API Attack Awareness: Broken Object Level Authorization (BOLA)
For this Cybersecurity Awareness Month, we thought it important to draw attention to some of the most common and dangerous API vulnerabilities. This week, we’re…
Latest Cybersecurity News — Page 1536
View all →
Android spyware campaigns impersonate Signal and ToTok messengers
Two new spyware campaigns that researchers call ProSpy and ToSpy lured Android users with fake upgrades or plugins for the Signal and ToTok messaging apps…
Malicious ZIP Files Use Windows Shortcuts to Drop Malware
A new wave of phishing attacks has been detected by the cybersecurity research firm, Blackpoint Cyber, that is exploiting users’ trust in sensitive documents. This…
Cybercriminals Claim Theft of Data From Oracle E-Business Suite Customers
A significant number of organizations have received extortion emails from hackers who claim to have stolen sensitive information from their Oracle E-Business Suite instances, Google’s…
Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro
Cybersecurity researchers have discovered two Android spyware campaigns dubbed ProSpy and ToSpy that impersonate apps like Signal and ToTok to target users in the United…
Zania Raises $18 Million for AI-Powered GRC Platform
AI-powered security governance, risk, and compliance (GRC) startup Zania has announced raising $18 million in a Series A funding round that brings the total raised…
Red Hat Data Breach – Threat Actors Claim Breach of 28K Private GitHub Repositories
An extortion group known as the Crimson Collective claims to have breached Red Hat’s private GitHub repositories, making off with nearly 570GB of compressed data…
Termix Docker Image Leaking SSH Credentials (CVE-2025-59951)
A critical vulnerability in the official Termix Docker image puts users at risk of exposing sensitive SSH credentials. The flaw allows anyone with network access…
Navigating the AI Era Threat
Ransomware has evolved from a niche hacker tactic into a mainstream threat, and small businesses are increasingly in the crosshairs. While large enterprises have resources…
ProSpy and ToSpy: New spyware families impersonating secure messaging apps
ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the…
Sendit tricked kids, harvested their data, and faked messages, FTC claims
The Federal Trade Commission (FTC) has sued Sendit’s parent company, saying it signed up children under 13, collected their personal data, and misled them with…
Chrome Security Update – Patch for 21 Vulnerabilities that Allows Attackers to Crash Browser
Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers and potentially execute malicious code.…