Criminal Proxy Network Compromises Thousands of IoT Devices
A criminal proxy network has been identified as infecting thousands of Internet of Things (IoT) and end-of-life (EoL) devices, repurposing them into a substantial botnet that facilitates anonymity for…

Addressing the Persistence Challenge: Understanding the Issue of Exposed Credentials and Strategies for Remediation
Detecting leaked credentials is only half the battle; the real challenge lies in what happens after detection. Recent research highlights a troubling trend: a significant majority of exposed company…

Windows 11 Upgrade Restrictions Removed Following Resolution of Safe Exam Browser Issues
Microsoft has removed the upgrade restriction that previously prevented certain users of Safe Exam Browser from upgrading to the Windows 11 2024 Update due to compatibility issues.

Safe Exam…

Roblox Lawsuit Alleges Covert Tracking for Monetization of Children’s Data
Roblox Corporation is facing a class-action lawsuit that alleges the company has engaged in the unauthorized tracking of children’s personal data. The lawsuit accuses Roblox of violating various privacy…

#2025 Security Summit: Experts to Illuminate Vendor Supply Chain Resilience
The vendor supply chain comprises a complex ecosystem of hundreds, if not thousands, of third-party suppliers, presenting significant cybersecurity challenges for organizations. Recent data indicates that an alarming 50%…

Turkey-Based Cyber Actors Exploit Output Messenger Zero-Day Vulnerability to Deploy Golang Backdoors on Kurdish Infrastructure
A Türkiye-affiliated threat actor has leveraged a zero-day security vulnerability in an Indian enterprise communication platform, Output Messenger, in a cyber espionage campaign that began in April 2024.

Microsoft’s…

Emerging ClickFix Attacks on Linux Systems Under Investigation by Cybersecurity Experts
A recent campaign utilizing ClickFix attacks has been identified, specifically targeting Linux systems alongside traditional Windows environments. ClickFix represents a social engineering method that exploits false verification systems or…

Strategies for Enhancing Digital Efficiency in Information Security
Optimizing online productivity has become increasingly vital across various professional sectors. As individuals seek to enhance efficiency in their work processes, several strategies can be implemented to maximize output.…

UK Considers New Enterprise IoT Security Legislation
The UK government has initiated a Call for Views in response to a newly released study highlighting significant security vulnerabilities within enterprise Internet of Things (IoT) products. This initiative…

Mitigating Deepfake Threats in the Era of Artificial Intelligence
The cybersecurity landscape has undergone significant transformation due to the emergence of generative AI technologies. Adversaries are increasingly employing large language models (LLMs) to impersonate trusted entities and automate…

Exploitation of Output Messenger Vulnerability as Zero-Day in Advanced Espionage Campaigns
A Türkiye-backed cyber-espionage group has effectively exploited a zero-day vulnerability in Output Messenger, targeting users connected to the Kurdish military in Iraq. This vulnerability, identified as CVE-2025-27920, pertains to…

Arrest of Suspect in €4.5 Million Ransomware Attack Targeting Dutch Research Institution by Moldovan Authorities
Moldovan law enforcement authorities have taken into custody a 45-year-old foreign national suspected of orchestrating multiple ransomware attacks against Dutch enterprises in 2021. According to official statements, this individual…

CISA Implements New Alert Distribution Strategy via Email and Social Media
The US Cybersecurity and Infrastructure Security Agency (CISA) has implemented a notable change in its distribution strategy for cybersecurity alerts. Moving forward, standard update announcements will no longer be…

China-Linked Advanced Persistent Threats Exploit SAP Vulnerability CVE-2025-31324 to Compromise 581 Critical Systems Globally
A recently identified critical security vulnerability affecting SAP NetWeaver is currently being exploited by various nation-state actors with ties to China, posing a significant threat to essential infrastructure networks.…

Ivanti Addresses Critical EPMM Zero-Day Vulnerabilities Exploited in Code Execution Attacks
Ivanti has alerted its clientele regarding critical security vulnerabilities identified in the Ivanti Endpoint Manager Mobile (EPMM) software, emphasizing the urgency of applying patches to mitigate risks associated with…

Turkey-Aligned Hackers Exploit Zero-Day Vulnerability to Target Iraqi Kurdish Entities
A cyber threat actor, believed to have connections with Turkish governmental interests, has been detected exploiting unpatched user accounts affected by a vulnerability (CVE-2025-27920) in Output Messenger, a multiplatform…

Zoom Addresses Critical Vulnerability in Recent Update
Zoom has addressed several security vulnerabilities within its Workplace Apps, including a particularly high-risk flaw. The company is urging users to promptly update their applications to mitigate potential risks…

International Cybercrime Addressed: Amsterdam Police and FBI Successfully Neutralize Proxy Service Anyproxy
In a significant international operation, law enforcement authorities from Amsterdam, in collaboration with the Public Prosecution Service and the U.S. Federal Bureau of Investigation (FBI), have successfully dismantled the…

Compromised PyPI Package Imitating Solana Tool Leads to Source Code Exfiltration in 761 Instances
Cybersecurity researchers have identified a malicious package within the Python Package Index (PyPI) repository, masquerading as an application related to the Solana blockchain. This package, termed solana-token, has been…

SAP Addresses Second Zero-Day Vulnerability Targeted in Recent Attack Campaigns
SAP has released critical security patches to address a second vulnerability that has been exploited in recent attacks targeting SAP NetWeaver servers. The new vulnerability, identified as CVE-2025-42999, was…