In May 2025, Cloudflare successfully mitigated the largest distributed denial-of-service (DDoS) attack ever recorded, which peaked at an unprecedented 7.3 terabits per second. The target was a major hosting provider protected by Magic Transit,...
A critical vulnerability discovered in the WordPress visual theme “Motors” has enabled hackers to seize administrative privileges en masse, granting them full control over compromised websites. Identified as CVE-2025-4322, the flaw represents a privilege...
A group of hackers orchestrated a meticulously planned campaign targeting Gmail users, successfully bypassing two-factor authentication and gaining unauthorized access to their accounts. The operation was aimed at prominent experts in international security and...
The announcement of the so-called “mother of all breaches” sent shockwaves through the media: headlines blared dire warnings, while the tone of coverage bordered on panic. Yet the actual substance of the event is...
At first glance, WormGPT appears to be a formidable tool in the arsenal of cybercriminals—powerful, unregulated, capable of generating malicious code, phishing emails, and instructions for circumventing security systems. However, a recent investigation by...
On April 6, 2025, security researcher Bob Diachenko, in collaboration with analysts from the Cybernews team, discovered an unprotected Elasticsearch server belonging to Openprovider. This incident resulted in the inadvertent exposure of critically sensitive...
Many owners of Smart TV operating systems increasingly find themselves at the heart of a growing conflict—one that pits the preservation of viewer privacy against mounting pressure from the advertising industry. The crux of...
Iranian hackers are breaching home surveillance cameras to monitor the movements of Israeli citizens in real time, according to Rafael Franco, former Deputy Director of Israel’s National Cyber Directorate. He stated that in recent...
Fraudsters have developed a method to intercept search queries from users seeking 24/7 customer support from companies such as Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. By posing as legitimate support...
Brazilian banking institutions have become the target of a new campaign disseminating a specialized variant of the AllaKore remote access trojan (RAT) for Windows, named AllaSenha. This RAT is designed to steal credentials necessary...
Check Point has reported that since late April, cybercriminals have been actively exploiting a critical vulnerability in the Check Point VPN remote access system, allowing them to steal Active Directory data for further infiltration...
Recently, Netflix reported that since the launch of its Bug Bounty program in 2016, the streaming giant has paid researchers over one million dollars in rewards for identifying bugs and vulnerabilities in the company’s...
A relatively new North Korean cyber group known as Moonstone Sleet has recently been identified as responsible for attacks on the software, information technology, education, and defense industries, utilizing ransomware and other types of...
Specialists at Zscaler have identified over 90 malicious applications on Google Play, designed to distribute malware and adware, including the banking trojan Anatsa. These applications have been downloaded more than 5.5 million times. Description...
The U.S. Department of the Treasury has imposed sanctions on a cybercriminal network involving three Chinese nationals and three companies from Thailand. These entities are connected to a major botnet that controls a residential...
A recent leak of thousands of pages of internal Google documents has revealed the true workings of the company’s search algorithm. These documents, which have come into the hands of SEO experts, raise questions...
