A recent report reveals that 44% of mobile users encounter scams daily, with significant emotional and financial repercussions, particularly among younger generations.
View full story…

Microsoft’s June 2025 Patch Tuesday release fixed two critical zero-day vulnerabilities, CVE-2025-33053 and CVE-2025-33073, which pose significant risks of remote code execution and privilege escalation, respectively, with active exploitation reported by threat actors.
View full story…

Operation Secure, a collaborative international effort involving law enforcement from 26 countries and private sector partners, successfully dismantled over 20,000 malicious IP addresses and domains associated with infostealer malware, leading to significant arrests and the identification of potential victims.
View full story…

In September 2024, Mastery Schools, the largest charter school network in Philadelphia, experienced a significant ransomware attack by the group DragonForce, compromising the personal data of over 37,000 individuals and prompting the organization to enhance its cybersecurity measures.
View full story…

United Natural Foods, a major distributor of natural and organic food products, is facing significant operational disruptions due to a cyberattack that has impacted its ability to serve over 30,000 grocery store clients, including Whole Foods Market.
View full story…

The US Cybersecurity and Infrastructure Security Agency’s contract with MITRE Corporation for the Common Vulnerabilities and Exposures Program is at risk, leading to a temporary pause in new CVE assignments and raising concerns about the sustainability of vulnerability management in cybersecurity.
View full story…

SentinelOne reported a sophisticated cyber operation named “PurpleHaze,” attributed to Chinese cyber-espionage groups APT15 and UNC5174, which targeted over 70 organizations globally using advanced tactics, including exploiting zero-day vulnerabilities and deploying the GOREshell backdoor.
View full story…

The financial services sector is experiencing a significant increase in volumetric DDoS attacks, driven by geopolitical tensions and the rise of DDoS-for-hire services, with a notable 23% rise in application-layer attacks in 2024 compared to the previous year.
View full story…

The Department of Justice has filed a civil forfeiture complaint to permanently seize over $7.7 million in digital assets associated with a North Korean money laundering operation involving IT workers who impersonated Americans to secure freelance jobs and evade sanctions.
View full story…

As APIs become prime targets for cybercriminals, organizations face significant risks from sophisticated attacks exploiting vulnerabilities, misconfigurations, and outdated security measures.
View full story…

The FBI has warned that the Badbox 2.0 botnet has compromised over a million internet-connected devices worldwide, primarily targeting low-cost, uncertified consumer electronics, particularly those running on Android-powered IoT systems in smart homes.
View full story…

President Donald Trump’s new executive order aims to revamp U.S. cybersecurity by addressing foreign threats, updating encryption standards, and modifying previous initiatives from the Biden and Obama administrations.
View full story…

A critical unpatched vulnerability (CVE-2025-31022) in the PayU CommercePro plugin for WordPress allows unauthorized access to user accounts, including site administrators, affecting over 5,000 installations.
View full story…