BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

Meta-owned WhatsApp disrupted a zero-click spyware campaign by Paragon Solutions, targeting 90 journalists and activists.

Malvertising targets Microsoft advertisers via fake Google ads, stealing credentials with phishing pages mimicking ...

U.S. and Dutch agencies dismantled 39 domains tied to $3M BEC fraud schemes run by Saim Raza since 2020 in Operation Heart ...

Unpatched vulnerabilities in Contec CMS8000 patient monitors expose devices to remote access, file overwrites, and data leaks ...

Broadcom patches five VMware Aria Operations flaws, including CVE-2025-22218 (CVSS 8.5), preventing credential leaks and ...

AI-powered social engineering is on the rise, from deepfake election interference to multimillion-dollar scams.

Italy's data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek's service within the country, ...

Europol and seven nations seize Cracked, Nulled, Sellix, StarkRDP, disrupting cybercrime and malware networks.

Aquabot botnet exploits CVE-2024-41710 in Mitel phones, using a public PoC to deploy DDoS malware since January 2025.

Google blocked 2.36M harmful Android apps in 2024, banned 158K developers, and secured 10M devices from 36M risky installs to ...

Lazarus Group’s Phantom Circuit hit 233 victims with trojanized software, using React and Node.js for control.