Canada’s cyber agency warns hacktivists breached critical infrastructure, altering industrial controls and risking public safety. The Canadian Centre for Cyber Security revealed that hacktivists have repeatedly breached systems of... Read more »

Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors,... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows,... Read more »

Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics human typing... Read more »

A new Mirai-based IoT botnet, dubbed Aisuru, was used to launch multiple high-impact DDoS attacks exceeding 20Tb/sec and/or 4gpps. In October 2025, the Aisuru Mirai-based IoT botnet launched massive... Read more »

Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected. Hackers breached Sweden’s state-owned power grid operator Svenska... Read more »

QNAP warns of critical ASP.NET flaw (CVE-2025-55315) in NetBak PC Agent, letting attackers hijack credentials or bypass security via HTTP smuggling. QNAP urges users to patch a critical ASP.NET... Read more »

Only 23% of ransomware victims paid in Q3 2025, the lowest ever, continuing a six-year decline in payment rates, Coveware reports. Cybersecurity firm Coveware reports that only 23% of... Read more »

X urges users with passkeys or YubiKeys to re-enroll 2FA by Nov 10, 2025, or risk account lockout. Re-enroll, switch 2FA, or disable it. Social media platform X is... Read more »