More results...
Oxford City Council has confirmed it was the target of a sophisticated cyberattack that resulted in the exposure of personal data belonging to employees, including those involved in council-administered elections over the past two decades. The council …
A newly disclosed set of vulnerabilities in Versa Networks’ SD-WAN orchestration platform, Versa Director, with the flaws enabling authenticated attackers to upload malicious files and execute arbitrary commands on affected systems. The vulnerabilities…
Zimperium zLabs has uncovered a highly advanced iteration of the GodFather Android banking malware, which employs a groundbreaking on-device virtualization technique to compromise legitimate mobile banking and cryptocurrency applications. Unlike tradit…
Microsoft has announced a significant update to the security posture of its Windows 365 Cloud PCs, introducing new secure-by-default capabilities designed to fortify virtual desktop environments against modern cyber threats. These changes, set to roll …
A newly disclosed critical vulnerability in Dover Fueling Solutions’ ProGauge MagLink LX consoles has sent shockwaves through the global fuel infrastructure sector. The flaw, tracked as CVE-2025-5310, allows remote attackers to seize control of fueling…
A staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Inst…
Security researchers from Synacktiv successfully hacked the Tesla Wall Connector through its charging port in just 18 minutes, exposing critical vulnerabilities in the device’s firmware and communication protocols. The Tesla Wall Connector and Its Arch…
A new class of cyberattack is targeting organizations leveraging Atlassian’s Model Context Protocol (MCP), exposing a critical weakness in the boundary between external and internal users. Researchers have demonstrated that malicious support tickets ca…
The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed on over 100,000 WordPress websites. This vulnerability, classified as an Insufficient Authorization to Privilege Escalation v…
The North Korean state-sponsored threat actor group, identified as TA444 (also known as BlueNoroff, Sapphire Sleet, and others), has unleashed a sophisticated malware campaign targeting cryptocurrency foundations. This intricate attack, uncovered by Hu…