U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

“Brash” flaw in Chromium’s Blink engine lets attackers crash browsers instantly via a single malicious URL, researcher Jose Pino revealed. Security researcher Jose Pino found a severe vulnerability, named... Read more »

Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter... Read more »

Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and... Read more »

Canada’s cyber agency warns hacktivists breached critical infrastructure, altering industrial controls and risking public safety. The Canadian Centre for Cyber Security revealed that hacktivists have repeatedly breached systems of... Read more »

Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors,... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows,... Read more »

Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics human typing... Read more »

A new Mirai-based IoT botnet, dubbed Aisuru, was used to launch multiple high-impact DDoS attacks exceeding 20Tb/sec and/or 4gpps. In October 2025, the Aisuru Mirai-based IoT botnet launched massive... Read more »