A significant security vulnerability, identified as a cross-site scripting (XSS) flaw, has been exploited in a widely-used virtual tour framework, allowing cybercriminals to inject harmful scripts into hundreds of websites. This malicious activity aims to manipulate search results and promote…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported the addition of two critical vulnerabilities to its Known Exploited Vulnerabilities Catalog, both linked to severe weaknesses within Zimbra Collaboration software. These flaws have shown substantial evidence of active…
Fraud Management & Cybercrime, Ransomware Service Disruptions Persist at Major European Airports Following Recent Cyberattack Akshaya Asokan (asokan_akshaya) • September 22, 2025 Flight cancellations at Brussels International Airport on May 4, 2010. (Image: Shutterstock) In a significant cyber incident categorized…
Credential Stealer Targets LastPass Users via Malicious Ads Recent reports have surfaced regarding a cybersecurity threat involving malicious advertisements that impersonate various online services, with a particular focus on users of the LastPass password manager. Security firms have alerted the…
Recent investigations have unveiled a serious vulnerability within Google’s “Sign in with Google” authentication system, which can be exploited through a peculiar loophole in domain ownership. This flaw potentially allows unauthorized users to access sensitive data associated with former employees…
Stellantis, the multinational automotive corporation behind brands such as Citroën, FIAT, Jeep, Chrysler, and Peugeot, has disclosed a data breach impacting its North American customers. This incident highlights significant vulnerabilities in third-party service provider networks associated with customer service operations.…
Recent investigations have unveiled that cybercriminals have exploited a critical vulnerability in the BioNTdrv.sys driver of Paragon Partition Manager, leveraging it in ransomware attacks to escalate privileges and execute unauthorized code. This significant zero-day vulnerability, classified as CVE-2025-0289, is part…
Recent investigations by cybersecurity firms SEKOIA and Trend Micro have uncovered a new campaign led by the Chinese threat actor known as Lucky Mouse. This operation involves deploying a compromised version of the MiMi chat application, which serves as a…
Recent revelations highlight a critical vulnerability within the healthcare sector, where millions of medical devices are at risk due to inadequate security measures, including default credentials and weak passwords. Soufian El Yadmani, CEO and co-founder of Modat, shared insights from…
In the wake of a recent cyberattack, a group on Telegram known as Scattered Lapsus$ Hunters has claimed responsibility for the incident. This group appears to represent a coalition of several hacking collectives, including Scattered Spider, Lapsus$, and Shiny Hunters,…
