Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Fake GitHub Repositories Push Atomic Stealer (AMOS) to macOS Users via SEO Poisoning
Threat actors are abusing search engine optimization (SEO) to seed fake GitHub repositories that impersonate well-known macOS software and redirect ...
Critical OxygenOS flaw CVE-2025-10184 exposes SMS on OnePlus phones
Security researchers at Rapid7 have disclosed a critical flaw in multiple versions of OxygenOS, the Android-based firmware used on OnePlus ...
BO Team rewrites BrockenDoor in C# and expands ZeronetKit as phishing targets Russian organizations
At the start of September 2025, Kaspersky researchers observed a renewed campaign by the hacktivist collective BO Team—also tracked as ...
Cisco zero‑day in IOS/IOS XE SNMP (CVE‑2025‑20352) enables DoS and potential RCE: what to do now
Cisco has disclosed an actively exploited zero‑day vulnerability, CVE‑2025‑20352, that affects all supported releases of IOS and IOS XE. The ...
PSF warns of new PyPI phishing campaign targeting maintainers and developers
The Python Software Foundation (PSF) has alerted the community to a fresh wave of phishing emails impersonating Python Package Index ...
New XCSSET macOS variant hijacks clipboard and steals Firefox data
Microsoft Threat Intelligence has identified a refreshed iteration of the modular macOS malware XCSSET. The campaign introduces two high‑impact capabilities—clipboard ...
Real-Time Deepfakes Go Mainstream: $50 Video, $30 Voice on the Dark Web
Dark web marketplaces are advertising real-time video and audio deepfakes priced from $50 per video and $30 per voice clone. ...
RCMP Shutters TradeOgre and Seizes $40M in Crypto: Canada’s First Full Exchange Takedown
The Royal Canadian Mounted Police (RCMP) has taken the privacy-focused cryptocurrency exchange TradeOgre offline and seized more than $40 million ...
FBI warns of fake IC3.gov websites leveraging typosquatting and search ads
The FBI has issued a warning about a rise in counterfeit websites impersonating the Internet Crime Complaint Center (IC3) at ...
SonicWall urges immediate password rotation after API attack exposes cloud firewall backups
SonicWall has advised customers to immediately rotate passwords, shared secrets, and cryptographic keys after attackers obtained access to cloud-stored firewall ...
