A flaw has been discovered in OpenPGP.js, a widely used JavaScript library for OpenPGP encryption. Tracked as CVE-2025-47934, the vulnerability allows threat actors to spoof both signed and...
Signal has updated its Windows app to protect users' privacy by blocking Microsoft's AI-powered Recall feature from taking screenshots of their conversations. [...]
The U.S. Department of Justice (DOJ) announced that it had obtained and acted on the two court-approved warrants authorizing the seizure of five internet domains linked to a global malware...
Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems. [...]
Russia-aligned TAG-110 shifts to .dotm phishing lures in a 2025 campaign against Tajikistan’s public sector, advancing cyber-espionage in Central Asia.
Microsoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners.
Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be...
Cellcom CEO Brighid Riordan said the company has been dealing with a “cyber incident” but they “simply don’t have a lot of facts.”
Threat actor 'ByteBreaker' claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts.
Cover Your Tracks opened my eyes... and made me switch browsers ASAP.
Hanan Elatr Khashoggi has alleged that the spyware vendor played a role in the death of her husband. The post Appeals court rejects attempt by Khashoggi widow to renew suit against NSO Group...
Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI. The post Lumma infostealer infected about 10 million systems...
Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI. The post Lumma infostealer infected about 10 million systems...
On aggregate, the global ransomware industry accrued hundreds of millions of dollars in various cryptocurrencies in 2024 alone. But the story of that money doesn’t stop there.
Even after its refurbishing, Recall provides few ways to exclude specific apps.
Modern cloud ecosystems often place a single identity provider in charge of handling logins and tokens for a wide range of customers.
As the crypto market continues to mature, investors are looking for sophisticated financial instruments that allow them to…
A sting involving law enforcement and private sector companies disrupted the Lumma infostealer — malware sold around the globe to cybercriminals and credited for millions of infections.
Anthropic is secretly working on two new models called Claude Sonnet 4 and Opus 4, which are believed to be the company's most advanced AI models. [...]
Sen. Ron Wyden said in a letter that one U.S. phone carrier turned over Senate data to law enforcement without notifying the target.
The campaign traces back at least to early 2022, coinciding with the start of Russia’s full-scale invasion of Ukraine. The post Multi-national warning issued over Russia’s targeting of logistics,...
The campaign traces back at least to early 2022, coinciding with the start of Russia’s full-scale invasion of Ukraine. The post Multi-national warning issued over Russia’s targeting of logistics,...
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. "The campaign aimed at Russian business began...
ChatGPT's Operator, which is still in research preview, will soon become a "very useful tool," according to Jerry Tworek, VP of Research at OpenAI. [...]
A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML...
Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into...
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid...
In documents filed with regulators in Maine on Tuesday, Coinbase said the information leaked included details like photos of passports and government IDs, as well as account information such as...
In a joint cybersecurity advisory issued today, U.S. and allied intelligence agencies confirmed what many threat analysts have long suspected: the Russian GRU military intelligence agency is...
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in...