Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
GrapheneOS Pulls Infrastructure Out of France Over Encryption Regulation Concerns
The team behind GrapheneOS, one of the most prominent privacy‑ and security‑focused Android forks, is fully withdrawing its infrastructure from ...
PlushDaemon: How Router Hijacking Turns Software Updates into a Cyber‑Espionage Weapon
A newly documented cyber‑espionage campaign known as PlushDaemon demonstrates how attackers can abuse trusted software update mechanisms by first compromising ...
Criminal LLMs: How WormGPT 4 and KawaiiGPT Turn Generative AI into a Cybercrime Tool
Generative AI is no longer just a productivity tool for developers and enterprises. In parallel to legitimate platforms, an underground ...
Bloody Wolf Expands Targeted Cyber Attacks Across Central Asia with NetSupport RAT
A cybercrime group known as Bloody Wolf has launched a new wave of targeted attacks against organizations in Central Asia, ...
Tor Project Deploys Counter Galois Onion (CGO) to Upgrade Traffic Encryption
The Tor Project is rolling out a new traffic encryption algorithm, Counter Galois Onion (CGO), designed to replace its legacy ...
StealC V2 Infostealer Distributed via Malicious Blender .blend Files on 3D Marketplaces
Security researchers at Morphisec have identified a targeted malware campaign that abuses Blender, a popular open-source 3D creation suite, to ...
Forced Keenetic Router Firmware Update: Critical CWE‑521 Password Vulnerability Explained
Owners of Keenetic routers have reported that their devices upgraded to a new firmware version even though automatic updates were ...
Google patches actively exploited Chrome zero‑day CVE-2025-13223 in V8 and WebAssembly
Google has released an emergency security update for Google Chrome to fix CVE-2025-13223, a critical zero-day vulnerability rated 8.8 on ...
Malicious npm Packages Abuse Adspect Cloaking to Deliver Crypto Scams
Researchers at Socket have identified seven malicious npm packages that weaponized the cloud-based traffic service Adspect to hide their behavior ...
ShadowRay 2.0 Exploits CVE-2023-48022 in Ray to Build Self-Spreading AI Botnet
Attackers are actively abusing a critical remote code execution (RCE) vulnerability CVE-2023-48022 in the popular Ray framework to hijack artificial ...
