Cybercriminals have launched a new wave of attacks that employ SVG files as carriers for phishing pages. According to researchers at VirusTotal, the attackers disguise themselves as representatives of the Colombian Prosecutor’s Office, distributing...
The world’s largest chess platform, Chess.com, has notified thousands of users of a compromise of their personal data following a breach of a third-party contractor responsible for information storage. The incident involved files transferred...
The Japanese tire manufacturer Bridgestone has announced an investigation into a cybersecurity incident in North America that disrupted operations at several of its factories. The first reports of outages surfaced on September 2, when...
TP-Link has confirmed the existence of a new zero-day vulnerability affecting several of its router models. The flaw was first identified by an independent security researcher operating under the alias Mehrun (ByteRay), who reported...
Researchers from the School of Computer Science at Carnegie Mellon University have unveiled the results of a large-scale analysis revealing that GitHub’s “star” system—long regarded as a measure of a project’s popularity and trustworthiness—has...
Kaspersky Lab has published its first comprehensive technical analysis of cyber groups most actively targeting Russian organizations. The report details 14 groups, outlining their tactics, tools, and the confirmed links between them. Experts identified...
On underground forums, cybercriminals have claimed they have begun deploying HexStrike AI—a new open-source penetration testing tool—against Citrix NetScaler vulnerabilities just hours after they were publicly disclosed. The news was reported by Check Point...
Android has released its most extensive patch bundle of the year, outpacing the traditional “Patch Tuesday” cycle. In response to reports of active exploitation of two vulnerabilities, the system received 120 fixes at once...
Most people remain unaware that their Wi-Fi and Bluetooth devices have quietly become part of a vast, global geolocation tracking system — open, precise, and alarmingly accessible. And if this sounds threatening, it is:...
Cybercriminals have discovered a method to bypass X’s restrictions on posting links by exploiting its built-in assistant, Grok. The technique was revealed by Guardio Labs, with anomalies and screenshots documented by an X user....
In August 2025, specialists from Dream Threat Intelligence documented a large-scale phishing campaign attributed to actors linked to Iran. The operation, believed to be orchestrated by the group Homeland Justice under the direction of...
On September 3, 2025, researcher Youfu Zhang reported to the Mozilla dev-security-policy mailing list that the certification authority Fina RDC 2020 had issued multiple TLS certificates for the IP address 1.1.1.1. This address, jointly...
