Experts at Straiker have reported the discovery of a new tool called Villager, which since its release in July has been downloaded nearly 10,000 times from the official PyPI repository. Marketed as a client...
Researchers at ESET have reported the emergence of a new ransomware strain dubbed HybridPetya, which blends techniques from the notorious Petya and NotPetya families while adding the ability to bypass Secure Boot on UEFI-based...
Samsung has released its September security updates for Android, addressing a critical zero-day vulnerability that had already been exploited in active attacks. The flaw, tracked as CVE-2025-21043 and rated 8.8 on the CVSS scale,...
On Thursday, the Helsinki Court of Appeal delivered a ruling that stirred widespread public reaction. Alexander Kivimäki, the 28-year-old convicted of hacking the Vastaamo psychotherapy center and carrying out subsequent extortion, was released from...
A critical vulnerability has been uncovered—and almost immediately weaponized—in the IP telephony ecosystem through FreePBX. Signs of widespread compromise were first reported on August 21, 2025, when administrators began noticing identical symptoms and suspicious...
Researchers at Wordfence Threat Intelligence have uncovered a large-scale campaign involving the use of so-called “nulled plugins”—pirated copies of premium WordPress extensions that have been tampered with by third parties. These counterfeit packages have...
Cybercriminal groups have begun exploiting a new phishing service, VoidProxy, on a massive scale, enabling them to steal credentials, multi-factor authentication codes, and session tokens from Microsoft and Google accounts in real time. According...
According to declassified documents, U.S. Immigration and Customs Enforcement (ICE) employed the so-called Stingray device—technology that mimics the function of a cellular base station. When a phone connects to this “false” transmitter, it inadvertently...
Apple revised the evaluation guidelines for its forthcoming chatbot, built on large language models, immediately after Donald Trump’s return to the White House. According to POLITICO, the new instructions for employees of the contractor...
SAP has addressed two critical vulnerabilities in the NetWeaver Java application server that could allow attackers to execute arbitrary code and fully compromise affected systems. The security updates, released in September 2025, remediate CVE-2025-42922...
Google has unveiled a new system for authenticating digital images by embedding C2PA Content Credentials into the Pixel 10 camera and the Google Photos application. This mechanism is designed to help users distinguish original...
Google has released Chrome 140, and with it, users have encountered new restrictions on extensions built on Manifest V2. Previously, support for such add-ons could be enabled through special flags, but these options have...
