Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
1Password Introduces Built-In Phishing Protection for Suspicious and Look-Alike URLs
Phishing remains one of the most effective techniques for stealing passwords, even among users who rely on password managers. In ...
Microsoft, BitLocker Recovery Keys, and Law Enforcement: Lessons from the Guam Investigation
In 2024, Forbes reported that Microsoft supplied law enforcement with BitLocker recovery keys to unlock Windows laptops seized in a ...
INC Ransomware: How Cyber Centaurs Recovered Victim Data from Attackers’ Own Backups
A rare incident response case has highlighted a critical blind spot in many organizations’ ransomware defenses. Cybersecurity firm Cyber Centaurs ...
GitLab Patches Critical 2FA Bypass and DoS Vulnerabilities: What DevSecOps Teams Must Know
GitLab has shipped out-of-band security updates to address a critical two-factor authentication (2FA) bypass and several denial-of-service (DoS) vulnerabilities in ...
Luxshare Ransomware Attack Puts Apple and Global Electronics Supply Chain Under Scrutiny
A major ransomware incident at Chinese electronics manufacturer Luxshare, one of Apple’s key contract partners, is drawing attention to the ...
Curl Ends HackerOne Bug Bounty After Surge of AI‑Generated Vulnerability Reports
The Curl project is phasing out its bug bounty program on HackerOne after a sharp rise in low‑quality, often AI‑generated ...
PhantomCore Phishing Campaign Uses PowerShell Backdoor Against Russian and Belarusian Organizations
In January, security analysts observed a new wave of targeted phishing attacks linked to the PhantomCore threat group. According to ...
Zendesk Relay Spam Attack Exploits Global Helpdesk Systems
Users worldwide are reporting an unusual wave of spam emails arriving not from shady domains, but from legitimate customer support ...
Fortinet FortiGate Firewalls Under Massive Attack via FortiCloud SSO Vulnerability CVE-2025-59718
From mid-January, Fortinet FortiGate firewalls have come under a new wave of highly automated attacks. According to researchers at Arctic ...
Google Gemini Prompt Injection via Google Calendar Exposes New AI Security Risk
Researchers from Miggo Security have demonstrated a novel prompt injection technique against the Google Gemini AI assistant that abuses standard ...
