Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Apple Fixes Two Actively Exploited WebKit Zero‑Days in Emergency Security Updates
Apple has released a series of unscheduled security updates to address two zero‑day vulnerabilities in the WebKit browser engine. According ...
SantaStealer Malware-as-a-Service: New Password Stealer Exposed by Security Researchers
A new password-stealing malware called SantaStealer has appeared on underground markets, heavily promoted in Telegram channels and on hacking forums ...
Pornhub Premium Data Exposure via Mixpanel Hack: What the ShinyHunters Attack Really Means
One of the most sensitive privacy incidents in recent years has affected the adult platform Pornhub after the cybercriminal group ...
Kali Linux 2025.4: Wayland, Desktop Security and a Stronger Kali NetHunter
The final quarterly release of Kali Linux 2025.4 marks a strategic shift for the leading penetration testing distribution. In addition ...
Critical Apache Tika Vulnerability CVE-2025-66516 Allows XXE Attacks via PDF XFA Forms
A new critical vulnerability in Apache Tika, tracked as CVE-2025-66516, has been disclosed with the maximum CVSS score of 10.0. ...
Europol’s Operation Olympia Dismantles Long-Running Cryptomixer Used for Bitcoin Laundering
International law enforcement agencies have taken down Cryptomixer, one of Europe’s longest-running cryptocurrency mixing services, in a coordinated operation targeting ...
FBI Warns of AI‑Powered Virtual Kidnapping Scams Using Deepfake Evidence
The FBI is warning about a growing wave of AI‑powered virtual kidnapping scams in which criminals use manipulated photos and ...
Google Patches New Chrome Zero-Day in LibANGLE Metal Renderer
Update: The vulnerability has been formally assigned CVE-2025-14174 and added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. The same CVE ...
PCIe IDE Vulnerabilities Expose Weaknesses in Hardware-Level Encryption
Three newly disclosed vulnerabilities in the PCI Express Integrity and Data Encryption (PCIe IDE) mechanism highlight that even modern hardware ...
Trojan.ChimeraWire: New Windows Malware Turns Chrome into a Stealth SEO Click Fraud Engine
Security analysts at Doctor Web have reported the discovery of Trojan.ChimeraWire, an unusual Windows-focused Trojan that weaponizes the Google Chrome ...
