Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The act…
The 5 Golden Rules of Safe AI Adoption
Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is…
ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia…
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors
Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot…
300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158
Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which…
Docker Desktop Vulnerability Allowed Host Takeover on Windows, macOS
A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious container to escape…
New Zip Slip Vulnerability Allows Attackers to Manipulate ZIP Files During Decompression
A newly observed variant of the Zip Slip vulnerability has emerged, enabling threat actors to exploit path traversal flaws in widely used…
Analysis of Apple’s ImageIO Zero-Day Vulnerability: Attacker Context and Historical iOS Zero-Click Similarities
Apple has issued emergency security updates across its entire ecosystem to address CVE-2025-43300, a critical zero-day…
CIISec: Most Security Professionals Want Stricter Regulations
More than two-thirds (69%) of industry professionals have argued that current cybersecurity laws still aren’t strict enough, according…
US: Maryland Confirms Cyber Incident Affecting State Transport Systems
Users of some transport services in the US state of Maryland may experience disruptions as the Maryland Transit Administration (MTA) deals…
Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools
A global phishing campaign using personalized emails and fake websites to deliver malicious downloads has been identified by cybersecurity…
New Android Trojan Variant Expands with Ransomware Tactics
A new version of the Hook Android banking Trojan has surfaced, showcasing one of the most extensive feature sets ever recorded for mobile…
Nissan confirms design studio data breach claimed by Qilin ransomware
Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its…
Beyond GDPR security training: Turning regulation into opportunity
By Eirik Salmi, System Analyst at Passwork Even though 88% of businesses spend over €1 million on GDPR compliance and 40% invest up to…
CISA warns of actively exploited Git code execution flaw
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the…
Nevada closes state offices as cyberattack disrupts IT systems
Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and…
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
Update: Story updated with further information. Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from…
Silk Typhoon hackers hijack network captive portals in diplomat attacks
State-sponsored hackers linked to the Silk Typhoon activity cluster targeted diplomats by hijacking web traffic to redirect to a…
Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks
Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as…
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from…
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay…
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA…
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought…
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue…
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively…
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)
Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of…
CISA Warns of Git Arbitrary File Write Vulnerability Exploited in Attacks
CISA has issued a high-severity warning for CVE-2025-48384, a link-following vulnerability in Git that enables arbitrary file writes via…
Securing the AI Revolution: Introducing Cloudflare MCP Server Portals
2025-08-26 6 min read Securing the AI Revolution: Introducing Cloudflare MCP Server Portals Large Language Models (LLMs) are rapidly evolving…
Online PDF Editors Safe to Use? Detailed Analysis of Security Risks Associated With It
Online PDF editors have become common tools for quick document manipulation, providing convenient alternatives to desktop software. However,…
URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack
The Cloud Software Group (CSG) has released urgent security updates to address three high-severity vulnerabilities affecting NetScaler ADC and…
Citrix patches trio of NetScaler bugs – after attackers beat them to it
Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they’ve already been used in the wild before the vendor got…
Citrix NetScaler ADC and Gateway 0-Day RCE Vulnerability Actively Exploited in Attacks
Cloud Software Group has disclosed multiple high-severity vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway…
CISA Adds Citrix Vulnerabilities to KEV Catalog as New Flaws Emerge
The U.S. Cybersecurity and Information Security Agency (CISA) has added two Citrix vulnerabilities to its Known Exploited Vulnerabilities…
Citrix NetScaler Patch Release: Act Now to Prevent Exploitation
On August 26, 2025, Citrix announced a pivotal security update for NetScaler ADC and NetScaler Gateway appliances. This urgent patch addresses…
Securden Unified PAM Vulnerability Let Attackers Bypass Authentication
Cybersecurity researchers have uncovered a critical security flaw in Securden Unified PAM that allows attackers to completely bypass…
Digital Nomads and Cybersecurity: Navigating the New Frontier of Work
We live in an era where your next big idea could come from an employee working out of a cafe in Tokyo or on the beach in Bali. The digital…
Cybersecurity Wake-Up Call: Why All Businesses Must Prepare for the Inevitable Attack
Cybersecurity has emerged as a critical and ongoing battle against a dynamic and pervasive global threat. The landscape is evolving rapidly,…
Is the Cyber Resilience Act the Biggest Thing to Hit Compliance Since GDPR?
There’s a lot of noise around compliance. New regulations seem to pop up every year, each promising to fix the ever-growing list of…
Black Hat Ignites Under Vegas Lights
Driving through the quiet, endless beauty of the Nevada desert, I let the raspy voice of Jim Morrison carry me forward. “The End”…
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide
Many people believe that smartphones are somehow less of a target for threat actors. They couldn’t be more wrong.Bitdefender Labs warns…
Auchan retailer data breach impacts hundreds of thousands of customers
French retailer Auchan is informing that some sensitive data associated with loyalty accounts of several hundred thousand of its customers was…
Farmers Insurance data breach impacts 1.1M people after Salesforce attack
U.S. insurance giant Farmers Insurance has disclosed a data breach impacting 1.1 million customers, with BleepingComputer learning that the…