Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Valve pulls BlockBlasters from Steam after malicious update targets cryptocurrency owners
Valve has alerted Steam users to a compromised build of the game BlockBlasters that was used to steal cryptocurrency from ...
CVE-2025-10035 Zero‑Day in Fortra GoAnywhere MFT: Active Exploitation and What Security Teams Should Do Now
Threat actors are actively exploiting CVE-2025-10035, a CVSS 10.0 vulnerability in Fortra GoAnywhere MFT that enables unauthenticated remote command execution. ...
Malicious Rust crates on Crates.io siphon developer secrets via Cloudflare Workers
Two malicious Rust packages on Crates.io—faster_log and async_println—were removed after collecting roughly 8,500 downloads and quietly harvesting private keys and ...
GitHub moves to proactive defenses against software supply chain attacks across GitHub and npm
GitHub has outlined a package of safeguards to blunt escalating software supply chain attacks hitting GitHub repositories and the npm ...
NCA arrests suspect after Collins Aerospace cyberattack disrupts ARINC vMUSE across Europe
The UK’s National Crime Agency (NCA) has arrested a 40-year-old man in West Sussex as part of its investigation into ...
US Secret Service Seizes SIM Farms Near New York, Citing Risk to Cellular Networks
The US Secret Service has seized more than 300 SIM boxes and 100,000 SIM cards across the New York region ...
Adversa Publishes Top 25 Model Context Protocol Vulnerabilities: Risk Ranking and Defenses
Adversa has released what it calls the most comprehensive analysis to date of security risks in the Model Context Protocol ...
600 GB Leak Sheds Light on Great Firewall’s DPI Stack, Tiangou Architecture, and Overseas Rollouts
Researchers from Great Firewall Report have disclosed what appears to be the largest data leak to date involving China’s national ...
Google issues emergency Chrome patch for actively exploited V8 zero‑day CVE‑2025‑10585
Google has shipped an out-of-band security update for Chrome addressing four vulnerabilities, including an actively exploited zero‑day, CVE‑2025‑10585. The critical ...
Apple Threat Notifications 2025: Zero-Click Spyware Targets High-Risk Users
Apple has issued another round of threat notifications warning users about attempts to compromise devices with mercenary-grade spyware. According to ...
