News

Hackers are exploiting critical flaw in vBulletin forum software
Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to ...
Microsoft now testing Notepad text formatting in Windows 11
Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting ...
Police takes down AVCheck site used by cybercriminals to scan malware
An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their ...
Exploit details for max severity Cisco IOS XE flaw now public
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.
Germany doxxes Conti ransomware and TrickBot ring leader
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and ...
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Mozilla has rolled out an emergency Firefox 139.0.1 update after the Tuesday release caused graphical artifacts on PCs with ...
Getting Exposure Management Right: Insights from 500 CISOs
Pentesting isn't just about finding flaws — it's about knowing which ones matter. Pentera's 2025 State of Pentesting report ...
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of ...
Microsoft Authenticator now warns to export passwords before July cutoff
The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated ...
Victoria’s Secret takes down website after security incident
Victoria's Secret, the fashion giant, has taken down its website and some store services because of an ongoing security ...
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear ...
APT41 malware abuses Google Calendar for stealthy C2 communication
The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control ...