Ubiquity has disclosed two security vulnerabilities affecting its widely used video surveillance platform, UniFi Protect. One of the flaws, now assigned the identifier CVE-2025-23123, has been...
The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services
In this special edition of the Cybersecurity Snapshot, we bring you some of the most valuable guidance offered by the U.K. National Cyber Security Centre (NCSC) in the past 18 months. Check out...
Here’s a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted
India and Pakistan have been trading blows in the wake of a militant attack on tourists in Indian-administered Kashmir last month. On May 7, India said it had launched missile strikes in Pakistan...
Heard of polymorphic browser extensions yet? You will. These savage imposters threaten the very future of credential management. Here's what you need to know - and do.
The Federal Bureau of Investigation (FBI) has issued a warning about the TheMoon malware. The warning also stresses the dramatic uptick in cyberattacks targeting aging internet routers, especially...
The Toronto District School Board (TDSB) has informed parents and staff of a renewed cyber threat following a major data breach involving education technology giant PowerSchool. The extortion...
On the Google Cloud CLI gcloud, the authentication process works using OAuth and a server that is quickly setup on the computer at localhost:50000. This means that http://localhost is actually a...
It’s May, which means it’s Maintainer Month, a time to spotlight the people who quietly keep the digital world running: open source maintainers.We’re talking about the folks patching that package...
The new LMX-1204G-SFP-T-BABA Gigabit Ethernet switch has been recognized as winner in 2025 GOVIES Government Security Awards.
Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…
CBP's acting commissioner has rescinded four Biden-era policies that aimed to protect vulnerable people in the agency's custody, including mothers, infants, and the elderly.
In April, South Korea’s telco giant SK Telecom (SKT) was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, equivalent to almost half of the...
Cybersecurity researchers have exposed what they say is an "industrial-scale, global cryptocurrency phishing operation" engineered to steal digital assets from cryptocurrency wallets for several...
He’s the latest Democrat who sits on an appropriations panel to sharply criticize CISA personnel reductions and proposed funding cuts. The post Sen. Murphy: Trump administration has ‘illegally...
PowerSchool paid ransom after a major data breach; now hackers are targeting teachers and schools with direct extortion…
As tensions flare and the possibility of full blown armed conflict between India and Pakistan grows, there is a need not just for restraint and awareness but also for digital discipline - a...
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The...
Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a...
The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. [...]
How do attackers exploit authority bias to manipulate victims? Martin shares proactive strategies to protect yourself and others in this must-read edition of the Threat Source newsletter.
Schools in Toronto and North Carolina are reporting extortion attempts.
Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. [...]
61% of security leaders reported suffering a breach due to failed or misconfigured controls over the past 12 months. This is despite having an average of 43 cybersecurity tools in place. This...
LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a…
Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. [...]
The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public...
Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action