Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
CISA: Critical sudo CVE-2025-32463 actively exploited for Linux privilege escalation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that attackers are actively exploiting CVE-2025-32463, a critical flaw in ...
Battering RAM: Hardware Attack Undermines Intel SGX and AMD SEV‑SNP Protections
Researchers from KU Leuven and the University of Birmingham have disclosed Battering RAM, a hardware attack that defeats key confidential ...
UK issues £1.5bn UKEF guarantee to Jaguar Land Rover after cyberattack: what it means for supply chains and cyber resilience
The UK government has approved a £1.5 billion credit guarantee for Jaguar Land Rover (JLR) under UK Export Finance’s Export ...
Western Digital fixes critical My Cloud command injection (CVE-2025-30247) with firmware 5.31.108
Western Digital has released firmware version 5.31.108 for My Cloud network-attached storage (NAS) devices to remediate CVE-2025-30247, a critical command ...
Discord probes third-party support breach as payment and identity data exposed
On 20 September 2025, Discord disclosed a security incident stemming from a compromise of a third‑party customer support provider. The ...
MatrixPDF Builder Turns Benign PDFs into Click‑Through Phishing Lures That Bypass Gmail Filters
Varonis researchers have identified MatrixPDF, a commercial builder that converts legitimate PDF files into interactive phishing decoys. The tool leverages ...
Unity CVE-2025-59489: Critical Runtime Flaw Enables Code Execution on Android and Potential Privilege Escalation on Windows
A high-severity vulnerability in the Unity Runtime, tracked as CVE-2025-59489 with a CVSS score of 8.4, exposes Unity-built apps to ...
Red Hat probes consulting GitLab breach as Crimson Collective claims 570 GB data theft and 800 CERs exposed
Ransomware group Crimson Collective claims it stole 570 GB of data from about 28,000 internal GitLab repositories associated with Red ...
Classic Outlook for Windows Crashes at Launch: Microsoft Probes Exchange Online Authentication Concurrency Limit
Microsoft is investigating an incident that causes the classic Outlook for Windows client to crash at startup for some Microsoft ...
Google’s Developer Verification Rule Will Gate Sideloaded Apps on Certified Android Devices
Google will require that, starting in 2026, certified Android devices (phones and tablets with Google Mobile Services and Play Protect) ...
