A serious security flaw was recently discovered in Microsoft Office, and hackers moved extremely fast to exploit it. Within just three days of Microsoft releasing a fix, Russian-linked cyber attackers began using the bug in real-world attacks. This incident highlights how quickly cyber threats can evolve once a vulnerability becomes public. It also shows the … Continued
Notepad++, a widely used open-source text editor, was recently affected by a serious cybersecurity incident. Investigators confirmed that the attack targeted the hosting infrastructure used to distribute software updates. The breach has been linked to a China-associated hacking group known as Lotus Blossom. The software itself was not exploited directly. The attack took place over … Continued
Mozilla has announced a new update for its Firefox browser that gives users more control over generative AI features. With the upcoming Firefox 148 release, users will be able to turn off all AI-powered tools using a single click. This change is aimed at people who prefer a simple and distraction-free browsing experience. The update … Continued
Cybersecurity researchers have reported a serious incident involving eScan antivirus software, where attackers compromised one of its update servers. Instead of sending a normal security update, the server delivered malicious files to users. This type of attack is known as a supply-chain attack and is considered highly dangerous. The issue came to light after abnormal … Continued
A serious supply-chain attack has been uncovered on the Open VSX extension registry, a platform widely used by developers to download and manage coding extensions. In this incident, attackers compromised a legitimate developer account and used it to publish malicious updates. The attack relied on abusing existing trust rather than exploiting the platform itself. This … Continued
SmarterTools has released an urgent security update for its SmarterMail email server after fixing a serious vulnerability rated 9.3 on the CVSS scale. The flaw was classified as critical because it could allow attackers to take full control of affected servers. Security experts warned that the issue posed a major risk to exposed systems. The … Continued
A former Google software engineer has been convicted by a U.S. federal jury for stealing confidential artificial intelligence data from Google and secretly sharing it for commercial use linked to China-based companies. The verdict was delivered in San Francisco after an 11-day trial, marking one of the most serious AI trade-secret cases in recent years. … Continued
A serious security flaw in WinRAR is still being actively exploited months after a fix was released. WinRAR is one of the most widely used file-compression tools across the world. Although a patch was made available in July 2025, many systems continue to run outdated versions. Security experts warn that this ongoing exposure puts organizations … Continued
Google has announced a major cybersecurity operation against IPIDEA, one of the world’s largest residential proxy networks. The action was carried out by Google’s Threat Intelligence Group to stop widespread abuse of consumer internet connections. According to Google, the network was being heavily misused by cybercriminals. The disruption is aimed at protecting everyday users and … Continued
Fortinet has released emergency security updates after confirming active exploitation of a serious vulnerability in its FortiOS Single Sign-On system. The flaw, tracked as CVE-2026-24858, allows attackers to bypass authentication controls. Security researchers found that the issue was already being abused in real-world attacks. This made immediate patching critical. The vulnerability affects how Fortinet devices … Continued
