Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives...

Reading this, I kept hoping that we’d find out it’s just a hoax. But alas… Kevin Collier reports: A hacker has exploited a leading artificial intelligence chatbot to conduct the most comprehensive...

Cybercrime forum 'Leak Zone' has inadvertently exposed its own users' IP addresses and login times in a massive data leak of over 22 million records.

Cybercrime forum 'Leak Zone' has inadvertently exposed its own users' IP addresses and login times in a massive data leak of over 22 million records.

The author of this post is a member of the CTF team Shellphish. His team, a world-renowned one at that, had earned its way to compete in the DEFCON CTF this year. This is the Olympics of hacking...

A podcast from JacksonLewis: Class action lawsuits in response to data breaches have skyrocketed as plaintiffs look to take advantage of courts’ perceived leniency regarding standing. On this...

Back in late June, Citrix posted a patch for CVE-2025–6543, which they described as “Memory overflow vulnerability leading to unintended control flow and Denial of Service”. Denial of service?...

Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously claimed....

Google reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to access Google Workspace email accounts in addition to...

This week, Joe encourages you to find your community in cybersecurity and make the effort to grow, network and hack stuff together.

In recent months, Trustwave SpiderLabs, A LevelBlue Company, saw a significant increase in phishing URLs containing familiar patterns, similar phishing templates, and a resurgence in the use of...

When companies have big breaches, they have to notify the big credit reporting agencies. However, it is now one of the major credit reporting agencies that must send notifications. TransUnion has...

The U.S. Treasury's Office of Foreign Assets Control (OFAC) has sanctioned two individuals and two companies associated with North Korean IT worker schemes that operate at the expense of American...

Google is working to resolve authentication failures preventing users from signing into their Clever and ClassLink accounts on some ChromeOS devices. [...]

Cloudflare now lets websites and bot creators use Web Bot Auth to segment agents from verified bots, making it easier for customers to allow or disallow the many types of user and partner directed.

Explore Recorded Future’s H1 2025 malware & vulnerability trends: key exploited CVEs, most-targeted vendors (Microsoft, edge devices), ransomware & mobile malware shifts — practical guidance to...

Anthropic's Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. [...]

Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. [...]

Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible. [...]

The FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in Amsterdam that hosted the online operation. [...]

CERT Polska has received a report about 6 vulnerabilities (from CVE-2025-54540 to CVE-2025-55175) found in OpenSolution QuickCMS software.

A big monetary penalty was anticipated for SK Telecom after a massive data breach. Now we know how big. Muhammad Zulhusni reports: South Korea’s biggest mobile carrier has been hit with a record...

Keoni Everington reports: Two alleged Taiwanese clients of a Chinese ransomware group behind attacks on the Mackay Memorial Hospital and other targets in Taiwan have been arrested and released on...

MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its network in April. [...]

Shadow IT isn't theoretical—it's everywhere. Intruder uncovered exposed backups, open Git repos, and admin panels in just days, all hiding sensitive data. Make your hidden assets visible before...

Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States. [...]

From Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities in Europe, August 2025 saw no shortage of impactful cybersecurity news

Five years ago, I wrote about the lessons yet to be learned from Stuxnet[1] and have read a recent article by an industry opinion leader on the same theme. The author states several lessons which...

UpGuard researchers discover misconfigured AI chatbots are leaking explicit user fantasies and illegal content to the web.

UpGuard researchers discover misconfigured AI chatbots are leaking explicit user fantasies and illegal content to the web.