DWP review of Post Office worker prosecutions yet to start, months after announcement
The Department for Work and Pensions (DWP) has yet to formally launch its review of prosecutions of subpostmasters, despite it being announced in August 2025,…
Latest Cybersecurity News — Page 529
View all →
Why Active Directory password resets are surging in hybrid work
Back when everyone worked in the office, password resets were annoying but manageable. If someone forgot their credentials, they walked down the hall to IT…
Malicious PyPI Package Mimic as Popular Sympy-Dev to Attack Millions of Users
A new malicious package on the Python Package Index (PyPI), named sympy-dev, has been caught impersonating the widely used SymPy library to deliver cryptomining malware. SymPy…
New Osiris Ransomware Leverages Living Off the Land and Dual-Use Tools in Attacks
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky…
Obsidian Security unveils end-to-end SaaS supply chain security to stop integration-led breaches
Obsidian Security announced end-to-end SaaS supply chain security solution, empowering organizations to monitor, control and contain the security risk hiding inside interconnected SaaS ecosystems. Companies…
Sportswear firm Under Armour falls victim to data breach
Customers of US-based sportswear giant Under Armour have been warned to be on high alert after details of approximately 72.7 million shoppers appeared online this…
Microsoft updates Notepad and Paint with more AI features
Microsoft is rolling out new artificial intelligence features with the latest updates to the Notepad and Paint apps for Windows 11 Insiders. These changes are…
New ClickFix Campaign Hijacks Facebook Sessions Using Fake Verification Pages
Attackers have launched a widespread campaign called ClickFix that steals Facebook account credentials by tricking users into handing over their session tokens. Rather than using…
ClearFake malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature
A sophisticated evolution of the ClearFake malware campaign has emerged, deploying advanced evasion techniques that abuse legitimate Windows components to bypass endpoint detection systems. The…
Top 10 Ransomware Attacks Over The Past Year
In 2025, ransomware moved beyond isolated IT incidents and became a systemic risk, capable of disrupting national supply chains, critical services, and entire industries. This…
Fake LastPass maintenance emails target users
The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has published a warning about an active phishing campaign in which fake “maintenance” emails pressure users…
Critical Vivotek Vulnerability Allows Remote Users to Inject Arbitrary Code
A critical remote code injection vulnerability in Vivotek legacy firmware that enables unauthenticated attackers to execute arbitrary commands with root privileges. The vulnerability, tracked as…