Google Rolling Out Privacy Sandbox Beta on Android 13 Devices

Google announced on Tuesday that it’s officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running Android 13. “The Privacy Sandbox Beta provides new APIs that are... Read more »

AdSense fraud campaign relies on 10,890 sites that were infected since September 2022

The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge... Read more »

Massive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites Infected

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites.... Read more »

Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad

Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The tech giant’s Security Intelligence team is tracking the... Read more »

CyberFlex: Flexible Pen testing as a Service with EASM

About CyberFlex CyberFlex is an Outpost24 solution that combines the strengths of its Pen-testing-as-a-Service (PTaaS) and External Attack Surface Management (EASM) solutions. Customers benefit from continuous coverage of their entire... Read more »

Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)

Google has provided fixes for over 100 Android vulnerabilities, including CVE-2025-48543 and CVE-2025-38352, which “may be under limited, targeted exploitation.” Among the fixed flaws is also CVE-2025-48539, a critical... Read more »

LinkedIn expands company verification, mandates workplace checks for certain roles

LinkedIn is rolling out new verification rules to make it easier to confirm that people and companies are who they claim to be. The company will now require workplace... Read more »

macOS vulnerability allowed Keychain and iOS app decryption without a password

Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) enabled. The issue,... Read more »

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandiant has revealed. About... Read more »

Severe Hikvision HikCentral product flaws: What You Need to Know

Hikvision HikCentral flaw allows unauthenticated users to gain admin rights, risking full control over configs, logs, and critical monitoring. Security researchers warn of three vulnerabilities impacting Hikvision HikCentral, which... Read more »

Build Practical Cyber Defense Skills with This 5-Course Bundle

Train in AI threat detection, OSINT tools, and Zero Trust security models with lifetime access for just $19.99. Read more »

Is a Recent Windows Update Responsible for SSD Failures? Microsoft Has an Answer

A rash of SSD failures have prompted some users to blame a recent Windows Update. Microsoft insist the problem is not its fault. Read more »

New threat group uses custom tools to hijack search results

ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, and the... Read more »

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link Archer... Read more »
Subscribe to our Newsletter