News

Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ...
Hackers plant 4G Raspberry Pi on bank network in failed ATM heist
The UNC2891 hacking group, also known as LightBasin, used a 4G-equipped Raspberry Pi hidden in a bank's network to bypass ...
Apple patches security flaw exploited in Chrome zero-day attacks
Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks ...
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Lenovo is warning about high-severity BIOS flaws that could allow attackers to potentially bypass Secure Boot in all-in-one desktop PC models that use customized Insyde UEFI (Unified Extensible ...
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
AI is reshaping vCISO services—and SMBs are fueling the surge. Cynomi's 2025 report shows 3x adoption growth and major ...
Minnesota activates National Guard after St. Paul cyberattack
Minnesota Governor Tim Walz has activated the National Guard in response to a crippling cyberattack that struck the City of ...
Russian airline Aeroflot grounds dozens of flights after cyberattack
Aeroflot, Russia's flag carrier, has suffered a cyberattack that resulted in the cancellation of more than 60 flights and ...
Microsoft Edge now an 'AI-powered browser' with Copilot Mode
Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser ...
French telecom giant Orange discloses cyberattack
Orange, a French telecommunications company and one of the world's largest telecom operators, revealed that it detected a breached system on its network on Friday.
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
FBI Dallas has seized almost 23 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked ...
How attackers are still phishing "phishing-resistant" authentication
Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth ...
Lovense sex toy app flaw leaks private user email addresses
The connected sex toy platform Lovense is vulnerable to a zero-day flaw that allows an attacker to get access to a member's email address simply by knowing their username, putting them at risk of ...