An analysis of the NSO BLASTPASS iMessage exploit Posted by Ian Beer, Google Project Zero On September 7, 2023 Apple issued an out-of-band security update for iOS: Around the same time on...
Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting...
Investigation under way after around 9,000 documents – including sensitive affidavits – exposedFollow our Australia news live blog for latest updatesGet our breaking news email, free app or daily...
A threat actor named 'RedCurl,' known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines. [...]
Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass. Tracked as CVE-2025-22230, the vulnerability...
The U.K. National Cyber Security Centre (NCSC) has introduced a comprehensive set of eight principles for privileged access... The post UK NCSC introduces eight principles to enhance cyber...
Ontinue identifies that ransomware attacks rose 132 percent, despite a 35 percent drop in payments, signaling a shift... The post Ontinue reports 132% surge in ransomware attacks, with AiTM and...
The UK government’s new fraud minister will today announce plans for a newly expanded fraud strategy
Google has rolled out a new security update for Chrome users, following the discovery of a vulnerability, CVE-2025-2783, affecting the Windows version of the browser. The update was made available...
The Tenable Cloud AI Risk Report 2025 reveals that 70% of AI cloud workloads have at least one unremediated critical vulnerability — and that AI developer services are plagued by risky permissions...
Microsoft says that some customers might experience Remote Desktop and RDS connection issues after installing recent Windows updates released since January 2025. [...]
Generative AI (GenAI) has quickly become a core in enterprise environments, but with its growing adoption comes significant security concerns. A recent report highlights 30-fold increase in the...
Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. [...]
The decentralized finance (DeFi), Abracadabra, is dealing with a cyberattack that resulted in the theft of nearly $13 million worth of cryptocurrency. The Abracadabra cyberattack, which targeted...
Since the start of 2025, a series of major cybersecurity incidents have been observed in Malaysia, including ransomware attacks, unauthorized intrusions, the spread of the SparkCat malicious app,...
Microsoft and Veeam are investigating a known issue that triggers connection errors on Windows 11 24H2 systems when restoring from Veeam Recovery Media. [...]
Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian organizations. [...]
The Aqara Camera Hub G5 Pro combines home security with hub features, providing AI-powered visual recognition without a subscription. It's also on sale right now.
The order seeks to withhold federal funding from states that don’t comply, sparking a heated backlash from legal and election experts. The post Trump issues executive order seeking greater federal...
On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had suffered a data breach. According to published reports, the attacker claimed that 6 million customer...
Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.
This is a guide on how to check whether someone compromised your online accounts.
Microsoft is partnering with top firms to launch new AI security tools, boosting breach analysis, threat detection, and AI model protection across cloud platforms.
The crypto lending platform said the issue was sourced back to a product it calls “cauldrons” — isolated lending markets that allow users to borrow against a variety of cryptocurrencies.
Connor Riley Moucka signed a consent order on Friday in Ontario Superior Court in Kitchener that would allow him to be transferred to U.S. custody to face multiple charges.
Satellite navigation systems are under rising threat from jamming and spoofing attacks, risking aviation, maritime, and telecom safety worldwide, warn global agencies.
A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. "Raspberry Robin (also known as Roshtyak or Storm-0856) is a...
An Intelligence Committee hearing focused on the security risks of a cabinet-level group chat that included a reporter from The Atlantic. The post Senators criticize Trump officials’ discussion of...
Computer outages at Malaysia’s Kuala Lumpur International Airport (KLIA) this weekend were attributed to a recent cyberattack, according to the country’s cybersecurity agency and aviation authority.
A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident...