Ransomware attacks soared 30% in October to the second-highest total on record, Cyble reported today. The 623 ransomware attacks recorded in October were second only to February 2025’s record attacks, ...

The Government of India’s Department of Pension & Pensioners’ Welfare (DoPPW) has launched the Digital Life Certificate (DLC) Campaign 4.0, a national drive to make pension services more accessible ...

A new vulnerability scoring system has just been announced. The initiative, called the AI Vulnerability Scoring System (AIVSS), aims to fill the gaps left by traditional models such as the Common ...

The Attorneys General of California, Connecticut, and New York have announced a $5.1 million settlement with Illuminate Education, Inc., an educational technology company, for failing to adequately ...

AI malware may be in the early stages of development, but it’s already being detected in cyberattacks, according to new research published this week. Google researchers looked at five AI-enabled ...

China claims it has “irrefutable evidence” that the U.S. National Security Agency (NSA) launched a two-year cyberattack campaign on China’s National Time Service Center (NTSC). In a WeChat post, China ...

A newly identified loader dubbed “Caminho” (Portuguese for “path”) has emerged as a sophisticated Loader-as-a-Service platform that uses Least Significant Bit (LSB) steganography to conceal malicious ...

Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics team said it blocked ...

Vidar Stealer 2.0 has been released, and the updated infostealer claims to offer improved performance with advanced credential stealing and evasion abilities, features that will necessitate even ...

Ransomware attacks have soared 50% in 2025 despite major changes among the leading ransomware groups, according to a new Cyble report. Through October 21, there have been 5,010 ransomware attacks ...

The name said it all: DroneEXEHijackingLoader.dll. That internal file name, buried in malicious code delivered to three European defense contractors, revealed what security researchers now believe ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five CVEs to its Known Exploited Vulnerabilities (KEV) catalog today, including Microsoft, Apple and Oracle vulnerabilities. CISA ...