Researchers at ESET have reported the emergence of a new ransomware strain dubbed HybridPetya, which blends techniques from the notorious Petya and NotPetya families while adding the ability to bypass Secure Boot on UEFI-based...
Samsung has released its September security updates for Android, addressing a critical zero-day vulnerability that had already been exploited in active attacks. The flaw, tracked as CVE-2025-21043 and rated 8.8 on the CVSS scale,...
On Thursday, the Helsinki Court of Appeal delivered a ruling that stirred widespread public reaction. Alexander Kivimäki, the 28-year-old convicted of hacking the Vastaamo psychotherapy center and carrying out subsequent extortion, was released from...
A critical vulnerability has been uncovered—and almost immediately weaponized—in the IP telephony ecosystem through FreePBX. Signs of widespread compromise were first reported on August 21, 2025, when administrators began noticing identical symptoms and suspicious...
Researchers at Wordfence Threat Intelligence have uncovered a large-scale campaign involving the use of so-called “nulled plugins”—pirated copies of premium WordPress extensions that have been tampered with by third parties. These counterfeit packages have...
Cybercriminal groups have begun exploiting a new phishing service, VoidProxy, on a massive scale, enabling them to steal credentials, multi-factor authentication codes, and session tokens from Microsoft and Google accounts in real time. According...
According to declassified documents, U.S. Immigration and Customs Enforcement (ICE) employed the so-called Stingray device—technology that mimics the function of a cellular base station. When a phone connects to this “false” transmitter, it inadvertently...
SAP has addressed two critical vulnerabilities in the NetWeaver Java application server that could allow attackers to execute arbitrary code and fully compromise affected systems. The security updates, released in September 2025, remediate CVE-2025-42922...
Researchers at ETH Zurich have unveiled a novel attack dubbed VMScape, bearing strong resemblance to Spectre and posing a significant threat to virtualization infrastructures. The attack enables a malicious virtual machine to extract cryptographic...
Researchers from Cybernews have reported a major data breach involving Vyro AI, a company renowned for its popular generative applications on Android and iOS. An unsecured Elasticsearch server belonging to the developer had been...
Researchers at Palo Alto Networks have reported a surge in attacks leveraging the open-source platform AdaptixC2, originally designed for penetration testing but now increasingly exploited by cybercriminals. Unit 42 specialists first detected traces of...
An unusual incident unfolded at the Spinoza campus in Amsterdam: an unknown intruder hacked into the digital payment system of five washing machines. For several weeks, students were able to use the machines free...
