Browse the latest cybersecurity news, breaches, vulnerabilities, and trends. Filter by category to find the information most relevant to you.
A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim's system and bypassing security software. [...]
It comes just over a week after a two-day total internet shutdown across the country ended.
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in Au…
Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social engineering technique. “This t…
North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet. Though this year’s record losses are driven largely by the February attack on cryptocurrency exchang…
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless ni…
Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 (CVSS sco…
Jaguar Land Rover has reported a 25% drop in volume sales in the three months up to September 30, largely due to the impact of the ongoing cyber incident
Two 17-year-olds have been arrested following a cyber-attack on the Kido nursery group
Radiflow has launched the new Radiflow360, a unified, AI-enhanced OT cybersecurity platform that delivers visibility, risk management and streamlined incident response for mid-sized industrial enterprises. Radiflow360 now enables mid-sized industrial operator…
If you think managing cloud security is complex, try doing it across hundreds of satellites orbiting the planet. Each one is a moving endpoint that must stay secure while communicating through long, delay-prone links. A new study explores how AI could automat…
DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track and remove duplicate findings, handle remediation, and generate reports. Whether you’r…