Google Releases Critical Chrome Security Update to Address Three Zero-Days
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
Information Security Magazine
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
4 weeks ago
New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
4 weeks ago
A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware
Pro-Russia Hackers Target US Critical Infrastructure in New Wave
4 weeks ago
Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems
Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data
4 weeks 1 day ago
The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing
Log4Shell Downloaded 40 Million Times in 2025
4 weeks 1 day ago
Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug
Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025
4 weeks 1 day ago
December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
4 weeks 1 day ago
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement
Malicious VS Code Extensions Deploy Advanced Infostealer
4 weeks 1 day ago
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data
DeadLock Ransomware Uses BYOVD to Evade Security Measures
4 weeks 1 day ago
Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware
UK NCSC Raises Alarms Over Prompt Injection Attacks
4 weeks 2 days ago
The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection
Gartner Calls For Pause on AI Browser Use
4 weeks 2 days ago
Gartner has called for organizations to block today’s AI browsers on security concerns
ClayRat Android Spyware Expands Capabilities
4 weeks 2 days ago
A new version of ClayRat Android spyware features enhanced surveillance and device-control features
Marquis Software Breach Affects Over 780,000 Nationwide
4 weeks 2 days ago
A data breach at Marquis Software Solutions due to a firewall flaw has affected over 780,000 people across the US
Portugal Revises Cybercrime Law to Protect Security Researchers
1 month ago
Security researchers will now be protected from prosecution in Portugal as long as they meet certain conditions
React2Shell Under Active Exploitation by China-Nexus Hackers
1 month ago
React2Shell (CVE-2025-55182) is under active exploitation by Earth Lamia and Jackpot Panda, risking over two million instances worldwide
UK ICO Demands “Urgent Clarity” on Facial Recognition Bias Claims
1 month ago
A Home Office report has revealed racial bias in facial recognition technology used by police
Barts Health Seeks High Court Ban After Oracle EBS Breach
1 month ago
Barts Health NHS Trust has revealed itself to be the latest victim of Cl0p’s Oracle EBS campaign
React.js Hit by Maximum-Severity 'React2Shell' Vulnerability
1 month ago
A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, posing severe risks for server-side implementations
China-Linked Warp Panda Targets North American Firms in Espionage Campaign
1 month ago
CrowdStrike warned that Warp Panda, a China-linked cyber-espionage group, is targeting US organizations to steal sensitive data and support Beijing’s strategic interests
Checked
4 hours 21 minutes ago