LastPass has issued a fresh warning to its users about a new phishing campaign that is actively trying to steal master passwords. The company says attackers are sending fake emails that look like official maintenance or security alerts. These messages are designed to scare users into taking quick action. The main goal is to trick … Continued
Quantum computing offers a significant change in how we solve problems. Machines that use the uncertainty and randomness of quantum physics could eventually outperform even the strongest classical supercomputers. This shift could reshape areas like finance, artificial intelligence, and materials science. For cybersecurity, however, the immediate concern is not opportunity. It is trust. Modern digital … Continued
Cloudflare has fixed a security flaw in its infrastructure that could allow attackers to bypass Web Application Firewall protections. The issue was linked to how Cloudflare handled ACME certificate validation requests. These requests are used to automatically issue and renew HTTPS certificates. The flaw affected how certain validation traffic was processed. The vulnerability involved the … Continued
Tudou Guarantee, a major marketplace operating on Telegram, has stopped handling transactions through its public channels. Blockchain analysis confirms the platform processed more than $12 billion in cryptocurrency before this move. The findings were reported by trusted blockchain intelligence researchers. The halt marks a major shift for one of Telegram’s largest underground markets. The platform … Continued
Security researchers have identified a new malware campaign that spreads a remote access trojan called ModeloRAT through a fake Google Chrome extension. The activity is being tracked under the name “CrashFix.” Instead of exploiting technical flaws, the attackers rely on social engineering to trick users. The campaign has been confirmed by multiple trusted cybersecurity research … Continued
Cybersecurity researchers have uncovered a serious security flaw in the control panel used by operators of the StealC malware. This weakness allowed experts to secretly observe how the attackers were running their operations. Such access is rare and valuable, as it provides direct insight into real cybercrime activity. The finding highlights how even criminal tools … Continued
Security researchers have disclosed a targeted cyber-espionage campaign that used politically themed spear-phishing emails to target U.S. government and policy-related organizations with a previously undocumented backdoor known as LOTUSLITE. The activity leveraged lures tied to recent geopolitical developments involving the United States and Venezuela. The phishing emails delivered a ZIP archive titled “US now deciding … Continued
Cisco has issued emergency security updates for a previously exploited zero-day vulnerability affecting its enterprise email security infrastructure, after confirming real-world attacks linked to a China-associated threat actor identified as UAT-9686. What Was Fixed The flaw, assigned CVE-2025-20393, allows unauthenticated remote command execution and has been given a CVSS severity score of 10.0. The … Continued
The Federal Trade Commission (FTC) has banned General Motors (GM) from selling drivers’ location and driving behavior data for five years. The decision comes after a federal investigation into GM’s data-sharing practices. Regulators found that sensitive vehicle data was shared without proper transparency. The ban officially applies across the United States. The FTC said GM … Continued
Palo Alto Networks has released a security update to fix a serious vulnerability in its PAN-OS firewall software. The issue affects systems that use the GlobalProtect gateway or portal feature. If left unpatched, the flaw could allow attackers to disrupt firewall operations. The company has confirmed the issue through an official security advisory. The vulnerability … Continued
