A group tracked as Predatory Sparrow said it was responsible for hacking Bank Sepah as the conflict between Israel and Iran intensified.
Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability. [...]
Zoomcar confirms 2025 breach affecting 8.4M users, echoing its 2018 data leak. Personal info exposed, financial data safe, investigation ongoing.
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal
A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. [...]
Defenders have identified a highly sophisticated campaign orchestrated by the GrayAlpha threat actors. In this campaign, hackers employ fake browser updates and other infection vectors to deliver...
The UK Information Commissioner's Office (ICO) has fined genetic testing provider 23andMe £2.31 million ($3.12 million) over 'serious security failings' that led to a 'profoundly damaging' data...
Meta Platforms on Monday announced that it's bringing advertising to WhatsApp, but emphasized that the ads are "built with privacy in mind." The ads are expected to be displayed on the Updates tab...
Microsoft’s Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe
Microsoft has released an emergency update to fix a known issue causing startup failures for some Surface Hub v1 devices running Windows 10. [...]
Tired of drowning in IT tickets? This AI-powered workflow built on Tines auto-triages common issues like known bugs & password resets—saving time for your team and speeding up resolution. Learn...
We analyze two new KimJongRAT stealer variants, combining new research with existing knowledge. One uses a Portable Executable (PE) file and the other PowerShell. The post Exploring a New...
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records. [...]
Tenable Cloud Research discovered a supply chain compromise vulnerability in Google's Gerrit code-collaboration platform which we dubbed GerriScary. GerriScary allowed unauthorized code submission...
New City of London Police data reveals British men and women lost over £100m to romance fraudsters in 2024
Every major browser on every platform offers a way to save passwords and passkeys. If you use a third-party password manager, those built-in features can create a big mess. Here's how to clean things up.
Google has unveiled its Safety Charter in India, which will expand its AI-led developments for fraud detection and combating scams across the country, the company’s largest market outside the...
Smarter TV operating systems bring more convenience - but they also raise new privacy concerns, especially when it comes to automatic content recognition (ACR).
The shooter allegedly researched several “people search” sites in an attempt to target his victims, highlighting the potential dangers of widely available personal data.
Explore how China’s PLA is adopting generative AI for military intelligence. This Insikt Group report reveals AI-driven intelligence tools, strategic adaptations, and implications for global security.
The new I/O solution gives manufacturers greater design freedom to build smarter, more adaptable machines.
She will assume the role on Sept. 1, 2025, succeeding Ola Samelius, who will retire in 2026 after many successful years with the company.
Explore how IPv6-first networks disrupt mass scanning tactics and enable stronger, AI-driven security through deceptive address space and Zero Trust principles.
There’s a new Erlang OTP vulnerability, CVE-2025-4748. It’s an Absolute Path Traversal vulnerability involving a Zip archive, which I have a lot of practice with. It affects Erlang OTP, which a...
CVE-2025-3248 is an unauthenticated remote code execution (RCE) vulnerability in Langflow, a popular Python-based framework for building AI applications. The flaw lies in the code validation...
The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other...
The ever-popular penetration testing Linux distribution is now better refined for ethical hacking, penetration testing, audits, and network research.
The U.S. State Department said it is looking for information on hackers linked to Iran's Islamic Revolutionary Guard Corps.
Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant. The post Scattered Spider, fresh off retail sector attack spree,...
Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant. The post Scattered Spider, fresh off retail sector attack spree,...