A new security discovery called CamoLeak revealed a major flaw in GitHub Copilot Chat that could expose private code and sensitive data. The issue was discovered by researchers from Legit Security, who demonstrated how hidden prompts could manipulate Copilot into leaking information from private repositories. The proof-of-concept attack showed how AI assistants could unintentionally become … Continued
Russian hackers are reportedly turning to artificial intelligence as their newest weapon in the cyber war against Ukraine. In recent months, Ukraine’s cyber agencies have noticed a sharp rise in AI-powered attacks that go beyond traditional phishing or malware. These operations are faster, more targeted, and far more deceptive than before. Ukraine’s State Service for … Continued
Hackers have claimed that they breached a system used by Discord and accessed data of around 5.5 million users. They said they stole about 1.6 terabytes of data, including support tickets, attachments, and partial billing details. The attack reportedly took place in late September 2025 and lasted nearly 58 hours. Discord, however, said its main … Continued
A major security flaw has been discovered in the Figma Model Context Protocol (MCP) server, a tool commonly used by developers to integrate design and AI workflows. This vulnerability allows hackers to remotely execute code on a user’s system, putting development environments at serious risk. The flaw has been identified as CVE-2025-53967 and classified as … Continued
A major cyberattack has disrupted one of Japan’s largest beverage companies, Asahi Group, causing a noticeable shortage of its popular beers in stores and restaurants across the country. The ransomware attack last week hit the company’s computer systems, making it difficult for Asahi to take new orders or deliver its products on time. The issue … Continued
Microsoft has reported that a threat actor it calls Storm-1175 is exploiting a critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) product. The attacks use a serious deserialization flaw in the GoAnywhere license servlet and have been tied to follow-up activity that included delivering Medusa ransomware. The technical problem is an unauthenticated deserialization bug … Continued
A serious security flaw has been found in Redis, a popular in-memory database used by many companies around the world. The bug is 13 years old and has been given a CVSS score of 10.0, which is the highest possible severity rating. This means the flaw is extremely dangerous and should be fixed immediately. The … Continued
A newly discovered zero-day flaw in Zimbra Collaboration has been used in real cyberattacks against military organizations in Brazil. Hackers exploited this vulnerability by sending specially crafted calendar files, known as ICS files, which contained malicious code designed to compromise systems. The attack was especially dangerous because it targeted a zero-day vulnerability one that was … Continued
Oracle has quickly released an emergency security patch after the Cl0p ransomware group reportedly exploited a serious zero-day vulnerability, tracked as CVE-2025-61882. The company confirmed that some customers using Oracle E-Business Suite received extortion emails claiming their data had been stolen through this flaw. The vulnerability affects the Concurrent Processing component of Oracle E-Business Suite … Continued
A hacking group linked to Iran, called Nimbus Manticore, has launched a fresh wave of cyberattacks across Europe. Security researchers say this group, also tracked under names like UNC1549 and Smoke Sandstorm, has returned with improved malware and smarter techniques. Earlier it focused more on the Middle East, but this time the spotlight is on … Continued
