China-linked group APT41 impersonated a U.S. lawmaker in phishing attacks on government, think tanks, and academics tied to US-China trade and policy. Proofpoint observed China-linked cyber espionage group APT41... Read more »

Microsoft and Cloudflare disrupted the RaccoonO365 phishing service, used to steal thousands of user credentials. A joint operation conducted by Microsoft and Cloudflare has taken down the infrastructure used... Read more »

The U.S. Department of Justice (DoJ) resentenced the former administrator of the popular BreachForums hacking forum BreachForums to three years in prison. The U.S. DoJ resentenced the former BreachForums... Read more »

Apple announced it has backported patches for a recently addressed actively exploited vulnerability tracked as CVE-2025-43300. Apple has backported security patches released to address an actively exploited vulnerability tracked... Read more »

Researchers uncovered a new supply chain attack targeting the npm registry that impacted over 40 packages belonging to multiple maintainers. Security researchers at Socket uncovered a malicious update to... Read more »

Google found threat actors created a fake account in its Law Enforcement Request System (LERS) and shut it down. Google confirmed that threat actors gained access to its Law... Read more »

China-linked APT group Mustang Panda has been spotted using a new USB worm called SnakeDisk along with a new version of known malware China-linked APT group Mustang Panda (aka Hive0154, Camaro... Read more »

An ex-employee caused an insider breach at FinWise Bank, exposing data of 689,000 American First Finance customers. FinWise Bank is a Utah-based community bank, FDIC-insured, that partners with fintechs... Read more »

Crooks stole personal data of millions of Gucci, Balenciaga, and Alexander McQueen customers: parent firm Kering confirmed the breach. Hackers stole private data of millions of Gucci, Balenciaga, and... Read more »