Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF
Wiz Security claims Moltbook misconfiguration allowed full read and write access
NSA released new guidelines to help organizations achieve target-level Zero Trust maturity
A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says
Bitdefender has discovered a new Android malware campaign that uses Hugging Face
Linwei Ding, a former Google engineer, has been found guilty of stealing trade secrets for China
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers
The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran
Cyber fraudsters targeting corporate finance departments costs businesses millions a year
Google has taken coordinated action against the massive IPIDEA residential proxy network, enhancing customer protections and disrupting cybercrime operations
The FBI outlines ten actions which organizations can take to defend networks against cybercriminal and nation-state threats
The French data protection regulator said that France Travail’s response to a 2024 data breach violated GDPR
CISA urges action against insider threats with publication of a new infographic offering strategies to manage risks
The dark web forum administrator confirmed the takedown and said they had “no plans to rebuild”
Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report
Non-profit ITRC says the number of data breaches increased 5% annually to reach a record total in 2025
Cybersecurity is now the fifth fastest-growing occupation in the UK, says Socura
Despite the seemingly widespread adoption of AI for security operations, security leaders primarily use it for “relatively basic use cases,” said a Sumo Logic study
A recent update has fixed 12 vulnerabilities in OpenSSL, some existing in the codebase for years