Cybersecurity researcher Jeremiah Fowler discovered a data exposure at Australian fintech Vroom by YouX, exposing 27,000 records, including driver's licenses, bank statements, and more.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited...

A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that's used to...

Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras

Understanding trends amidst noise: tracking shifts in security alerts allows cloud defenders to parse threats from attackers targeting IAM, storage and more. The post Cloud Threats on the Rise:...

2025-03-25 • JPCERT/CC • Hayato Sasaki Open article on Malpedia

2025-03-26 • Zscaler • Brett Stone-Gross • win.coffee_loader Open article on Malpedia

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]

Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time

2025-03-25 • DomainTools • DomainTools Open article on Malpedia

You can't escape AI in WhatsApp even if you are based in one of the 41 European countries. Today, more people are seeing the Meta AI chatbot being added to WhatsApp. [...]

The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens

​Microsoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday. [...]

The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security

Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against 'Big Tech'...

A set of vulnerabilities have been identified in Ingress-NGINX Controller for Kubernetes, posing a risk to organizations relying on the affected versions. These vulnerabilities impact versions...

A serious security vulnerability has recently been identified in NetApp’s SnapCenter software, a widely used enterprise solution for managing data protection. This flaw, tracked as CVE-2025-26512,...

2025-03-26 • Twitter (@MalGamy12) • Gameel Ali • win.ralord Open article on Malpedia

NHS vendor Advanced will pay just over £3 million ($3.8 million) in fines for not implementing basic security measures before it suffered a ransomware attack in 2022, the U.K.’s data protection...

IT and security workforce management firm CyberSN surveyed job listings from 2022 to 2024. Yes, decreases in demand for some job titles may be related to AI.

2025-03-25 • Kaspersky Labs • Boris Larin, Igor Kuznetsov Open article on Malpedia

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud...

In a major cybersecurity operation, the UAE government successfully prevented attacks on 634 government and private entities, preventing what could have been a large-scale UAE cyberattack or data...

Scroll down ↓ Drone footage captured in March 2023 and March 2025, shows destruction in Gaza’s Jabalia/Jabaliya Refugee Camp. Credit: Shadi Al-Tabatiby and Forbidden Stories/Stringer. Scroll Down...

A business that provides IT services to numerous healthcare providers in the United Kingdom has been fined about $4 million by the country’s privacy regulator over a ransomware attack in 2022.

Discover how Recorded Future improves cybersecurity team productivity, saving 100+ hours weekly and driving $290K in annual ROI through threat intelligence.

March 27, 2025 According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the first quarter of 2025 increased by 7.23%, compared to the fourth quarter of...

March 27, 2025 According to detection statistics collected by Dr.Web Security Space for mobile devices, ad-displaying Android.HiddenAds trojans remained the most common Android malware. Moreover,...

The Internet Archive (Archive.org), home to the Wayback Machine, is temporarily offline due to a reported power outage.…

The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor...