Google released a critical security update for its Chrome browser on May 21, patching eight vulnerabilities—including a high-severity flaw that could enable remote code execution. The most pressing issue, tracked as CVE-2025-5063, is a “use-after-free” vulnerability in Chrome’s Compositing system, which could allow attackers to run malicious code by luring users to compromised websites. The […]
Ireland’s Data Protection Commission (DPC) has approved Meta’s plans to use data from European Union users to train its artificial intelligence systems, clearing a regulatory hurdle for the tech giant. The decision marks a significant step forward in Meta’s ambitions to develop AI capabilities using data sourced from its platforms across the EU. However, the […]
EC-Council has secured reaccreditation from the United Kingdom’s National Cyber Security Centre (NCSC), reaffirming the credibility of five of its cybersecurity certification programs. The renewed endorsement strengthens EC-Council’s standing in the global cybersecurity training landscape, particularly within professional and government sectors that rely on recognized qualifications to meet industry standards. The reaccreditation ensures that EC-Council’s […]
An ongoing international crackdown on cybercrime has resulted in the takedown of 300 domains linked to ransomware activity, according to an announcement from authorities leading the effort. Dubbed Operation Endgame, the initiative targets key infrastructure used by cybercriminals to orchestrate and deploy ransomware campaigns across global networks. The seized domains were reportedly central to the […]
Global law enforcement agencies and technology firms have coordinated an international operation to disrupt Lumma, a widely used infostealer favored by cybercriminal gangs. Authorities from the United States, Europe, and Japan executed the takedown with support from major tech companies, including Microsoft and Cloudflare. Lumma has been identified as a prevalent tool in the cybercrime […]
A newly identified threat actor known as “Hazy Hawk” is exploiting misconfigured Domain Name System (DNS) records to hijack subdomains tied to abandoned cloud services, according to researchers at Infoblox. Active since at least December 2023, Hazy Hawk targets high-profile organizations—including government agencies, Fortune 500 companies, and universities—by leveraging a technique called CNAME hijacking. The […]
Cybercriminals are exploiting Facebook’s advertising platform to lure users into downloading remote access trojan (RAT) malware via counterfeit Kling AI pages, targeting over 22 million potential victims. The campaign uses fake Facebook pages and sponsored ads that mimic the branding of Kling AI, a synthetic media tool launched in June 2024 by Kuaishou Technology. Unsuspecting […]
A newly uncovered malware campaign is targeting mobile users through Progressive Web Applications (PWAs), exploiting browser protections and JavaScript to evade detection. Discovered by researchers at Cside.dev, the attack originates from China and leverages compromised Chinese-language novel websites to inject malicious code that activates only on mobile devices. The attack chain begins with users visiting […]
Nova Scotia Power has confirmed that a recent cybersecurity incident was the result of a ransomware attack, acknowledging the breach after weeks of investigation. The utility company, which provides electricity across the Canadian province, stated that while its systems were compromised, it has not paid any ransom to the attackers. As part of the fallout […]
Several major Russian government services experienced widespread disruptions, with indications pointing to a cyberattack as the potential cause. Internet monitoring platforms detected outages affecting the country’s tax service and Saby, a platform used for managing secure digital keys and official documents. The disruptions, which began earlier this week, appear to be ongoing, according to technical […]
Ivanti is facing continued scrutiny as remote code execution (RCE) attacks targeting its software remain active, with recent exploitation efforts extending into cloud environments. The vulnerabilities appear to stem from insecure code within Ivanti’s security suite, raising concerns over the reliability of tools designed to protect enterprise systems. The ongoing nature of the attacks suggests […]
Russian disinformation campaigns are intensifying in Poland and Romania as voters head to the polls for presidential elections, according to local authorities. Officials from both countries report a surge in activity linked to the Kremlin-backed influence network known as Doppelgänger. The disinformation effort appears designed to sway public opinion and disrupt the electoral process, with […]