2025-03-25 • JPCERT/CC • Hayato Sasaki Open article on Malpedia

2025-03-26 • Zscaler • Brett Stone-Gross • win.coffee_loader Open article on Malpedia

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]

Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time

2025-03-25 • DomainTools • DomainTools Open article on Malpedia

You can't escape AI in WhatsApp even if you are based in one of the 41 European countries. Today, more people are seeing the Meta AI chatbot being added to WhatsApp. [...]

The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens

​Microsoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday. [...]

The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security

Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against 'Big Tech'...

A set of vulnerabilities have been identified in Ingress-NGINX Controller for Kubernetes, posing a risk to organizations relying on the affected versions. These vulnerabilities impact versions...

A serious security vulnerability has recently been identified in NetApp’s SnapCenter software, a widely used enterprise solution for managing data protection. This flaw, tracked as CVE-2025-26512,...

2025-03-26 • Twitter (@MalGamy12) • Gameel Ali • win.ralord Open article on Malpedia

NHS vendor Advanced will pay just over £3 million ($3.8 million) in fines for not implementing basic security measures before it suffered a ransomware attack in 2022, the U.K.’s data protection...

IT and security workforce management firm CyberSN surveyed job listings from 2022 to 2024. Yes, decreases in demand for some job titles may be related to AI.

2025-03-25 • Kaspersky Labs • Boris Larin, Igor Kuznetsov Open article on Malpedia

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud...

In a major cybersecurity operation, the UAE government successfully prevented attacks on 634 government and private entities, preventing what could have been a large-scale UAE cyberattack or data...

Scroll down ↓ Drone footage captured in March 2023 and March 2025, shows destruction in Gaza’s Jabalia/Jabaliya Refugee Camp. Credit: Shadi Al-Tabatiby and Forbidden Stories/Stringer. Scroll Down...

A business that provides IT services to numerous healthcare providers in the United Kingdom has been fined about $4 million by the country’s privacy regulator over a ransomware attack in 2022.

Discover how Recorded Future improves cybersecurity team productivity, saving 100+ hours weekly and driving $290K in annual ROI through threat intelligence.

March 27, 2025 According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the first quarter of 2025 increased by 7.23%, compared to the fourth quarter of...

March 27, 2025 According to detection statistics collected by Dr.Web Security Space for mobile devices, ad-displaying Android.HiddenAds trojans remained the most common Android malware. Moreover,...

The Internet Archive (Archive.org), home to the Wayback Machine, is temporarily offline due to a reported power outage.…

The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor...

A WIRED review shows national security adviser Mike Waltz, White House chief of staff Susie Wiles, and other top officials left sensitive information exposed via Venmo—until WIRED asked about it.

Democrats on the House Intelligence Committee expressed anger over the use of the messaging app to coordinate military strikes on Houthi targets in Yemen. The post Intelligence chiefs insist...

The UK Information Commissioner's Office (ICO) has fined Advanced Computer Software Group Ltd £3.07 million over a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people,...

The sanctions place the companies under a strict licensing regime meant to limit their access to foundational technology for quantum computing, cloud and AI. The post Commerce limits 19 Chinese,...

Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. Security breaches and data…