Google’s new AI assistant, Gemini, had some serious security holes — and researchers say hackers could’ve used them to sneak in, steal data, or manipulate the system in sneaky ways. The good news is: these flaws have been patched. Here’s what went wrong, how it could’ve been abused, and what it means for you. What […]
A serious new security flaw has been uncovered in VMware software, and reports show that hackers linked to China have been quietly using it since October of last year. This issue affects several VMware products used by businesses around the world, including tools for managing virtual machines and cloud platforms. What’s the Problem? The flaw […]
A massive ad-fraud operation called SlopAds was found operating through 224 Android apps, which together were downloaded 38 million times across 228 countries and territories. The apps inflated ad impressions and clicks using hidden techniques, sending about 2.3 billion bid requests every day at its peak. The apps carried out this fraud in a stealthy […]
The Akira ransomware group has ramped up its attacks on SonicWall devices, exploiting a critical SSL VPN vulnerability and misconfigurations to gain unauthorized access. Security researchers have observed a surge in intrusions linked to SonicWall firewalls since late July 2025, particularly involving the flaw designated CVE-2024-40766, which scored 9.3 in severity. This issue stemmed from […]
Cybersecurity researchers have linked a new wave of attacks on financial institutions to the notorious group known as Scattered Spider, contradicting their earlier statements that they were disbanding. The group has shifted its focus toward the financial services industry, creating look-alike domains aimed at organizations in that sector, and launching a recent targeted intrusion against […]
In a joint operation, Microsoft’s Digital Crimes Unit and Cloudflare have dismantled RaccoonO365, a phishing-as-a-service (PhaaS) network, by seizing 338 domains tied to the toolkit. The network had been used to steal over 5,000 Microsoft 365 credentials across 94 countries since July 2024. The action was enabled by a court order from the Southern District […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two serious security problems—one in WhatsApp and another in a TP-Link Wi-Fi device—to its Known Exploited Vulnerabilities list. When a flaw makes this list, it means hackers have already taken advantage of it in real-world attacks, so quick action is needed to protect against further […]
Cloudflare recently stopped one of the largest cyberattacks ever recorded, which reached a peak of 11.5 terabits per second (Tbps). The attack used a flood of data traffic to overwhelm systems but lasted only about 35 seconds before Cloudflare’s defenses automatically kicked in and shut it down. The company explained that its systems have been […]
A group of hackers linked to Iran recently carried out a worldwide email attack aimed at embassies and diplomatic offices. These cybercriminals sent fake emails designed to look like official diplomatic messages, tricking recipients into opening a harmful document disguised as a Microsoft Word file. The troubling part? When the document was opened, it prompted […]
Google has released a major security update for Android phones that fixes more than 120 different issues. Two of these problems were especially serious because hackers had already found ways to use them in real attacks before the fixes were available. These flaws made it possible for attackers to take control of parts of the […]