A Chinese state-linked threat group, identified as UAT-6382, has exploited a previously patched vulnerability in Trimble Cityworks software to compromise local government networks in the United...

The U.S. Department of Justice (DoJ) announced the takedown of the DanaBot malware infrastructure and unsealed indictments against 16 individuals accused of fueling a global malware-as-a-service...

A U.S. federal jury has ordered Israeli surveillance firm NSO Group to pay Meta-owned WhatsApp nearly $168 million in damages, concluding a high-profile legal battle over the use of Pegasus spyware...

The United States has indicted 36-year-old Rami Khaled Ahmed, a Yemeni national, for allegedly developing and operating the Black Kingdom ransomware, which targeted Microsoft Exchange servers in over...

The Irish Data Protection Commission (DPC) has imposed a hefty €530 million (approximately $601 million) fine on TikTok for unlawfully transferring the personal data of users in the European Economic...

Hertz Corporation has confirmed a data breach that compromised personal information of customers associated with its Hertz, Thrifty, and Dollar brands. The breach stemmed from zero-day vulnerabilit...

A critical security flaw has been discovered in WhatsApp Desktop for Windows, allowing attackers to execute malicious code through seemingly harmless file attachments. Tracked as CVE-2025-30401, this...

A new cyber campaign known as PoisonSeed is targeting users with cryptocurrency seed phrase scams by hijacking customer relationship management (CRM) platforms and email marketing tools to spread...

Cybercriminals are leveraging the WordPress Must-Use Plugins (MU-Plugins) directory to inject and execute malicious code on websites while evading detection, posing a growing threat to website...

OpenAI has significantly increased its top bug bounty reward to $100,000 for critical security vulnerabilities, a fivefold jump from the previous cap of $20,000. This move underscores OpenAI’s...

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding a critical authentication bypass vulnerability in Fortinet’s FortiOS and FortiProxy, which is being actively...

A new malware campaign is spreading the SilentCryptoMiner cryptocurrency miner by disguising it as a tool for bypassing internet restrictions. Russian cybersecurity firm Kaspersky reports that...

A massive $1.5 billion cryptocurrency theft from exchange Bybit has been linked to North Korea’s infamous Lazarus hacking group, marking the largest crypto heist in history. Bybit Security Breach The...

A significant security breach has exposed 2.7 billion records containing sensitive user data, including Wi-Fi network names, passwords, IP addresses, and device identifiers. The breach has been...

A coordinated international law enforcement effort has resulted in the arrest of four suspected members of the Phobos ransomware gang in Phuket, Thailand, and the seizure of 8Base’s dark web sites....

Apple has released iOS 18.3.1 and iPadOS 18.3.1 to address a zero-day vulnerability that was exploited in highly sophisticated attacks. The flaw allowed attackers to disable USB Restricted Mode, a...

A large-scale brute force attack is underway, using nearly 2.8 million IP addresses to target networking devices from Palo Alto Networks, Ivanti, SonicWall, and others. Brute force attacks involve...