Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
Microsoft’s Offensive Research and Security Engineering (MORSE) team has discovered a critical security vulnerability in Canon printer drivers that poses a significant threat to enterprise and consumer systems. The flaw, assigned CVE-2025-1268 with a severe CVSS score of 9.4, affects a wide range of Canon printing devices, including industrial printers, office multifunction devices, and laser … Read more
Cybersecurity researchers at ThreatFabric have identified a sophisticated new Android malware strain called Crocodilus, specifically engineered to target cryptocurrency assets through advanced social engineering tactics. This dangerous trojan demonstrates unprecedented capabilities in bypassing modern Android security mechanisms while employing psychological manipulation to steal crypto wallet seed phrases. Technical Capabilities and Distribution Methods Crocodilus employs a … Read more
Palo Alto Networks has revealed detailed findings from their investigation into a sophisticated supply chain attack targeting GitHub Actions ecosystem. The incident, which impacted more than 23,000 repositories, originated from the compromise of SpotBugs, a popular static analysis tool, in November 2024. This attack represents one of the most significant security breaches in the GitHub … Read more
Security researchers at Sonatype have uncovered a sophisticated supply chain attack targeting multiple popular npm packages, some of which have been fundamental to the JavaScript ecosystem for nearly a decade. The attack specifically targeted ten packages primarily used in cryptocurrency operations, implementing malicious code designed to steal sensitive developer credentials and confidential data. Critical Impact … Read more
A groundbreaking security research conducted by PT SWARM has revealed a sophisticated new exploitation technique that combines multiple known Intel processor vulnerabilities, significantly amplifying the potential impact of attacks on affected devices. The research demonstrates how the coordinated exploitation of previously documented vulnerabilities (CVE-2017-5705, CVE-2017-5706, CVE-2017-5707, CVE-2019-0090, CVE-2021-0146) can lead to complete compromise of system … Read more
A significant cybersecurity incident has struck British postal service provider Royal Mail, resulting in the exposure of 144GB of sensitive data on a prominent hacking forum. The breach, which also affected Royal Mail’s data processing partner Spectos GmbH, represents one of the most substantial data compromises in the postal sector this year. Breach Timeline and … Read more
Oracle has officially confirmed a significant data breach affecting its legacy Oracle Cloud Classic infrastructure, exposing sensitive corporate client credentials. The incident, discovered in early 2025, impacts authentication data stored in systems last actively used in 2017, marking one of the most substantial security incidents in the company’s recent history. Breach Discovery and Initial Response … Read more
Leading cybersecurity solutions provider Check Point has firmly rejected claims of a significant data breach after a threat actor attempted to sell what they claimed was critical corporate information. The incident has sparked considerable attention in the cybersecurity community and highlights the importance of verified threat intelligence. Analysis of the Alleged Data Breach A threat … Read more
Microsoft has implemented significant changes to Windows 11’s security architecture by removing the BypassNRO.cmd script from preview builds, effectively limiting users’ ability to create local accounts and install the operating system without an internet connection. This strategic move represents a fundamental shift in Microsoft’s approach to user authentication and system security. Microsoft’s Security Strategy Evolution … Read more
Cybersecurity researchers at Sucuri have uncovered an alarming new attack vector targeting WordPress websites through the Must-Use Plugins (MU-plugins) directory. This sophisticated exploitation technique, first detected in February 2025, demonstrates how threat actors are evolving their tactics to bypass traditional security measures and maintain persistent access to compromised websites. Understanding the Must-Use Plugins Security Risk … Read more
