Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Critical Notepad++ Auto-Update Vulnerability Fixed in Version 8.8.9
Developers of the popular text editor Notepad++ have released version 8.8.9 to close a critical vulnerability in the application’s auto-update ...
MITRE’s 2025 CWE Top 25: Most Dangerous Software Weaknesses Security Teams Cannot Ignore
MITRE has published the updated annual ranking of the Top 25 Most Dangerous Software Weaknesses, better known as the CWE ...
Pornhub Data Breach: Mixpanel Disputes Involvement as ShinyHunters Claim Massive Analytics Leak
The reported Pornhub data breach, allegedly exposing premium subscribers’ viewing and search histories, has rapidly become a benchmark case in ...
New Windows RasMan Zero-Day: DoS Vulnerability in Remote Access Connection Manager and 0patch Micropatch
A new Windows zero-day vulnerability has been identified in the Remote Access Connection Manager (RasMan) service, enabling a local user ...
Apple Fixes Two Actively Exploited WebKit Zero‑Days in Emergency Security Updates
Apple has released a series of unscheduled security updates to address two zero‑day vulnerabilities in the WebKit browser engine. According ...
SantaStealer Malware-as-a-Service: New Password Stealer Exposed by Security Researchers
A new password-stealing malware called SantaStealer has appeared on underground markets, heavily promoted in Telegram channels and on hacking forums ...
Pornhub Premium Data Exposure via Mixpanel Hack: What the ShinyHunters Attack Really Means
One of the most sensitive privacy incidents in recent years has hit the adult platform Pornhub after the cybercriminal group ...
Kali Linux 2025.4: Wayland, Desktop Security and a Stronger Kali NetHunter
The final quarterly release of Kali Linux 2025.4 marks a strategic shift for the leading penetration testing distribution. In addition ...
Critical Apache Tika Vulnerability CVE-2025-66516 Allows XXE Attacks via PDF XFA Forms
A new critical vulnerability in Apache Tika, tracked as CVE-2025-66516, has been disclosed with the maximum CVSS score of 10.0. ...
Europol’s Operation Olympia Dismantles Long-Running Cryptomixer Used for Bitcoin Laundering
International law enforcement agencies have taken down Cryptomixer, one of Europe’s longest-running cryptocurrency mixing services, in a coordinated operation targeting ...
