Cybersecurity News
Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
CVE-2025-54236 “SessionReaper” in Adobe Commerce/Magento: Critical REST API Flaw Enables Account Takeover
A critical vulnerability tracked as CVE-2025-54236 and informally dubbed SessionReaper impacts Adobe Commerce and Magento, earning a CVSS 9.1 severity. ...
RuStore and F6 Disrupt DeliveryRAT Android MaaS Campaign, Blocking 604 Domains
F6 researchers, in coordination with RuStore, have dismantled one of the most active Android-focused cybercrime operations of 2024 by blocking ...
Pirated Video Revenues Fall 14.5% in H1 2025 as Anti-Piracy and Brand-Safety Squeeze CPM
The underground market for pirated video is shrinking financially even as its infrastructure expands. According to F6 estimates, distributors of ...
Plex confirms database access incident: what was exposed and how to secure your account
Streaming platform Plex has notified users about unauthorized access to one of its databases. According to the company, the intruder ...
Malicious Releases of chalk and strip-ansi Expose npm’s Transitive Dependency Risk in Web3‑Focused Supply Chain Attack
A coordinated phishing campaign against a high-profile npm maintainer enabled attackers to publish malicious versions of widely used JavaScript packages, ...
Google’s AI Mode in Search: What Changes, Who’s Affected, and the Security Risks to Plan For
Google is preparing a notable shift in its Search interface: users will soon be able to set an AI mode ...
TP-Link confirms TR‑069/CWMP zero‑day in consumer routers: what to know and how to mitigate
TP-Link has confirmed a previously unknown (0‑day) vulnerability in its implementation of the TR‑069/CWMP remote management protocol used by consumer ...
Largest npm Supply Chain Attack Reaches 10% of Cloud Environments—but Nets Only Dollars
A record-scale npm supply chain incident briefly inserted malicious code into widely used JavaScript libraries, touching an estimated 10% of ...
Hacker Accidentally Installs Huntress EDR, Triggering Months of Telemetry and a Privacy Debate
An unusual incident involving Huntress’s endpoint detection and response (EDR) agent has reignited debate over the scope of EDR telemetry, ...
Record-Scale UDP Flood Hits European DDoS Provider: 1.5 Billion PPS Underscores Packet-Rate Risks
An unnamed European DDoS filtering provider recently withstood one of the most intense packet-rate attacks recorded: a peak of 1.5 ...
