Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
WhatsApp Phone Number Enumeration Exposes 3.5 Billion User Accounts
Researchers from the University of Vienna have demonstrated how a legitimate feature in WhatsApp can be turned into a powerful ...
Google Eases Android Developer Verification and Introduces Advanced Mode for Sideloading
Google is revising its planned Android Developer Verification program after community pushback, adding simplified accounts for small developers and an ...
Checkout.com Confirms Data Breach: ShinyHunters Exploit Legacy Cloud Storage
Global payments provider Checkout.com has disclosed a security incident following unauthorized access to a deprecated third‑party cloud file repository. The ...
Sneaky2FA Uses Browser-in-the-Browser Phishing to Bypass 2FA in Microsoft 365
A popular phishing-as-a-service kit known as Sneaky2FA has added support for browser-in-the-browser (BitB) attacks, dramatically improving its ability to hijack ...
Sturnus Android Banking Trojan: A New Generation of Mobile Banking Malware
A newly identified Android banking trojan named Sturnus is raising concern among mobile security researchers. First documented by ThreatFabric, this ...
Netherlands Police Raid Bulletproof Hosting Infrastructure Linked to Global Cybercrime
Dutch law enforcement has dismantled a major bulletproof hosting operation, seizing around 250 physical servers in data centers in The ...
7-Zip CVE-2025-11001 Actively Exploited on Windows: Critical Update to Version 25.00
The widely used open-source archiver 7-Zip, long perceived as a safe and reliable utility, is now at the center of ...
Critical ImunifyAV/Imunify360 AI-bolit RCE Patched; Shared Hosting at High Risk
CloudLinux has released a fix for a critical remote code execution (RCE) vulnerability in AI-bolit, the malware scanner component bundled ...
Rhadamanthys Info-Stealer Disruption: Signs of German Law-Enforcement Action
Dozens of paying clients of the Rhadamanthys info-stealer report sudden loss of access to their servers and web control panels. ...
Anthropic: Chinese APT GTG-1002 Orchestrates Agentic AI Attacks with Claude Code and MCP
Anthropic has disclosed a mid-September 2025 campaign in which the Chinese-linked APT group GTG-1002 used agentic artificial intelligence—specifically Claude Code ...
