Security News

Filter by:

Microsoft Teams to Enforce Messaging Safety Defaults Starting January 2026

Microsoft is strengthening the security posture of enterprise collaboration by automatically enabling critical messaging safety features in Microsoft Teams. According to a new administrative update, the company will switch several protective settings to “On” by default starting January 12, 2026, affecting tenants who rely...
Cyber Security News 24 Dec 2025 13194 Views

Poisoned WhatsApp API package steals messages and accounts

And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts.…
The Register 23 Dec 2025 9583 Views

100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild

Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild. The vulnerability, tracked as CVE-2025-20393, currently has no...
Cyber Security News 21 Dec 2025 12578 Views

Amazon: Ongoing cryptomining campaign uses hacked AWS accounts

Amazon's AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for Identity and Access Management (IAM)....
Bleepingcomputer 18 Dec 2025 3609 Views

Sonicwall warns of new SMA1000 zero-day exploited in attacks

SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges....
Bleepingcomputer 18 Dec 2025 3537 Views

ZnDoor Malware Exploiting React2Shell Vulnerability to Compromise Network Devices

Since December 2025, a concerning trend has emerged across Japanese organizations as attackers exploit a critical vulnerability in React/Next.js applications. The vulnerability, tracked as CVE-2025-55182 and known as React2Shell, represents a remote code execution flaw attracting widespread exploitation...
Cyber Security News 16 Dec 2025 12907 Views

New DroidLock malware locks Android devices and demands a ransom

A new Android malware called DroidLock has emerged with capabilities to lock screens for ransom payments, erase data, access text messages, call logs, contacts, and audio data. [...]
Bleepingcomputer 11 Dec 2025 3719 Views

Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features

Cybersecurity researchers have disclosed details of two new Android malware families dubbed FvncBot and SeedSnatcher, as another upgraded version of ClayRat has been spotted in the wild...
The Hacker News 9 Dec 2025 3471 Views

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Multiple ransomware gangs are using a packer-as-a-service platform named Shanya to help them deploy payloads that disable endpoint detection and response solutions on victim systems...
Bleepingcomputer 9 Dec 2025 3700 Views

Scammers are poisoning AI search results to steer you straight into their traps - here's how

AI tools like Google AI Overview and Perplexity Comet are being tricked into suggesting scam support numbers.
ZDnet 9 Dec 2025 3701 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY