99% of enterprise users have browser extensions but over half carry high-risk permissions. LayerX's 2025 report reveals how everyday extensions expose sensitive data, and what security teams must...

The Commission on Elections (COMELEC) has teamed up with leading technology firms, including Microsoft, to ensure that the upcoming Philippine elections are protected from cyber threats and...

As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online.

Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…

Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, the second of...

Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation and how we can fight one of the most pressing challenges facing our digital world.

Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch

A critical security flaw has been discovered in the Linux kernel's nftables subsystem, which is responsible for packet filtering in modern Linux distributions. This flaw, a double-free...

2025-05-05 • Security Chu • Security Chu • elf.akira, win.akira Open article on Malpedia

Texas Attorney General Ken Paxton has reached a $1.375 billion settlement with tech giant Google, marking the largest amount ever recovered by a single state in a data privacy lawsuit. This...

This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 64 threat intelligence reports and compiled a concise summary of each, along with pertinent metadata that...

Celebrate Mother's Day with SentinelOne as we share three working mothers' stories on how they balance parenthood and cybersecurity.

The Bluetooth Special Interest Group (SIG) has announced Bluetooth Core Specification 6.1, bringing important improvements to the popular wireless communication protocol. [...]

ChatGPT's Deep Research, which allows you to conduct multi-step research for complex tasks, is finally getting an option to save the report as a PDF. [...]

The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on...

For manufacturing organizations throughout Europe, the Middle East, and Africa (EMEA), the rapidly changing cyber threat landscape has... The post Forging OT Security Maturity: Building Cyber...

Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition...

Germany's Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money...

Microsoft is working on adding a new Teams feature that will prevent users from capturing screenshots of sensitive information shared during meetings. [...]

The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.

The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.

Plus: A DOGE operative’s laptop reportedly gets infected with malware, Grok AI is used to “undress” women on X, a school software company’s ransomware nightmare returns, and more.

Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called 'Noodlophile,' under the guise of generated media content. [...]

This new security feature will make your Android phone more difficult to access if you haven't used it in a while.

CVE-2025-31324 impacts SAP NetWeaver's Visual Composer Framework. We share our observations on this vulnerability using incident response cases and telemetry. The post Threat Brief: CVE-2025-31324...

A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that's powered by thousands of infected Internet of Things (IoT) and end-of-life...

The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal...

The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge....

The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge....