The operators of the Phishing-as-a-Service (PhaaS) platform Tycoon2FA have rolled out significant updates to enhance its evasion capabilities. Tycoon2FA, a phishing kit discovered in 2023 by cybersecurity firm Sekoia,... Read more »

Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. Cell C is the fourth-largest mobile network operator in South... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware... Read more »

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S.... Read more »

Fortinet warns attackers can keep read-only access to FortiGate devices even after the original vulnerability is patched. Fortinet warns that threat actors can retain read-only access to FortiGate devices... Read more »

Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure. Threat actors are exploiting a recently discovered vulnerability, tracked as CVE-2025-3102 (CVSS score of 8.1) in the... Read more »

Laboratory Services Cooperative discloses a data breach from October 2024 that exposed personal and medical info of 1.6 million individuals. Laboratory Services Cooperative disclosed a data breach that impacted... Read more »

Experts warn of brute-force login attempts on PAN-OS GlobalProtect gateways following increased scanning activity on its devices. Palo Alto Networks reports brute-force login attempts on PAN-OS GlobalProtect gateways. The... Read more »