The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two serious security problems—one in WhatsApp and another in a TP-Link Wi-Fi device—to its Known Exploited Vulnerabilities list. When a flaw makes this list, it means hackers have already taken advantage of it in real-world attacks, so quick action is needed to protect against further […]
Cloudflare recently stopped one of the largest cyberattacks ever recorded, which reached a peak of 11.5 terabits per second (Tbps). The attack used a flood of data traffic to overwhelm systems but lasted only about 35 seconds before Cloudflare’s defenses automatically kicked in and shut it down. The company explained that its systems have been […]
A group of hackers linked to Iran recently carried out a worldwide email attack aimed at embassies and diplomatic offices. These cybercriminals sent fake emails designed to look like official diplomatic messages, tricking recipients into opening a harmful document disguised as a Microsoft Word file. The troubling part? When the document was opened, it prompted […]
Google has released a major security update for Android phones that fixes more than 120 different issues. Two of these problems were especially serious because hackers had already found ways to use them in real attacks before the fixes were available. These flaws made it possible for attackers to take control of parts of the […]
Security researchers have discovered that hackers are taking advantage of a flaw in Microsoft Windows, identified as CVE-2025-29824, to secretly install malware on victims’ computers. The malware, called PipeMagic, has been linked to ransomware attacks known as RansomExx, which can lock people out of their files until a ransom is paid. The attackers tricked users […]
A new wave of Android malware is targeting banking customers, starting in Brazil, with a malicious app called PhantomCard. The app is disguised as a card protection tool and is promoted through fake Google Play pages that even include phony positive reviews to make it appear trustworthy. Once installed, the app asks users to place […]
Cybersecurity experts have uncovered a dangerous new prompt injection method known as PromptFix, designed to fool AI-powered browsers into executing malicious actions—without the user realizing it. By embedding hidden harmful instructions within a fake CAPTCHA on a webpage, PromptFix manipulates AI browsers like Perplexity’s Comet—tools intended to streamline tasks such as online shopping or email […]
In August 2025, the United Kingdom backed away from a controversial demand that Apple weaken its encryption to give government agencies access to protected user data. The request, made under the Investigatory Powers Act of 2016, called for Apple to build a hidden “backdoor” into iCloud. Such a move would have allowed authorities to bypass […]
Cybersecurity researchers have uncovered a dangerous scam where hackers are pretending to be well-known companies in order to steal people’s information and take over their Microsoft 365 accounts. These hackers are using fake apps that look like legitimate Microsoft apps, tricking users into giving them access to their accounts. The scam works by sending fake […]
Cybersecurity researchers have uncovered a widespread scam targeting TikTok Shop users worldwide. The campaign, which aims to steal personal credentials and distribute malicious apps, is using a combination of phishing and malware attacks. The campaign, named FraudOnTok, was detailed by CTM360, a cybersecurity company based in Bahrain. The attack targets users by creating fake versions […]