Latest News

The latest Android updates fix vulnerabilities in Runtime, Framework, System, and third-party components of the mobile OS.

Covered organizations in Australia are now required to report ransomware and other cyber extortion payments within three days.

Reported by the Google Threat Analysis Group, the vulnerability might have been exploited by commercial spyware.

Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute.

Luxury brand Cartier disclosed a data breach in which an unauthorized party gained access to its systems and obtained some client information.

Cryptocurrency mining operation hits exposed Consul dashboards, Docker Engine APIs and Gitea code-hosting instances to push Monero miner.

Chipmaker says there are indications from Google Threat Analysis Group that a trio of flaws “may be under limited, targeted exploitation.”

Exploitation of the vBulletin vulnerability tracked as CVE-2025-48827 and CVE-2025-48828 started shortly after disclosure.

Patterns of concerning behavior led Google to remove trust in certificates from Chunghwa Telecom and Netlock from Chrome.

Russian national Vitaly Nikolaevich Kovalev is believed to be the leader of the Conti and TrickBot cybercrime groups.

The critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely.

Counter antivirus services such as AVCheck allow cybercriminals to test whether their malware is detected by antivirus products.

Elected officials, business executives and other prominent figures in recent weeks received messages from someone impersonating Susie Wiles.

Noteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of SilverRAT emerges online.

Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages.