Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
RuStore and F6 Disrupt DeliveryRAT Android MaaS Campaign, Blocking 604 Domains
F6 researchers, in coordination with RuStore, have dismantled one of the most active Android-focused cybercrime operations of 2024 by blocking ...
Pirated Video Revenues Fall 14.5% in H1 2025 as Anti-Piracy and Brand-Safety Squeeze CPM
The underground market for pirated video is shrinking financially even as its infrastructure expands. According to F6 estimates, distributors of ...
Plex confirms database access incident: what was exposed and how to secure your account
Streaming platform Plex has notified users about unauthorized access to one of its databases. According to the company, the intruder ...
Malicious Releases of chalk and strip-ansi Expose npm’s Transitive Dependency Risk in Web3‑Focused Supply Chain Attack
A coordinated phishing campaign against a high-profile npm maintainer enabled attackers to publish malicious versions of widely used JavaScript packages, ...
Google’s AI Mode in Search: What Changes, Who’s Affected, and the Security Risks to Plan For
Google is preparing a notable shift in its Search interface: users will soon be able to set an AI mode ...
TP-Link confirms TR‑069/CWMP zero‑day in consumer routers: what to know and how to mitigate
TP-Link has confirmed a previously unknown (0‑day) vulnerability in its implementation of the TR‑069/CWMP remote management protocol used by consumer ...
Largest npm Supply Chain Attack Reaches 10% of Cloud Environments—but Nets Only Dollars
A record-scale npm supply chain incident briefly inserted malicious code into widely used JavaScript libraries, touching an estimated 10% of ...
Hacker Accidentally Installs Huntress EDR, Triggering Months of Telemetry and a Privacy Debate
An unusual incident involving Huntress’s endpoint detection and response (EDR) agent has reignited debate over the scope of EDR telemetry, ...
Record-Scale UDP Flood Hits European DDoS Provider: 1.5 Billion PPS Underscores Packet-Rate Risks
An unnamed European DDoS filtering provider recently withstood one of the most intense packet-rate attacks recorded: a peak of 1.5 ...
iCloud Calendar invites abused to deliver callback phishing that evades email filters
Threat actors are exploiting iCloud Calendar invitations to deliver convincing “purchase receipts” that originate from Apple infrastructure and pass SPF, ...
