Security News > 2025

The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024...

Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented workflows, manual...

10 other certificates 'were mis-issued and have now been revoked' Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without...

Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as...

It's now hitting govt, enterprise targets On March 11 - Patch Tuesday - Microsoft rolled out its usual buffet of bug fixes. Just eight days later, miscreants had weaponized one of the...

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting...

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. [...]

A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active...

A large-scale ad fraud operation called 'Scallywag' is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests. [...]

In this comparison between Bitwarden and LastPass, we explore their features, security, ease of use and pricing. Find out which password manager is best for you.