In August 2025, researchers from Huntress observed a cyberattack involving the abuse of the legitimate server-monitoring tool Nezha, which was originally designed for system performance tracking. During the campaign, threat actors — allegedly linked...
The popular design tool Figma has faced a potential security threat due to a vulnerability in the Model Context Protocol (MCP) server, the framework underpinning its integration with AI-driven agents. The issue, discovered in...
A critical vulnerability has been discovered in the popular WordPress theme Service Finder, allowing attackers to gain unauthorized access to any account on affected websites — including administrative ones. The issue stems from the...
Nearly a year after the incident, a Florida-based medical company has disclosed the full scale of a major data breach that occurred in November 2024. The organization, specializing in diagnostic imaging, confirmed the exposure...
According to a LayerX report, thousands of corporate users are inputting personal and payment data into ChatGPT prompts—often from personal, unsecured accounts. Researchers are observing a growing leakage of critically sensitive information through generative...
Jaguar Land Rover has announced the gradual resumption of operations at its factories following a massive cyberattack that brought global production to a complete halt in September. At the same time, the company has...
The threat actor known as BatShadow, linked to Vietnam, has launched a new malicious campaign targeting job seekers and digital marketing professionals. Posing as recruiters, the attackers distribute forged job descriptions; when victims open...
A drone that falls under the control of malicious actors can transform in a fraction of a second from a precise instrument into an unpredictable threat. Once compromised, it begins to behave erratically—hovering, spinning...
A network of hackers linked to North Korea has stolen more than $2 billion worth of crypto assets in the first nine months of 2025, according to a report by Elliptic. Analysts describe this...
A privilege escalation vulnerability in Microsoft Windows systems is once again being actively exploited, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned, adding the flaw to its official catalog of known exploited...
The Scattered Lapsus$ Hunters group has resurfaced — this time with a bizarre and unorthodox extortion tactic. The cybercriminals announced a bounty of $10 in cryptocurrency to anyone willing to take part in a...
The OpenSSH development team has announced the release of OpenSSH 10.1, marking a new stable version of the widely used secure communication suite. Build archives will soon be available on the project’s official mirrors....
