Security News > 2025 > April

PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more! Infosec in brief Samsung has warned that some of its Galaxy devices...

Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. [...]

Brave has open-sourceed a new tool called "Cookiecrumbler," which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block those that won't...

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs MITRE has released the latest version of...

Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves...

The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. [...]

A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical patch" that adds a Wordpress backdoor to the site. [...]

Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like...

Infosec is a team sport … unless you're in the White House Opinion Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that...

What next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global future Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE)...