Ransomware attacks soared 30% in October to the second-highest total on record, Cyble reported today. The 623 ransomware attacks recorded in October were second only to February 2025’s record attacks, ...

Apache warns of CVE-2025-55752 and CVE-2025-55754 in Tomcat 9–11, risking remote code execution and console attacks. Urgent updates are strongly advised.

A new vulnerability scoring system has just been announced. The initiative, called the AI Vulnerability Scoring System (AIVSS), aims to fill the gaps left by traditional models such as the Common ...

The Government of India’s Department of Pension & Pensioners’ Welfare (DoPPW) has launched the Digital Life Certificate (DLC) Campaign 4.0, a national drive to make pension services more accessible ...

The compromised internal Azure server seemed to be associated with the functioning of the Bing search engine and had been used to store scripts, configuration & code containing sensitive data such as ...

A newly identified loader dubbed “Caminho” (Portuguese for “path”) has emerged as a sophisticated Loader-as-a-Service platform that uses Least Significant Bit (LSB) steganography to conceal malicious ...

Ransomware attacks have soared 50% in 2025 despite major changes among the leading ransomware groups, according to a new Cyble report. Through October 21, there have been 5,010 ransomware attacks ...

The name said it all: DroneEXEHijackingLoader.dll. That internal file name, buried in malicious code delivered to three European defense contractors, revealed what security researchers now believe ...

A new form of attack is targeting browsers with built-in AI assistants. Researchers at Brave have found that seemingly harmless screenshots and web pages can hide malicious instructions that hijack ...

The Qilin ransomware group has been by far the most active ransomware group over the last seven months, so two new research reports detailing some of the group’s tactics, techniques and procedures ...

Vidar Stealer 2.0 has been released, and the updated infostealer claims to offer improved performance with advanced credential stealing and evasion abilities, features that will necessitate even ...

Breathless news stories about a Gmail data breach began to appear online after media outlets misinterpreted a report about Gmail passwords stolen by infostealers. Urgent headlines like “Urgent alert ...