Hackers have devised a method to conceal malware in places where detection is nearly impossible—in DNS records that map domain names to IP addresses. This technique enables the delivery of malicious binaries without relying...
The United Kingdom’s National Cyber Security Centre (NCSC) has unveiled a new program titled the Vulnerability Research Initiative (VRI), aimed at deepening collaboration with independent experts in vulnerability discovery. This initiative seeks to bolster...
The Central Bureau of Investigation (CBI) of India has announced the dismantling of a transnational cybercriminal syndicate responsible for large-scale tech support scams. The operation, codenamed Chakra V, was carried out on July 7,...
The Trump administration is planning to allocate $1 billion over the next four years toward offensive operations in cyberspace. These funds will be disbursed through the Department of Defense as part of a sweeping...
The Open-Ended Working Group (OEWG) on security and the use of information and communication technologies (ICTs) in the context of international security has concluded its work in New York. After nearly five years of...
A counterfeit extension for the Cursor AI development environment, masquerading as a legitimate Ethereum utility, has resulted in a major cybersecurity incident—a Russian cryptocurrency developer lost half a million dollars due to the extension’s...
Over the weekend, an employee of the Department of Government Efficiency (DOGE), an agency under Elon Musk’s purview, inadvertently exposed a confidential key that granted direct access to over 50 of xAI’s language models....
A high-profile incident has recently concluded within the Solana ecosystem, involving the unauthorized extraction of cryptocurrency assets from the Texture project. Several days ago, an unidentified hacker exploited a vulnerability in one of the...
The Gemini AI assistant, integrated into Google Workspace, has unexpectedly proven vulnerable to a novel form of social engineering. By exploiting a particular method of structuring content within emails, malicious actors can deceive the...
Security researchers from GitGuardian and Synacktiv have uncovered a critical vulnerability in Laravel, the widely used PHP framework that powers hundreds of thousands of web applications. The issue stems from the leakage of the...
Fortinet has released critical security updates for FortiWeb, addressing a severe vulnerability that allowed unauthenticated attackers to execute arbitrary SQL queries remotely. The flaw, tracked as CVE-2025-25257, received a CVSS score of 9.6, placing...
NVIDIA has issued a warning about a newly discovered vulnerability in its graphics processing units, dubbed GPUHammer. This attack, rooted in the well-known RowHammer technique, enables malicious actors to corrupt data belonging to other...
A hacker who siphoned $40 million in cryptocurrency from the decentralized exchange GMX has returned nearly the entire haul in exchange for a $5 million payout. The breach ranked among the largest in DeFi...
Cybercriminals have begun leveraging GitHub to disseminate dangerous spyware disguised as a free VPN service. The malicious campaign, uncovered by researchers at Cyfirma, masqueraded as a program called “Free VPN for PC.” Instead of...
One of the world’s largest steel manufacturing conglomerates, the Japanese company Nippon Steel, has reported a large-scale cyberattack during which hackers gained unauthorized access to data belonging to clients, employees, and business partners. The...
Researchers at Huntress have observed active exploitation of a critical vulnerability in Wing FTP Server—a mere day after its public disclosure. The flaw, tracked as CVE-2025-47812, received the highest possible severity rating (CVSS 10.0),...