A decisive ruling from a U.S. judge has mandated NSO Group to disclose its source code for the controversial Pegasus spyware to Meta Platforms. This legal maneuver is part of Meta’s ongoing litigation against the Israeli cybersecurity firm, aiming to hold it accountable for utilizing WhatsApp’s infrastructure to orchestrate mass…
John Keeble/Getty Images Stay in touch with ZDNET: Add us as a preferred source on Google. Key Takeaways from ZDNET Red Hat’s private GitLab repositories have been breached by hackers. Confidential information related to several Red Hat Consulting clients appears to have been compromised. The extent of this breach is…
Warning Issued Over Critical Vulnerability in VMware Avi Load Balancer Broadcom has announced a significant security vulnerability in VMware’s Avi Load Balancer, classified as high severity, which could potentially be exploited by malicious actors to gain unauthorized access to sensitive database information. The vulnerability is labeled CVE-2025-22217, with a CVSS…
The U.S. government has issued a security warning regarding the utilization of specialized malware by state-sponsored actors targeting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices. This advisory highlights the increasing sophistication of cyber threats against critical infrastructure. According to alerts from multiple U.S. agencies, including…
Data-Theft Attacks Compromise Organizations Amid Absence of July Patch Update Mathew J. Schwartz ( euroinfosec ) • October 3, 2025 Image: Shutterstock/ISMG Oracle has reported that its customers are under attack from data-seeking extortionists. While cybersecurity researchers and the software giant emphasize that no new zero-day vulnerabilities are being exploited,…
US Immigration Authorities Expand Social Media Surveillance Efforts In a significant expansion of their monitoring capabilities, U.S. immigration authorities are gearing up to enhance their social media surveillance. Plans are underway to recruit nearly 30 contractors to sift through online posts, photos, and messages, transforming this raw data into actionable…
Recently, a new and sophisticated DNS threat actor, identified as Savvy Seahorse, has emerged, adeptly exploiting various tactics to lure victims into fraudulent investment schemes. The primary modus operandi involves enticing individuals to register on false investment platforms, deposit funds into personal accounts, and then redirect those deposits to banks…
Renault Group UK has reported a data breach affecting the personal information of its customers following a cyber-attack on a third-party data processing partner. This incident underscores the ongoing threat that cyber-attacks pose to major corporations. In an official communication, the company confirmed that the attackers targeted its external data…
A serious security vulnerability has been identified in the open-source network monitoring and fault management tool, Cacti. This flaw poses a risk of remote code execution for authenticated users on affected installations. The issue has been assigned the identifier CVE-2025-22604 and has garnered a high CVSS score of 9.1 out…
