UK ramps up ransomware fightback with supply chain security guide
The UK government has released new anti-ransomware guidance designed to address the weaknesses in supply chains that have been the ultimate source of several of…
Month: October 2025
Ransomware Attacks Have Soared This Year
Ransomware attacks have soared 50% in 2025 despite major changes among the leading ransomware groups, according to a new Cyble report. Through October 21, there…
Financial services tech leaders tackle agentic AI governance
The proliferation of autonomous systems and tools is changing the risk management landscape for financial services companies, according to technology leaders speaking Thursday during the…
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain to Deploy StealerBot Malware
The SideWinder advanced persistent threat group has emerged with a sophisticated new attack methodology that leverages ClickOnce applications to deploy StealerBot malware against diplomatic and…
New RedTiger Tool Targets Gamers and Discord Accounts in the Wild
Gamers face a growing threat from cybercriminals exploiting popular gaming and communication platforms. A dangerous infostealer called RedTiger is now actively circulating in the wild,…
Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation
Oct 24, 2025Ravie LakshmananVulnerability / Network Security Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with…
Researchers warn of critical flaws in TP-Link routers
Critical flaws in TP-Link Omada and Festa VPN routers could allow attackers to take control of a device, according to a report released Thursday from…
National cyber director says U.S. needs to counter Chinese surveillance, push American tech
The United States needs to counter China’s “attempt to export a surveillance state across planet Earth,” and instead push a “clean American tech stack” globally,…
Scammers use fake courier messages to steal Hong Kong bank details from victims
Two people have fallen victim to scammers who impersonated courier workers and sent fake text messages to steal bank account information in Hong Kong, with…
Critical WSUS flaw in Windows Server now exploited in attacks
Attackers are now exploiting a critical-severity Windows Server Update Service (WSUS) vulnerability, which already has publicly available proof-of-concept exploit code. Tracked as CVE-2025-59287, this remote…
WhatsApp Exploit Privately Disclosed To Meta At The Pwn2Own Ireland
At Pwn2Own Ireland 2025 hacking competition, cybersecurity researchers from Team Z3 have withdrawn their high-stakes demonstration of a potential zero-click remote code execution (RCE) vulnerability…
Google Warns of Cybercriminals Using Fake Job Postings to Spread Malware and Steal Credentials
Google’s Threat Intelligence Group (GTIG) has uncovered a sophisticated social engineering campaign orchestrated by financially motivated threat actors based in Vietnam. The ultimate objective is…