The new Arcane stealer spreads via YouTube and Discord, collecting data from many applications, including VPN and gaming clients, network utilities, messaging apps, and browsers.

Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies

The first few months of 2025 saw a massive spike in phishing-as-a-service (PhaaS) attacks targeting organizations around the world, with more than a million attacks detected by Barracuda systems...

The UAC-0200 hacking group resurfaces in the cyber threat arena. CERT-UA has recently identified a surge in targeted cyber-attacks both against employees of defense industry enterprises and...

The New Zealand Computer Emergency Response Team (CERT NZ) has issued an urgent security advisory warning of a critical vulnerability, CVE-2025-24813, that affects several versions of Apache...

TL;DR In this blog I want to show you how useful frida-trace can be at hooking thousands of methods at a time. I also wrote some scripts for improving its output a bit.

A security vulnerability (CVE-2025-30066) has been identified in a widely used third-party GitHub Action, tj-actions/changed files. This security flaw exposes sensitive information, including...

u-blox, a vendor of positioning and short-range communication technologies for automotive, industrial and consumer markets, has announced the... The post u-blox enhances NEO-F10T GNSS timing...

TXOne Networks, a vendor of cyber-physical systems (CPS) security, announced Version 3.2 of its Stellar solution, further enhancing... The post TXOne debuts Stellar 3.2 to elevate cyber-physical...

Cybersecurity company Armis has announced the appointment of Patrick McCue as the senior vice president of global partners,... The post Armis strengthens cybersecurity strategy with Patrick McCue...

Singapore’s armed forces officially launched two new commands on March 18, 2025, to safeguard the country’s critical digital infrastructure. The Defence Cyber Command (DCCOM) and the SAF C4 and...

Sydney, Australia, 19th March 2025, CyberNewsWire

The move, which critics say is unconstitutional, also potentially threatens numerous agency investigations and enforcement around privacy and cybersecurity. The post Trump moves to fire Democratic...

$32B Wiz acquisition: Google ramps up cloud security. Following Mandiant, this deal signals major GCP defense upgrade.

Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot...

A compromise of the GitHub action tj-actions/changed-files highlights how attackers could exploit vulnerabilities in third-party actions to compromise supply chains. The post Threat Assessment:...

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint. The post Infostealers fueled cyberattacks and snagged 2.1B credentials last year...

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint. The post Infostealers fueled cyberattacks and snagged 2.1B credentials last year...

The Zero Day Initiative measured the prevalence of manipulated Windows shortcut files in campaigns attributed to nation-state hacking groups — finding at least 11 exploited a bug that allows...

China has accused four Taiwanese individuals of being hackers associated with Taiwan’s military cyber force, claiming they were responsible for cyberattacks against Beijing. The Ministry of State...

Google’s agreement to buy cloud security startup Wiz will face antitrust scrutiny amid Alphabet’s ongoing legal battles.

An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially...

Google is making the biggest ever acquisition in its history by purchasing cloud security company Wiz in an all-cash deal worth $32 billion. "This acquisition represents an investment by Google...

Tuesday’s big news that Google is acquiring security startup Wiz for a record-breaking $32 billion comes with a very big qualifier. Google says it will position Wiz as a “multicloud” offering,...

Anyone can become a zero-knowledge threat actor now, thanks to AI.

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out...

Cyberattacks on public entities across the U.S. — from police stations to school districts and courts — are causing wide-ranging issues for residents and public employees.

US sperm donor giant California Cryobank is warning customers it suffered a data breach that exposed customers' personal information. [...]

Cybercrooks are using automated AI bots to generate multiple login attempts across a range of services. And it's about to get much worse.

Cybersecurity researchers have warned about a large-scale ad fraud campaign that has leveraged hundreds of malicious apps published on the Google Play Store to serve full-screen ads and conduct...