Cybersecurity

624 articles in this category (Page 17 of 26)

AI NewsCybersecurityData Privacy

SMBs Became the Prime Target: Cybersecurity Lessons from 2025 Data Breaches

In 2025, small and mid-sized businesses accounted for 70.5% of data breaches, highlighting a shift in cybercriminal tactics towards easier targets.

Dec 24, 2025

AI NewsCybersecurityFraud

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

ESET reports a 62% rise in the Nomani investment scam, leveraging AI deepfakes on social media platforms like YouTube and Facebook.

Dec 24, 2025

AI NewsCybersecurityFinance

SEC Charges Operators of $14 Million Crypto Scam Leveraging Fake AI Investment Tips

The SEC filed charges against multiple entities for a $14 million cryptocurrency scam that used AI-themed investment tips and fake trading platforms to defraud U.S. investors.

Dec 24, 2025

AI NewsCybersecurityFraud

Amazon Blocks 1,800 Suspected North Korean IT Job Scammers

Amazon has prevented over 1,800 suspected North Korean IT job scammers from being hired since April 2024, highlighting the increasing sophistication of state-sponsored fraud.

Dec 23, 2025

AI NewsCybersecuritySoftware Vulnerability

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution

A critical n8n vulnerability (CVE-2025-68613, CVSS 9.9) allows authenticated users to execute arbitrary code, impacting over 100,000 instances.

Dec 23, 2025

AI NewsCybersecurityLaw Enforcement

INTERPOL Operation Sentinel Nets 574 Arrests & $3M in Recovered Funds

INTERPOL’s Operation Sentinel resulted in 574 arrests and $3 million recovered, targeting ransomware and cyber fraud across 19 African countries.

Dec 23, 2025

AI NewsCybersecurityProductivity

Passwd: A Google Workspace-Focused Password Manager

Passwd offers a zero-knowledge AES-256 encrypted password manager designed exclusively for Google Workspace, featuring scalable team pricing.

Dec 23, 2025

AI NewsCybersecurityMergers & Acquisitions

ServiceNow Acquires Armis for $7.75B to Enhance AI-Powered Cybersecurity

ServiceNow’s $7.75 billion acquisition of Armis will integrate cyber-physical security into its AI Control Tower, bolstering proactive risk management.

Dec 23, 2025

AI NewsCybersecurityFraud

US DoJ Seizes Domain Used in $14.6 Million Bank Account Takeover Scheme

The US Justice Department seized web3adspanels[.]org, a domain used to steal bank logins, resulting in $14.6 million in losses for 19 US victims.

Dec 23, 2025

AI NewsCybersecurityMobile Security

Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

Android attackers are increasingly using sophisticated droppers to deliver malware like Wonderland, resulting in widespread SMS theft and financial fraud, particularly in Uzbekistan.

Dec 22, 2025

AI NewsCybersecuritySoftware Supply Chain

Malicious npm Package 'lotusbail' Steals WhatsApp Data and Credentials

A fake WhatsApp API package on npm, downloaded over 56,000 times, intercepted messages, stole credentials, and linked attacker devices.

Dec 22, 2025

AI NewsCybersecurityVulnerability Management

Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

A critical zero-day vulnerability (CVE-2025-14733) in WatchGuard Firebox devices is under active exploitation, impacting nearly 125,000 IPs globally.

Dec 22, 2025

AI NewsCybersecurityMobile Security

Uzbek Users Under Attack by Android SMS Stealers

Telegram users in Uzbekistan are facing a surge in Android SMS-stealer malware attacks, with infection rates increasing due to improved distribution and obfuscation tactics.

Dec 22, 2025

AI NewsCybersecurityThreat Intelligence

Weekly Cybersecurity Recap: Exploited Flaws, AI Data Theft, and Emerging Botnets

This week's cybersecurity recap details a surge in exploited network flaws, AI data harvesting via browser extensions, and the rise of large-scale botnets like Kimwolf with 1.8 million Android TV devices.

Dec 22, 2025

AI NewsCybersecurityAPT

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Iranian APT Infy resurfaced after 5 years of inactivity, deploying updated Foudre and Tonnerre malware in a campaign targeting multiple countries.

Dec 21, 2025

AI NewsCybersecurityFinancial Crime

DOJ Charges 54 in $40.73M ATM Jackpotting Scheme Using Ploutus Malware

The DOJ indicted 54 individuals linked to the Tren de Aragua gang for ATM jackpotting attacks using Ploutus malware, resulting in $40.73 million in U.S. losses since 2021.

Dec 20, 2025

AI NewsCybersecurityMalware

CountLoader and GachiLoader Malware Spread via Cracked Software and YouTube

Researchers discovered a campaign distributing CountLoader, GachiLoader, and info stealers through cracked software and compromised YouTube videos, impacting an estimated 220,000 views.

Dec 19, 2025

AI NewsCybersecurityHardware

UEFI Flaw Enables Early-Boot DMA Attacks on Major Motherboard Vendors

A new UEFI vulnerability (CVEs 2025-14304, 2025-11901, 2025-14302, 2025-14303) allows attackers to perform DMA attacks before OS security loads.

Dec 19, 2025

AI NewsCybersecurityPhishing

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigerian authorities arrested the developer of RaccoonO365, a PhaaS toolkit responsible for the theft of at least 5,000 Microsoft credentials since July 2024.

Dec 19, 2025

AI NewsCybersecurityVulnerability Management

WatchGuard Fireware OS VPN Vulnerability Under Active Exploitation

WatchGuard addressed CVE-2025-14733, a critical 9.3 CVSS-rated Fireware OS VPN flaw, currently exploited in the wild.

Dec 19, 2025

AI NewsCybersecurityThreat Intelligence

China-Aligned LongNosedGoblin Deploys Espionage Malware via Windows Group Policy

ESET identifies LongNosedGoblin, a China-aligned threat group, leveraging Windows Group Policy and cloud services to conduct cyber espionage against Southeast Asian and Japanese government networks.

Dec 18, 2025

AI NewsCybersecurityVulnerability Management

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

CISA added CVE-2025-59374, a critical ASUS Live Update vulnerability, to its KEV list due to active exploitation stemming from a 2019 supply chain attack.

Dec 18, 2025

AI NewsCybersecurityVulnerability

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS

Cisco confirms an unpatched CVSS 10.0 zero-day in AsyncOS actively exploited to gain root access on email security appliances.

Dec 18, 2025

AI NewsCybersecurityVulnerability Management

HPE OneView Vulnerability Enables Unauthenticated Remote Code Execution (CVE-2025-37164)

HPE addressed a critical vulnerability in OneView Software (CVE-2025-37164) with a CVSS score of 10.0, allowing unauthenticated remote code execution.

Dec 18, 2025