Mastodon Mastodon Mastodon Mastodon

Cybersecurity News

Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.

Hand holding a fiery orb balances against a stack of mysterious papers.

Mozilla to Require Data Collection Disclosures for Firefox Extensions

CyberSecureFox Editorial Team

Mozilla is introducing mandatory data collection disclosures for Firefox extensions, detailed in the official Mozilla Add-ons blog announcement. The new ...

Building with flaming rooftop labeled "Windows Server" amidst suburban offices.

Microsoft patches critical WSUS RCE (CVE-2025-59287) amid active exploitation

CyberSecureFox Editorial Team

Microsoft has released out-of-band security updates to address a critical flaw in Windows Server Update Services (WSUS), tracked as CVE-2025-59287. ...

Businessman in suit appears troubled, surrounded by digital symbols and a hooded figure.

BlueNoroff’s GhostCall and GhostHire: macOS-focused campaigns hitting crypto and Web3 firms

CyberSecureFox Editorial Team

Kaspersky researchers have identified two coordinated BlueNoroff operations—GhostCall and GhostHire—active since April 2025 and aimed primarily at cryptocurrency and Web3 ...

Beautiful view of a canal and historic architecture under cloudy skies.

Memento Labs Confirms Dante Spyware Used in ‘Forum Troll’ Campaign Exploiting Chrome CVE‑2025‑2783

CyberSecureFox Editorial Team

Memento Labs CEO Paolo Lezzi has confirmed that the spyware known as Dante—recently detected by Kaspersky during live operations—is a ...

Laptop on building rooftop emitting smoke and flames, displaying "SYSTEM FAILURE."

Brash vulnerability in Blink enables document.title DoS against Chromium browsers

CyberSecureFox Editorial Team

A newly disclosed vulnerability known as Brash abuses how the Blink rendering engine handles document.title updates, enabling a browser denial‑of‑service ...

Close-up of a worn keyboard key with a Windows logo and "LNK" text.

Mustang Panda Abuses Unpatched Windows LNK Vulnerability (CVE-2025-9491) to Deploy PlugX in Europe

CyberSecureFox Editorial Team

China-linked threat actor UNC6384 (Mustang Panda) has mounted a coordinated cyber-espionage campaign against European diplomatic and government organizations by exploiting ...

Urban scene featuring wildlife near Georgia Tech with a city skyline backdrop.

TEE.Fail: DDR5 Memory-Bus Attack Undermines Attestation in Intel SGX/TDX and AMD SEV‑SNP

CyberSecureFox Editorial Team

Researchers from the Georgia Institute of Technology and Purdue University have disclosed TEE.Fail, a practical attack on trusted execution environments ...

Business team in suits discussing outside a corporate building at sunset.

Ribbon Communications reports suspected state-sponsored intrusion, highlighting telecom supply‑chain risk

CyberSecureFox Editorial Team

Ribbon Communications has disclosed unauthorized access to its IT environment, attributing the activity to a likely state-aligned threat actor. The ...

Digital art contrasting Twitter and X with security symbols on smartphones.

X sets 10 November deadline to re-register passkeys and security keys due to x.com migration

CyberSecureFox Editorial Team

X (formerly Twitter) has notified users that they must re-register their passkeys and hardware security keys used for two‑factor authentication ...

Smartphone displaying a glowing skull, surrounded by ominous clouds and icons.

DeliveryRAT Android Trojan Evolves into Mobile Botnet with DDoS, Phishing Screens, and Mass SMS

CyberSecureFox Editorial Team

Researchers at F6 have documented a substantial evolution of the Android trojan DeliveryRAT, which disguises itself as delivery services, marketplaces, ...