News

NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users
A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and ...
Play ransomware exploited Windows logging flaw in zero-day attacks
The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM ...
Doubling down: How Universal 2nd Factor (U2F) boosts online security
Passwords alone aren't cutting it—31% of breaches involve stolen credentials. Learn from Specops Software about how Universal ...
Medical device maker Masimo warns of cyberattack, manufacturing delays
Medical device company Masimo Corporation warns that a cyberattack is impacting production operations and causing delays in ...
CISA warns of hackers targeting critical oil infrastructure
CISA warned critical infrastructure organizations of "unsophisticated" threat actors actively targeting the U.S. oil and ...
Police takes down six DDoS-for-hire services, arrests admins
Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands ...
Microsoft: April updates cause Windows Server auth issues
Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain ...
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts
Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites.
Apache Parquet exploit tool detect servers vulnerable to critical flaw
A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as ...
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to ...
Why EASM is vital to modern digital risk protection
You can't protect what you can't see. From shadow IT to supplier risk, modern attack surfaces are sprawling fast — and ...
UK Legal Aid Agency investigates cybersecurity incident
The Legal Aid Agency (LAA), an executive agency of the UK's Ministry of Justice that oversees billions in legal funding, ...