Security News > 2025 > April

The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. [...]

A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical patch" that adds a Wordpress backdoor to the site. [...]

Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like...

Infosec is a team sport … unless you're in the White House Opinion Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that...

What next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global future Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE)...

Microsoft has confirmed that Windows Recall is rolling out to everyone with Windows 11 KB5055627 on Copilot+ PCs. [...]

Text “SQUID” to 1-833-SCI-TEXT for daily squid facts. The website has merch. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

​​Microsoft has released the KB5055627 preview cumulative update for Windows 11 24H2 with many new features gradually rolling out, and some new bug fixes for everyone. [...]

Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. [...]

GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures Ivanti VPN users should stay alert as IP scanning for the vendor's Connect Secure and Pulse Secure...