Security News > 2025 > April

Rise in accessible AI tools significantly lowered the barrier to entry for cyber attackers, enabling them to create and deploy malicious bots at scale, according to Thales. Automated bot traffic...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog,...

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. [...]

Entertainment venue management firm Legends International warns it suffered a data breach in November 2024, which has impacted employees and people who visited venues under its management. [...]

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. [...]

Illegitimi non carborundum? Nice password, Mr Ex-CISA Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from...

In a presentation delivered this month by the European Commission, a meeting etiquette slide stated “No AI Agents are allowed.”

A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing...

Discord is testing the feature: “We’re currently running tests in select regions to age-gate access to certain spaces or user settings,” a spokesperson for Discord said in a statement. “The...

Find out the specifics of these iOS and macOS vulnerabilities, as well as which Apple devices were impacted.