Since the beginning of 2025, researchers from Kaspersky have observed a new wave of targeted cyber‑espionage operations by the Tomiris APT group against government institutions in Russia and several CIS countries. The campaign focuses primarily on ministries of foreign affairs and diplomatic missions, with the estimated number of affected users exceeding 1,000 accounts within a … Read more

Security researchers at SquareX have disclosed a critical vulnerability in the Comet AI browser by Perplexity, linked to a poorly documented Model Context Protocol (MCP) API and hidden built‑in extensions. The flaw, now patched, could in theory enable command execution on a user’s machine outside the normal browser sandbox. While Perplexity has silently rolled out … Read more

The team behind GrapheneOS, one of the most prominent privacy‑ and security‑focused Android forks, is fully withdrawing its infrastructure from France and accelerating its exit from hosting provider OVH. The project attributes this move to what it describes as an increasingly hostile regulatory environment in France toward strong encryption and privacy-preserving services. Why GrapheneOS Is … Read more

A newly documented cyber‑espionage campaign known as PlushDaemon demonstrates how attackers can abuse trusted software update mechanisms by first compromising routers and then hijacking update traffic. According to new research from ESET, the group uses a custom toolset, including the EdgeStepper malware, to silently redirect update requests and deliver backdoors instead of legitimate patches. PlushDaemon … Read more

Generative AI is no longer just a productivity tool for developers and enterprises. In parallel to legitimate platforms, an underground ecosystem of large language models (LLMs) purposely trained and configured for cybercrime is rapidly emerging. Recent research by Palo Alto Networks into two such models — the commercial WormGPT 4 and the free KawaiiGPT — … Read more

A cybercrime group known as Bloody Wolf has launched a new wave of targeted attacks against organizations in Central Asia, focusing on Kyrgyzstan and Uzbekistan. Since June 2025, the group has been actively compromising financial institutions, government agencies and IT companies, turning a regional threat into a significant security concern for the wider Central Asian … Read more

The Tor Project is rolling out a new traffic encryption algorithm, Counter Galois Onion (CGO), designed to replace its legacy tor1 scheme. This upgrade aims to improve user anonymity, strengthen resistance to traffic manipulation and correlation, and align the Tor protocol with modern cryptographic best practices. Why the Tor network is moving away from the … Read more

Security researchers at Morphisec have identified a targeted malware campaign that abuses Blender, a popular open-source 3D creation suite, to deliver the StealC V2 infostealer. Attackers upload infected .blend project files to major 3D asset marketplaces such as CGTrader, putting freelance artists, studios, and production pipelines at risk whenever they download third‑party models. How malicious … Read more

Owners of Keenetic routers have reported that their devices upgraded to a new firmware version even though automatic updates were disabled. Keenetic representatives confirmed a forced KeeneticOS firmware update, explaining that it was triggered by a critical security vulnerability affecting the protection of home and office networks. Critical KeeneticOS Vulnerability: CWE‑521 Weak Password Requirements In … Read more

Google has released an emergency security update for Google Chrome to fix CVE-2025-13223, a critical zero-day vulnerability rated 8.8 on the CVSS scale. The flaw has already been used in real-world attacks, making it the seventh actively exploited Chrome zero‑day in 2025 and reinforcing the browser’s status as a prime target for advanced threat actors. … Read more