Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Pre‑disclosure exploitation of Citrix Bleed 2 and Cisco ISE RCE identified in broad campaign
Amazon Threat Intelligence has documented a large-scale campaign abusing two critical 0‑day vulnerabilities: CVE-2025-5777 (Citrix Bleed 2) affecting NetScaler ADC/Gateway ...
Malicious npm Package @acitons/artifact Was a GitHub Red Team Drill — What Happened and How to Protect CI/CD
Security researchers at Veracode reported a malicious npm package, @acitons/artifact, masquerading as the legitimate @actions/artifact and targeting GitHub Actions environments. ...
Logitech Confirms Data Breach as Clop Targets Oracle E‑Business Suite Zero‑Day
Logitech has notified the U.S. Securities and Exchange Commission (SEC) of an incident involving unauthorized access to company data, later ...
Operation Endgame: 1,025 C2 Servers Disrupted in Europol-Led Takedown of Rhadamanthys, VenomRAT, and Elysium
Law enforcement from nine countries—Australia, Canada, Denmark, France, Germany, Greece, Lithuania, the Netherlands, and the United States—executed a coordinated strike ...
Konni APT exploits Google’s Find My Device to track and factory‑reset Android phones via KakaoTalk phishing
Konni, a threat cluster linked to North Korea, has expanded its tactics by abusing Google Find Hub (commonly known as ...
Google Targets Lighthouse PhaaS Behind iMessage/RCS Smishing Impersonating USPS and E‑ZPass
Google has filed a federal lawsuit against Lighthouse, a phishing‑as‑a‑service (PhaaS) platform allegedly used by threat actors to run high‑volume ...
Android Malware Update: 239 Malicious Google Play Apps and a 67% Surge in Mobile Attacks
Mobile threats accelerated sharply over the past year, according to new data from Zscaler. From June 2024 to May 2025, ...
Amazon Fire TV to Block Unauthorized Apps via Firmware Updates
Amazon is rolling out system-level restrictions on Fire TV devices that will prevent unauthorized apps—including popular piracy-focused streaming clients—from running ...
Operation SkyCloak: Tor‑obfuscated OpenSSH backdoor targets defense and government entities in Russia and Belarus
Researchers from Cyble and Seqrite Labs have uncovered a targeted espionage operation, dubbed Operation SkyCloak, that focuses on defense and ...
Cisco issues out-of-band fixes for UCCX: Critical Java RMI RCE and CCX Editor authentication bypass
Cisco has shipped out-of-band security updates for Unified Contact Center Express (UCCX), addressing multiple flaws, including two critical vulnerabilities: CVE-2025-20354 ...
