BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

U.S. and Dutch agencies dismantled 39 domains tied to $3M BEC fraud schemes run by Saim Raza since 2020 in Operation Heart ...

Malvertising targets Microsoft advertisers via fake Google ads, stealing credentials with phishing pages mimicking ...

Meta-owned WhatsApp disrupted a zero-click spyware campaign by Paragon Solutions, targeting 90 journalists and activists.

Unpatched vulnerabilities in Contec CMS8000 patient monitors expose devices to remote access, file overwrites, and data leaks ...

AI-powered social engineering is on the rise, from deepfake election interference to multimillion-dollar scams.

Broadcom patches five VMware Aria Operations flaws, including CVE-2025-22218 (CVSS 8.5), preventing credential leaks and ...

Europol and seven nations seize Cracked, Nulled, Sellix, StarkRDP, disrupting cybercrime and malware networks.

Italy's data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek's service within the country, ...

Aquabot botnet exploits CVE-2024-41710 in Mitel phones, using a public PoC to deploy DDoS malware since January 2025.

Severe Lightning AI flaw (CVSS 9.4) enabled remote root execution via hidden URL parameter—patched post-October 2024 ...

Google blocked 2.36M harmful Android apps in 2024, banned 158K developers, and secured 10M devices from 36M risky installs to ...