Hacking Schemes - 3 February 2025
DISA Incident: Update on Review of ‘Potentially Affected Files’ and Notification Plan - 3 February 2025
Sophos Acquires Secureworks - 3 February 2025
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023 - 3 February 2025
Delta County Memorial Hospital District reveals more about 2024 cyberattack that affected 148,363 people - 3 February 2025
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages - 3 February 2025
What Is Attack Surface Management? - 3 February 2025
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions - 3 February 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February] - 3 February 2025
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware - 3 February 2025
Cover-up Follow-up: Westend Dental starts notifying patients of October 2020 ransomware attack - 2 February 2025
Operation Heart Blocker: Disruption action deals blow to criminal cyber network HeartSender - 1 February 2025
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network - 1 February 2025
BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key - 1 February 2025
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists - 1 February 2025
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts - 31 January 2025
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors - 31 January 2025
Backdoor found in two healthcare patient monitors, linked to IP in China - 31 January 2025
Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft - 31 January 2025
Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information - 31 January 2025
Google Bans 158,000 Malicious Android App Developer Accounts in 2024 - 31 January 2025
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns - 31 January 2025
Top 5 AI-Powered Social Engineering Attacks - 31 January 2025
Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft - 31 January 2025
Law enforcement continues efforts to disrupt cybercrime forums and services - 30 January 2025
Exclusive: Apex Custom Software hacked, threat actors threaten to leak the software - 30 January 2025
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations - 30 January 2025
No need to hack when it’s leaking: ZAR clinics edition - 30 January 2025
Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter - 30 January 2025
Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown - 30 January 2025
SOC Analysts – Reimagining Their Role Using AI - 30 January 2025
DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked - 30 January 2025
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks - 30 January 2025
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits - 30 January 2025
New York Blood Center Enterprises Ransomware Attack Update - 29 January 2025
FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent - 29 January 2025
With his criminal trial looming, the hacker known as “DR32” pleaded guilty in federal court - 29 January 2025
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks - 29 January 2025
Personal medical information might have been exposed on Chicago Department of Public Health dashboard - 29 January 2025
Ransomware attack kept ENGlobal out of some systems for 6 weeks - 29 January 2025
How Interlock Ransomware Infects Healthcare Organizations - 29 January 2025
AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts - 29 January 2025
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits - 29 January 2025
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution - 29 January 2025
How Interlock Ransomware Infects Healthcare Organizations - 29 January 2025
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability - 29 January 2025
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer - 29 January 2025
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents - 29 January 2025
Attorney General James Secures $450,000 from Companies Selling Home Security Cameras that Failed to Secure Private Videos - 28 January 2025
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks - 28 January 2025
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking - 28 January 2025
DeepSeek hit with ‘large-scale’ cyber-attack after AI chatbot tops app stores - 28 January 2025
KuCoin Agrees to $297 Million Settlement Over Regulatory Breach - 28 January 2025
Update: Cybercriminals still not fully on board the AI train (yet) - 28 January 2025
Frederick Health recently identified a ransomware attack - 28 January 2025
Beyond the hype: The business reality of AI for cybersecurity - 28 January 2025
AI SOC Analysts: Propelling SecOps into the future - 28 January 2025
How Long Does It Take Hackers to Crack Modern Hashing Algorithms? - 28 January 2025
Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations - 28 January 2025
E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries - 28 January 2025
Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks - 28 January 2025
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More - 27 January 2025
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs - 27 January 2025
EU sanctions 3 GRU members for cyberattacks against Estonia - 27 January 2025
Hong Kong govt office sorry for losing tapes with personal data - 27 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] - 27 January 2025
Let’s Secure Insurance failed to secure their own data storage. Now they have a breach. - 27 January 2025
Do We Really Need The OWASP NHI Top 10? - 27 January 2025
GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities - 27 January 2025
MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks - 27 January 2025
Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks - 26 January 2025
Slovak PM accuses Ukraine — without any evidence — of involvement in alleged “massive cyberattack” - 25 January 2025
US Justice Department drops case against Texas doctor charged with leaking transgender care data - 25 January 2025
UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack - 25 January 2025
Hospital El Cruce takes its website offline following a severe cyberattack - 24 January 2025
HCF Management healthcare facilities hit by ransomware attack; more than 70,000 patients affected - 24 January 2025
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations - 24 January 2025
Proposed Turkish Law Could Mean Prison for Reporting Data Leaks - 24 January 2025
2025 State of SaaS Backup and Recovery Report - 24 January 2025
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations - 24 January 2025
Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations - 24 January 2025
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List - 24 January 2025
PayPal to pay NYS $2M for violating DFS’s Cybersecurity Regulation - 23 January 2025
Hackers Crack Subaru’s Connected Services To Access Location Data, Door Locks And More - 23 January 2025
Orlando Man Pleads Guilty To Conducting Series Of Cyber Intrusions Against Former Employer - 23 January 2025
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers - 23 January 2025
Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks - 23 January 2025
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits - 23 January 2025
Tesla Charger Exploits Earn Hackers $129,000 at Pwn2Own - 23 January 2025
Cisco Patches Critical Vulnerability in Meeting Management - 23 January 2025
Homebrew macOS Users Targeted With Information Stealer Malware - 23 January 2025
Axoflow Raises $7 Million for Security Data Curation Platform - 23 January 2025
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads - 23 January 2025
Record Number of Ransomware Attacks in December 2024 - 23 January 2025
SonicWall Learns From Microsoft About Potentially Exploited Zero-Day - 23 January 2025
New Research: The State of Web Exposure 2025 - 23 January 2025
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation - 23 January 2025
How to Eliminate Identity-Based Threats - 23 January 2025
Oxfam Hong Kong data leak: charity violated data protection law - 23 January 2025
Cloudflare CDN flaw leaks user location data, even through secure chat apps - 23 January 2025
Research Report: The Insider Threat Digital Recruitment Marketplace - 23 January 2025
QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features - 23 January 2025
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) - 23 January 2025
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware - 23 January 2025
FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know - 22 January 2025
Do-Over: “Pompompurin” to be Re-Sentenced - 22 January 2025
Application Security Firm DryRun Raises $8.7 Million in Seed Funding - 22 January 2025
DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots - 22 January 2025
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review - 22 January 2025
Doti AI Raises £7 Million Seed Funding for Instant Access to Internal Company Data - 22 January 2025
Call for Presentations Open for SecurityWeek’s 2025 Supply Chain Security & Third-Party Risk Summit - 22 January 2025
Cyber Insights 2025: APIs – The Threat Continues - 22 January 2025
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet - 22 January 2025
NY Attorney General James Announces Court Win Allowing Lawsuit Against Citibank to Continue - 22 January 2025
Oracle Patches 200 Vulnerabilities With January 2025 CPU - 22 January 2025
Murdoc Botnet Ensnaring Avtech, Huawei Devices - 22 January 2025
Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025 - 22 January 2025
Insider Threats: The Overlooked Risks of Departing Employees and Sensitive Data Theft - 22 January 2025
Record-Breaking DDoS Attack Reached 5.6 Tbps - 22 January 2025
Book Review: Infected – A Candid Look at VirusTotal’s Birth and Legacy - 22 January 2025
Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities - 22 January 2025
President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison - 22 January 2025
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks - 22 January 2025
Trump Pardons Founder of Silk Road Website - 22 January 2025
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack - 22 January 2025
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products - 22 January 2025
Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device - 22 January 2025
Today’s reminder not to just repeat threat actors’ claims without checking or attempting to verify them first. - 21 January 2025
Mitiga Banks$30M Series B to Expand Cloud and SaaS Security Platform - 21 January 2025
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers - 21 January 2025
Cyber Insights 2025: Attack Surface Management - 21 January 2025
Ransomware Groups Abuse Microsoft Services for Initial Access - 21 January 2025
Students, Educators Impacted by PowerSchool Data Breach - 21 January 2025
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks - 21 January 2025
Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties - 21 January 2025
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing” - 21 January 2025
Cybersecurity Incident Impacting Addison Northwest School District (ANWSD) - 21 January 2025
European Commission Publishes Action Plan on Cybersecurity of Hospitals and Healthcare Providers - 21 January 2025
HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects - 21 January 2025
PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers - 21 January 2025
CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits - 20 January 2025
Toronto student information dating back to 1985 may have been accessed in PowerSchool cyber incident - 20 January 2025
Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes - 20 January 2025
DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection - 20 January 2025
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers - 20 January 2025
The U.K. is considering prohibiting ransom payments. It’s a difficult issue. - 20 January 2025
Social Media Security Firm Spikerz Raises $7 Million - 20 January 2025
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities - 20 January 2025
CISA, FBI Update Software Security Recommendations - 20 January 2025
FCC Taking Action in Response to China’s Telecoms Hacking - 20 January 2025
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI - 20 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January] - 20 January 2025
HPE Investigating Breach Claims After Hacker Offers to Sell Data - 20 January 2025
TikTok Restores Service for US Users Based on Trump’s Promised Executive Order - 20 January 2025
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP - 20 January 2025
TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025 - 19 January 2025
DOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacks - 18 January 2025
FBI Warned Agents It Believes Phone Logs Hacked Last Year - 18 January 2025
Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network - 18 January 2025
TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling - 18 January 2025
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon - 18 January 2025
US Government Agencies Call for Closing the Software Understanding Gap - 17 January 2025
Wolf Haldenstein Data Breach Impacts 3.4 Million People - 17 January 2025
In Other News: Lawsuits and Settlements, CrowdStrike Phish, MITRE’s D3FEND 1.0 - 17 January 2025
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation - 17 January 2025
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation - 17 January 2025
Google Releases Open Source Library for Software Composition Analysis - 17 January 2025
MedSave Health Insurance TPA hacked; firm has yet to comment or respond - 17 January 2025
Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday - 17 January 2025
US Announces Sanctions Against North Korean Fake IT Worker Network - 17 January 2025
New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass - 17 January 2025
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs - 17 January 2025
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal? - 17 January 2025
Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise - 16 January 2025
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China - 16 January 2025
Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting - 16 January 2025
Gootloader inside out - 16 January 2025
Cisco Unveils New AI Application Security Solution - 16 January 2025
Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups - 16 January 2025
Sophos ZTNA Updates - 16 January 2025
Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws - 16 January 2025
Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action - 16 January 2025
Wultra Raises €3 Million for Post-Quantum Authentication - 16 January 2025
North Korean Hackers Targeting Freelance Software Developers - 16 January 2025
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy - 16 January 2025
Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer - 16 January 2025
Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions - 16 January 2025
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 - 16 January 2025
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits - 16 January 2025
Biden Executive Order Aims to Shore Up US Cyber Defenses - 16 January 2025
Cyber Insights 2025: Identities - 16 January 2025
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records - 16 January 2025
Data From 15,000 Fortinet Firewalls Leaked by Hackers - 16 January 2025
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws - 16 January 2025
Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager - 16 January 2025
Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump - 15 January 2025
HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $10,000 - 15 January 2025
FTC Takes Action Against GoDaddy for Alleged Lax Data Security for Its Website Hosting Services - 15 January 2025
FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers - 15 January 2025
DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing - 15 January 2025
Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99 - 15 January 2025
Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes - 15 January 2025
Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes - 15 January 2025
Cyber Insights 2025: Open Source and Software Supply Chain Security - 15 January 2025
North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains - 15 January 2025
Chrome 132 Patches 16 Vulnerabilities - 15 January 2025
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities - 15 January 2025
The High-Stakes Disconnect For ICS/OT Security - 15 January 2025
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool - 15 January 2025
Fortinet Confirms New Zero-Day Exploitation - 15 January 2025
US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists - 15 January 2025
Ivanti Patches Critical Vulnerabilities in Endpoint Manager - 15 January 2025
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment - 15 January 2025
ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA - 15 January 2025
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation - 15 January 2025
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks - 15 January 2025
3 Actively Exploited Zero-Day Flaws Patched in Microsoft’s Latest Security Update - 15 January 2025
159-CVE January Patch Tuesday smashes single-month record - 14 January 2025
HHS Office for Civil Rights Settles HIPAA Phishing Cybersecurity Investigation with Solara Medical Supplies, LLC for $3,000,000 - 14 January 2025
Adobe: Critical Code Execution Flaws in Photoshop - 14 January 2025
UK Considers Banning Ransomware Payment by Public Sector and CNI - 14 January 2025
Microsoft Patches Trio of Exploited Windows Hyper-V Zero-Days - 14 January 2025
Biden Signs Executive Order Aimed at Growing AI Infrastructure in the US - 14 January 2025
WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors - 14 January 2025
How to Eliminate “Shadow AI” in Software Development - 14 January 2025
BforeAI Raises $10 Million for Predictive Attack Intelligence - 14 January 2025
Google OAuth Vulnerability Exposes Millions via Failed Startup Domains - 14 January 2025
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation - 14 January 2025
Orchid Security Banks Hefty $36M Seed Round - 14 January 2025
Snyk Says ‘Malicious’ NPM Packages Part of Research Project - 14 January 2025
Cyber Insights 2025: Cyber Threat Intelligence - 14 January 2025
Western Security Agencies Share Advice on Selecting OT Products - 14 January 2025
SAP Patches Critical Vulnerabilities in NetWeaver - 14 January 2025
Robinhood to Pay $45 Million SEC Settlement Over Data Breach, Other Violations - 14 January 2025
Equifax Class Action Settlement 2024 Payment Started, Claimants Getting Paid Via Checks - 14 January 2025
UK floats ransomware payout ban for public sector - 14 January 2025
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks - 14 January 2025
Compromised AWS Keys Abused in Codefinger Ransomware Attacks - 14 January 2025
Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments - 14 January 2025
Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation - 14 January 2025
Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware - 14 January 2025
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored - 14 January 2025
Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces - 14 January 2025
Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions - 14 January 2025
Infostealer Infections Lead to Telefonica Ticketing System Breach - 13 January 2025
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks - 13 January 2025
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming - 13 January 2025
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners - 13 January 2025
Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability - 13 January 2025
US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals - 13 January 2025
PowerSchool Faces Suit Over Breach of Student, Teacher Data - 13 January 2025
Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS - 13 January 2025
Emerging FunkSec Ransomware Developed Using AI - 13 January 2025
Former Disney Employee Admits to Hacking Menu System to Change Allergy Information - 13 January 2025
Phishing texts trick Apple iMessage users into disabling protection - 13 January 2025
Ransomware on ESXi: The mechanization of virtualized attacks - 13 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] - 13 January 2025
China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports - 13 January 2025
RIBridges has many lines of defense. How was the system breached? - 13 January 2025
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems - 13 January 2025
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables - 13 January 2025
Nine months after discovering a ransomware attack, Teton Orthopaedics notifies patients - 12 January 2025
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation - 11 January 2025
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering - 11 January 2025
PowerSchool Sued Over December Breach of Student, Teacher Data - 10 January 2025
PowerSchool Incident: A few resources for teachers, parents, and former students - 10 January 2025
Meloni Says Italy Is Exploring Deals on Telecoms Security, but Denies Private Talks With Musk - 10 January 2025
In Other News: Bank of America Warns of Data Breach, Trucking Cybersecurity, Treasury Hack Linked to Silk Typhoon - 10 January 2025
AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics - 10 January 2025
Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs - 10 January 2025
Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach - 10 January 2025
Banshee macOS Malware Expands Targeting - 10 January 2025
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures - 10 January 2025
PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts - 10 January 2025
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer - 10 January 2025
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns - 10 January 2025
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices - 10 January 2025
Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity - 10 January 2025
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers - 9 January 2025
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption - 9 January 2025
Darktrace to Acquire Incident Investigation Firm Cado Security - 9 January 2025
Hong Kong privacy watchdog warns URA over leaked details of 199 tenants, owners - 9 January 2025
Hackers Claim To Have Compromised Data Broker Used By U.S. Government To Dodge Warrants - 9 January 2025
Medical Billing Firm Medusind Says Data Breach Impacts 360,000 People - 9 January 2025
SonicWall Patches Authentication Bypass Vulnerabilities in Firewalls - 9 January 2025
GFI KerioControl Firewall Vulnerability Exploited in the Wild - 9 January 2025
Product Review: How Reco Discovers Shadow AI in SaaS - 9 January 2025
The ‘Worst in Show’ CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say - 9 January 2025
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool - 9 January 2025
From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025 - 9 January 2025
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan - 9 January 2025
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions - 9 January 2025
Excelsior Orthopaedics Data Breach Impacts 357,000 People - 9 January 2025
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies - 9 January 2025
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection - 9 January 2025
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws - 9 January 2025
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure - 8 January 2025
HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with USR Holdings, LLC Concerning the Deletion of Electronic Protected Health Information - 8 January 2025
HHS Office for Civil Rights Settles 9th Ransomware Investigation with Virtual Private Network Solutions - 8 January 2025
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product - 8 January 2025
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections - 8 January 2025
Telegram Shared Data of Thousands of Users After CEO’s Arrest - 8 January 2025
Symbol Will Indicate When Connected Devices Are Cyber Secure - 8 January 2025
Japan Links Chinese Hacker MirrorFace to Dozens of Cyberattacks Targeting Security and Tech Data - 8 January 2025
Thousands Impacted by Casio Data Breach - 8 January 2025
Rationalizing the Stack: The Case for Security Vendor Consolidation - 8 January 2025
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques - 8 January 2025
PowerSchool discloses breach affecting hosted and self-hosted school k-12 districts - 8 January 2025
Cybersecurity Funding Reached $9.5 Billion in 2024: Report - 8 January 2025
New Labels Will Help People Pick Devices Less at Risk of Hacking - 8 January 2025
Insider Threat: Tackling the Complex Challenges of the Enemy Within - 8 January 2025
Top 5 Malware Threats to Prepare Against in 2025 - 8 January 2025
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities - 8 January 2025
CISA Warns of Mitel MiCollab Vulnerabilities Exploited in Attacks - 8 January 2025
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks - 8 January 2025
First Android Update of 2025 Patches Critical Code Execution Vulnerabilities - 8 January 2025
FCC Launches ‘Cyber Trust Mark’ for IoT Devices to Certify Security Compliance - 8 January 2025
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation - 7 January 2025
Veracode Targets Malicious Code Threats with Phylum Acquisition - 7 January 2025
HHS Office for Civil Rights Settles 8th Ransomware Investigation with Elgon Information Systems - 7 January 2025
Trolley Problem, Safety Versus Security of Generative AI - 7 January 2025
Chinese Tech Companies Tencent, CATL and Others Protest US Listings as Army-Linked Companies - 7 January 2025
Former NSA Director Rob Joyce Joins DataTribe as Venture Partner - 7 January 2025
Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers - 7 January 2025
Two ransomware groups claimed they attacked Rutherford County Schools. One leaked sensitive records. - 7 January 2025
Washington Attorney General Sues T-Mobile Over 2021 Data Breach - 7 January 2025
Dell, HPE, MediaTek Patch Vulnerabilities in Their Products - 7 January 2025
Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year - 7 January 2025
Critical Infrastructure Ransomware Attack Tracker Reaches 2,000 Incidents - 7 January 2025
CISA: No Federal Agency Beyond Treasury Impacted by BeyondTrust Incident - 7 January 2025
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks - 7 January 2025
CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing - 7 January 2025
New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities - 7 January 2025
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers - 7 January 2025
Anticipating the Cyber Frontier: Top Predictions for 2025 - 6 January 2025
India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements - 6 January 2025
Code Execution Flaw Found in Nuclei Vulnerability Scanner - 6 January 2025
Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024 - 6 January 2025
Tenable Disables Nessus Agents Over Faulty Updates - 6 January 2025
Cybersecurity M&A Roundup: 37 Deals Announced in December 2024 - 6 January 2025
Is Your Car Spying on You? What It Means That Tesla Shared Data in the Las Vegas Explosion - 6 January 2025
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices - 6 January 2025
From $22M in Ransom to +100M Stolen Records: 2025’s All-Star SaaS Threat Actors to Watch - 6 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan] - 6 January 2025
US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure - 6 January 2025
IT Giant Atos Responds to Ransomware Group’s Data Theft Claims - 6 January 2025
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages - 6 January 2025
Tenable CEO Amit Yoran Dead at 54 - 6 January 2025
Many researchers are pseudonymous. That doesn’t justify ignoring their alerts. - 5 January 2025
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution - 4 January 2025
New York Modifies Data Breach Law Heading Into 2025 - 4 January 2025
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps - 4 January 2025
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns - 4 January 2025
India’s Digital Data Protection Framework: Safety, Trust and Resilience - 3 January 2025
Khalil Center’s impressively rapid incident response - 3 January 2025
Feds claims just 7% of available funds from OPM breach settlement, remainder returns to Treasury - 3 January 2025
In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury - 3 January 2025
Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability - 3 January 2025
FireScam Android Malware Packs Infostealer, Spyware Capabilities - 3 January 2025
New York Hospital Says Ransomware Attack Data Breach Impacts 670,000 - 3 January 2025
US Imposes Sanctions on Russian and Iranian Groups Over Disinformation Targeting American Voters - 3 January 2025
New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60% - 3 January 2025
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers - 3 January 2025
Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption - 3 January 2025
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations - 3 January 2025
Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping - 2 January 2025
No need to hack when it’s leaking: Roomster edition - 2 January 2025
US Arrests Army Soldier Over AT&T, Verizon Hacking - 2 January 2025
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API - 2 January 2025
Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them - 2 January 2025
Three Russian-German Nationals Charged with Espionage for Russian Secret Service - 2 January 2025
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT - 2 January 2025
Hacked on Christmas, DEphoto starts notifying customers, only to be attacked again - 1 January 2025
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites - 1 January 2025
Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics - 1 January 2025
Westend Dental agrees to pay Indiana $350K and to implement corrective action plan to settle charges of multiple HIPAA violations - 31 December 2024
Rhode Islanders’ Data Was Leaked From a Cyberattack on State Health Benefits Website - 31 December 2024
Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign - 31 December 2024
U.S. Army Soldier Arrested in AT&T, Verizon Extortions - 31 December 2024
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy - 31 December 2024
Chinese hackers breached Treasury Department workstations, documents in ‘major cybersecurity incident’ - 31 December 2024
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents - 31 December 2024
Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident - 30 December 2024
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation - 30 December 2024
More details emerge about RIBridges data breach; Deloitte tells state threat actors have leaked data - 30 December 2024
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks - 30 December 2024
Four-Faith Industrial Router Vulnerability Exploited in Attacks - 30 December 2024
Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks - 30 December 2024
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips - 30 December 2024
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits - 30 December 2024
US Issues Final Rule for Protecting Personal Data Against Foreign Adversaries - 30 December 2024
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions - 30 December 2024
Cisco Confirms Authenticity of Data After Second Leak - 30 December 2024
Several Chrome Extensions Compromised in Supply Chain Attack - 30 December 2024
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft - 29 December 2024
A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says - 29 December 2024
Philippine Commision on Audit notes dearth of data privacy officers despite law - 28 December 2024
White House Clears HIPAA Security Rule Update - 28 December 2024
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials - 28 December 2024
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign - 27 December 2024
Massive VW Group Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Brothels - 27 December 2024
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS - 27 December 2024
2024’s Data Breaches: Breaches Handled Badly - 27 December 2024
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia - 27 December 2024
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks - 27 December 2024
Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately - 27 December 2024
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization - 27 December 2024
Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts - 26 December 2024
Defense Giant General Dynamics Says Employees Targeted in Phishing Attack - 26 December 2024
The Intersection of AI and OSINT: Advanced Threats On The Horizon - 26 December 2024
Japan Airlines recovers from cyberattack, confirms no customer data leaks - 26 December 2024
Brazilian Man Charged With Making Extortionate Threats To Publicize Stolen Data Obtained By Unlawful Computer Intrusion - 26 December 2024
Japan Airlines Was Hit by a Cyberattack, Delaying Flights During the Year-End Holiday Season - 26 December 2024
Cl0p Ransomware Group to Name Over 60 Victims of Cleo Attack - 26 December 2024
Jamestown Pharmacist Arrested and Charged with Health Care Fraud and Aggravated Identity Theft in a Multi-Million Dollar Health Care Fraud Scheme - 25 December 2024
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week - 25 December 2024
Clop ransomware is now extorting 66 Cleo data-theft victims - 25 December 2024
Journalist faces Crime Branch action for exposing data breach, Kerala’s press fights back - 25 December 2024
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now - 25 December 2024
Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks - 25 December 2024
Happy Holidays from DataBreaches.net! - 25 December 2024
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware - 25 December 2024
FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024 - 24 December 2024
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts - 24 December 2024
American Addiction Centers Data Breach Impacts 422,000 People - 24 December 2024
CA: Electronic data security breach at Milton long-term care home revealed - 24 December 2024
KY: Personal data of Boone, Kenton County students breached, school officials say - 24 December 2024
Today’s insider threat: Ardyss edition - 24 December 2024
2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program - 24 December 2024
Adobe Patches ColdFusion Flaw at High Risk of Exploitation - 24 December 2024
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation - 24 December 2024
North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin - 24 December 2024
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks - 24 December 2024
Live Webinar | Get Ahead and Stay Ahead of Threats with Tanium and Microsoft - 23 December 2024
ENISA: Software vulnerability prevention initiatives - 23 December 2024
Live Webinar | Supercharge Your ServiceNow CMDB with Complete and Real-Time Data - 23 December 2024
Accounting of Disclosures Under the HITECH Act - 23 December 2024
FFIEC Final Authentication Guidance - 23 December 2024
Annual Report to Congress on Breaches of Unsecured Protected Health Information - 23 December 2024
Models Can Strategically Lie, Finds Anthropic Study - 23 December 2024
Turmoil Besets Phishing-as-a-Service Toolkit Rockstar 2FA - 23 December 2024
North Korean Hackers Tied to $1.3B in Stolen Crypto in 2024 - 23 December 2024
US Considers TP-Link Ban After Volt Typhoon Hacking Campaign - 23 December 2024
Illinois Department of Human Services phishing attack affected more than 1.1M public assistance clients - 23 December 2024
Douglas County Health & Human Services notifies patients that former employee accessed their records inappropriately - 23 December 2024
Ascension cyberattack exposed personal data of 5.6 million people - 23 December 2024
The Fine Line Between Ideology and Crime: Understanding the True Purpose of Dragon Ransomware – The Interview - 23 December 2024
Tracker firm Hapn spilled names of thousands of GPS tracking customers - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog, Part 3: Ethics and Goals - 23 December 2024
New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog, Part 2: Methods - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog: Preface - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog, Part 1: Background - 23 December 2024
Sophos AI to present on how to defang malicious AI models at Black Hat Europe - 23 December 2024
December Patch Tuesday arrives bearing 71 gifts - 23 December 2024
Network security best practices for the holidays - 23 December 2024
Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise - 23 December 2024
Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise - 23 December 2024
DeepSpeed: a tuning tool for large language models - 23 December 2024
The Bite from Inside: The Sophos Active Adversary Report - 23 December 2024
Sophos ranked #1 overall for Firewall, MDR, and EDR in the G2 Winter 2025 Reports - 23 December 2024
Year in Review 2024: The major headlines and moments from Sophos this year - 23 December 2024
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces - 23 December 2024
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack - 23 December 2024
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation - 23 December 2024
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages - 23 December 2024
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware - 23 December 2024
Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations - 23 December 2024
Top 10 Cybersecurity Trends to Expect in 2025 - 23 December 2024
U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case - 23 December 2024
Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service - 23 December 2024
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips - 23 December 2024
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case - 23 December 2024
Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US - 23 December 2024
Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme - 23 December 2024
In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process - 23 December 2024
Botnet of 190,000 BadBox-Infected Android Devices Discovered - 23 December 2024
Apple Complains Meta Requests Risk Privacy in Spat Over EU Efforts to Widen Access to iPhone Tech - 23 December 2024
LockBit Ransomware Developer Arrested in Israel at Request of US - 23 December 2024
Italy’s Privacy Watchdog Fines OpenAI for ChatGPT’s Violations in Collecting Users Personal Data - 23 December 2024
5.6 Million Impacted by Ransomware Attack on Healthcare Giant Ascension - 23 December 2024
Sophos Patches Critical Firewall Vulnerabilities - 23 December 2024
Beware Of Shadow AI – Shadow IT’s Less Well-Known Brother - 23 December 2024

Pages

Posts

News