3 related articles · 82% similarity

Google released an emergency Chrome update to address a critical zero-day vulnerability actively exploited in the wild. This is the fifth such vulnerability patched this year, highlighting the importance of immediate updates to protect against attacks.

2 related articles · 91% similarity

North Korean hackers deployed 67 malicious packages to the npm registry, distributing a new malware loader called XORIndex. This continues their ongoing Contagious Interview campaign, highlighting a sophisticated and concerning threat to the software supply chain.

2 related articles · 90% similarity

A sophisticated cyber campaign, employing the novel HazyBeacon malware, leverages AWS Lambda functions to infiltrate Southeast Asian government organizations and steal sensitive data. The attackers utilize legitimate cloud communication channels for command and control, highlighting the risks of cloud-based infrastructure exploitation.

2 related articles · 89% similarity

Cloudflare reported mitigating a record-breaking 7.3 Tbps DDoS attack in Q2 2025, exceeding the total number of attacks blocked in all of 2024. These hyper-volumetric attacks targeted key global sectors, highlighting a significant increase in the scale and frequency of DDoS threats.

2 related articles · 89% similarity

A new, sophisticated variant of the Konfety Android malware is evading detection by employing advanced obfuscation techniques, including malformed APK structures and dynamic code manipulation. These methods allow the malware to bypass security measures and potentially steal sensitive user data.

2 related articles · 85% similarity

MITRE has released the AADAPT framework, an extension of the ATT&CK framework, designed to enhance cybersecurity defenses within financial systems. AADAPT focuses on detecting and responding to cyberattacks targeting traditional finance and cryptocurrency, providing crucial documentation for identifying and mitigating vulnerabilities.

2 related articles · 80% similarity

The open-source AsyncRAT remote access trojan, initially released on GitHub in 2019, has spawned numerous dangerous variants, creating a complex and widespread cyber threat. Its easily accessible code has democratized cybercrime, enabling a surge in global malware activity.

2 related articles · 79% similarity

Cybercriminals are exploiting Scalable Vector Graphics (SVG) files to redirect users to malicious websites without requiring clicks or macros. This technique, hiding obfuscated JavaScript within SVG images, allows for stealthy, zero-click phishing attacks, bypassing traditional security measures.

2 related articles · 88% similarity

A serious cybersecurity flaw allows hackers to remotely trigger train brakes, a vulnerability known for at least two decades. Both End-of-Train and Head-of-Train systems are susceptible, highlighting a long-standing lack of adequate security measures in the US railway system.

2 related articles · 88% similarity

Elmo's verified X account was compromised, resulting in the posting of antisemitic threats and other hateful messages. Sesame Workshop regained control of the account, highlighting the vulnerability of even high-profile social media accounts to hacking. The incident underscored the spread of harmful content online.

4 related articles · 85% similarity

The Interlock ransomware group is deploying a new PHP-based remote access trojan (RAT) variant through a sophisticated 'FileFix' injection method, targeting various industries via compromised websites. This technique leverages legitimate websites to deliver the malware, making detection more challenging.

3 related articles · 85% similarity

Multiple news outlets report critical vulnerabilities in Gigabyte motherboard UEFI firmware, allowing attackers to bypass Secure Boot and install persistent malware. Gigabyte users are urged to update their firmware immediately to mitigate the risk of compromise.

4 related articles · 81% similarity

Multiple reports reveal vulnerabilities in Google's Gemini AI, allowing attackers to inject malicious prompts and create seemingly legitimate email summaries containing hidden phishing instructions. These flaws enable attackers to bypass security measures and trick users into revealing sensitive information.

2 related articles · 89% similarity

xAI's new Grok-4 large language model (LLM) was compromised within two days of its release via sophisticated 'whispered' jailbreaks, highlighting vulnerabilities in its safety mechanisms and prompting concerns about AI security.

2 related articles · 92% similarity

The Iranian-backed Pay2Key ransomware-as-a-service (RaaS) operation has resurfaced, offering increased incentives to affiliates targeting US and Israeli organizations. This resurgence follows recent geopolitical tensions in the region, suggesting a potential link between cyberattacks and international conflict.

3 related articles · 90% similarity

Malicious code was injected into the popular Gravity Forms WordPress plugin via a supply chain attack, affecting versions available for download on the official website. This compromise potentially exposes millions of WordPress sites to malware and data breaches.

4 related articles · 86% similarity

A critical, actively exploited remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server allows attackers to execute arbitrary commands with root privileges. Multiple security sources confirm widespread exploitation, urging immediate patching.

5 related articles · 86% similarity

Researchers have demonstrated a new Rowhammer attack, dubbed GPUHammer, targeting NVIDIA GPUs. This attack can degrade the accuracy of AI models, prompting NVIDIA to urge users to enable System-level Error Correction Codes (ECC) as a mitigation strategy. The vulnerability affects GDDR6 GPUs.

2 related articles · 85% similarity

Analysis of metadata from the FBI's Jeffrey Epstein prison video reveals nearly three minutes of missing footage. While there's no evidence of deceptive manipulation, the modifications fuel conspiracy theories and raise concerns about transparency in the investigation.

2 related articles · 87% similarity

The Model Context Protocol (MCP), a key technology supporting agentic AI, suffers from critical security vulnerabilities. These flaws, present across the MCP ecosystem, expose organizations rapidly adopting this technology to new and significant attack vectors. The vulnerabilities highlight the urgent need for robust security measures in the burgeoning field of agentic AI.

2 related articles · 86% similarity

AMD has revealed four new vulnerabilities in its processors, allowing potential data leaks through timing attacks. These flaws affect a wide range of chipsets and could enable attackers to steal sensitive information from enterprise systems.

3 related articles · 85% similarity

A Russian professional basketball player was arrested in France at the request of the US for allegedly negotiating ransomware payments, despite claims of technological ineptitude. The player denies involvement, highlighting the complexities of international cybercrime investigations. The case underscores the unexpected involvement of seemingly unrelated individuals in cybercriminal activities.

3 related articles · 83% similarity

Multiple reports reveal significant security flaws in eSIM technology, exposing billions of IoT devices and smartphones to hacking, cloning, and spying. These vulnerabilities stem from both hardware and software weaknesses, highlighting a widespread security risk requiring urgent industry action.

4 related articles · 82% similarity

Multiple critical security vulnerabilities in Fortinet's FortiWeb have been patched, with publicly available exploits now circulating. These flaws allow for remote code execution and database compromise, urging immediate updates to prevent attacks.

6 related articles · 79% similarity

Four individuals, including three teenagers, were arrested by the UK's National Crime Agency for their alleged involvement in significant cyberattacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The attacks resulted in an estimated £440 million in losses and are potentially linked to the 'Scattered Spider' cybercriminal group.

5 related articles · 78% similarity

A critical Bluetooth vulnerability, dubbed PerfektBlue, affects millions of vehicles from Mercedes, Volkswagen, and Skoda, potentially allowing remote code execution. The flaws reside in OpenSynergy's BlueSDK Bluetooth stack and impact a wide range of devices beyond automobiles.

3 related articles · 90% similarity

Ingram Micro experienced a significant ransomware attack impacting online services, causing disruptions for customers. The company has since successfully restored systems and resumed normal operations across all regions. The attack's specific details and extent of data compromise remain undisclosed.

3 related articles · 88% similarity

A data breach at Qantas has compromised the personal information of 5.7 million customers, including names, addresses, contact details, and potentially other sensitive data. The airline is investigating the incident and notifying affected individuals, emphasizing the scale of the security lapse.

3 related articles · 86% similarity

A high-severity vulnerability in ServiceNow allows low-privileged users to access restricted data due to misconfigured access control lists (ACLs). This flaw, tracked as CVE-2025-3648, enables data exfiltration and requires immediate patching by administrators to mitigate risk.

2 related articles · 82% similarity

A zero-day exploit targeting network equipment at Nippon Steel Solutions led to a data breach affecting both customer and employee information. While the compromised data hasn't yet surfaced on the dark web, the company is investigating the extent of the breach and potential impact.

9 related articles · 81% similarity

A severe security flaw in McDonald's AI-powered hiring platform, McHire, exposed the personal data of approximately 64 million job applicants. The vulnerability stemmed from easily guessable default credentials, allowing unauthorized access to sensitive information including chats and contact details.

4 related articles · 79% similarity

A critical vulnerability (CVE-2025-5777), dubbed 'CitrixBleed 2', affecting Citrix NetScaler ADC and Gateway is actively being exploited. CISA has added it to its KEV catalog, urging immediate patching due to the unacceptable risk. Proof-of-concept exploit code has been publicly released.

3 related articles · 76% similarity

The US Treasury Department sanctioned individuals and entities linked to North Korea's Andariel hacking group for their involvement in a fraudulent IT worker scheme that utilized malware. These sanctions target those responsible for the scheme's financial operations and cyberattacks.

2 related articles · 75% similarity

Cybersecurity professionals are increasingly utilizing the dark web to understand and counteract criminal activities. This involves analyzing dark market dynamics and employing proactive strategies to identify vulnerabilities and threats before they can be exploited.