TikTok forms a joint venture named TikTok USDS Joint Venture LLC to maintain its presence in the United States, the company said Friday. The move complies with an executive order signed in September 2025 that outlines new operating conditions for foreign-owned apps in the U.S., according to the platform. The announcement comes amid continued scrutiny […]
Under Armour probes a data breach that exposed the email addresses and personal information of millions of customers. The Baltimore-based athletic apparel company is currently investigating the incident, which reportedly compromised data belonging to 72 million individuals. According to preliminary findings, the intrusion occurred in late 2023. Security analysts say the exposed data includes email […]
Marlink Cyber exposes an ISC flaw in BIND that could disrupt critical infrastructure by taking DNS services offline, potentially causing widespread outages across internet-dependent systems. The vulnerability targets BIND, the widely used Domain Name System software that underpins much of the internet’s core functionality. If exploited, the flaw could prevent DNS servers from resolving addresses, […]
A newly emerged threat known as the Osiris ransomware struck a major Southeast Asian food service company in November 2025, leveraging a blend of built-in system utilities and dual-use tools. Cybersecurity researchers identified the malware as unrelated to a similarly named 2016 variant, highlighting its distinct and advanced nature. The attackers combined common Windows tools […]
The EU Commission proposes a revised Cybersecurity Act aimed at strengthening Europe’s cyber resilience and securing its information and communication technology supply chains. The update reflects growing concerns over digital infrastructure vulnerabilities and the increasing sophistication of cyberattacks targeting European markets and essential services. The proposed changes seek to expand the role of the European […]
In a decisive step to tighten control over its digital infrastructure, the EU moves to revise its cybersecurity rules to reduce reliance on high-risk suppliers. A draft proposal released Tuesday outlines updates to the EU’s Cybersecurity Act and the Network Information Systems Directive. If adopted, the changes would require member states to gradually eliminate the […]
A European cybersecurity group has unveiled a major shift in how software flaws are cataloged as the GCVE launches a decentralized vulnerability system. This new system departs from traditional centralized databases, offering a more distributed method to identify and assign numbers to security vulnerabilities. The innovation could dramatically reshape how developers, researchers and organizations track […]
The open-source tool Orval, used by developers to generate type-safe clients from OpenAPI specifications, has been hit by a vulnerability that experts rate as critical. According to a security alert published earlier today, the flaw allows for potential code injection and carries a CVSS score of 9.3, indicating severe risk. Security researchers have linked the […]
A widespread spam campaign is exploiting vulnerable helpdesk systems, with Zendesk tickets hijacked to send out floods of unwanted emails globally. Victims have reported receiving hundreds of messages through compromised support channels. The emails arrive with strange, sometimes alarming subject lines, raising concerns about potential phishing or malware distribution. Security researchers say the spam appears […]
MITRE unveils ESTM 3.0, a cybersecurity framework designed to strengthen protections for embedded systems used across critical infrastructure sectors. The latest version of the Embedded System Security Technical Mitigations (ESTM) framework introduces updated guidelines aimed at addressing evolving cyber threats, particularly in environments such as energy, transportation, and manufacturing. The 3.0 release offers enhanced capabilities […]
Hackers are actively exploiting a Cisco Unified CM zero-day vulnerability that allows remote code execution without authentication, prompting the company to release an urgent security fix. Identified as CVE-2026-20045, the flaw affects Cisco’s communication platform and poses a critical risk to organizations relying on the software for enterprise connectivity. The company issued patches to address […]
The European Union is preparing a major cybersecurity overhaul that would require telecom operators to exclude high-risk foreign suppliers from core infrastructure. This legislative proposal, introduced by the European Commission, aims to fortify the EU’s digital defenses amid growing threats from state-sponsored hackers and cybercriminals targeting critical services. Under the new plan, member states must […]