Eduard Kovacs

The latest Android updates fix vulnerabilities in Runtime, Framework, System, and third-party components of the mobile OS.

Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute.

Exploitation of the vBulletin vulnerability tracked as CVE-2025-48827 and CVE-2025-48828 started shortly after disclosure.

Nova Scotia Power has finally admitted that the recent cyberattack was a ransomware attack, but it hasn’t paid the hackers.

The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted.

Marlboro-Chesterfield Pathology has been targeted by the SafePay ransomware group, which stole personal information from its systems.

UK retailer Marks & Spencer expects the disruptions caused by the recent cyberattack to continue through July. 

More than 100 AutomationDirect MB-Gateway devices may be vulnerable to attacks from the internet due to CVE-2025-36535.

Many of the industrial control system (ICS) instances seen in internet scanning are likely or possibly honeypots, not real devices.

An OpenPGP.js vulnerability tracked as CVE-2025-47934 allows message signature verification to be spoofed. 

The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization. 

New CISA Deputy Director Madhu Gottumukkala has joined the agency from South Dakota’s Bureau of Information and Technology.

The UK’s Legal Aid Agency was targeted in a cyberattack in April and it recently determined that hackers have stolen sensitive data.

Serviceaide exposed a database containing personal and medical information belonging to Catholic Health patients.

Pwn2Own participants demonstrated exploits against VMs, AI, browsers, servers, containers, and operating systems.

The 15th edition of NATO’s Locked Shields cyber defense exercise brought together 4,000 experts from 41 countries.

Pwn2Own participants have earned tens of thousands of dollars for Red Hat, Windows, Oracle VirtualBox, Docker Desktop, and AI exploits.

American steel giant Nucor on Wednesday disclosed a cybersecurity incident that bears the hallmarks of a ransomware attack.

Enterprise cybersecurity giant Proofpoint is buying Germany-based Microsoft 365 security solutions provider Hornetsecurity.

Nova Scotia Power says a wide range of personal and financial information was stolen in the recent cyberattack.