New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these 'privacy' tools are actually major security risks, especially for BYOD environments.
Global Exposure of 180,000 ICS/OT Devices Raises Safety Concerns
Bitsight warns ICS/OT exposure jumped 12% in 2024, leaving 180,000+ critical infrastructure systems open to attack. Learn about the possible vulnerabilities and new malware strains.
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims.
$20 YoLink IoT Gateway Vulnerabilities Put Home Security at Risk
Four critical zero-day flaws found in the $20 YoLink Smart Hub allow remote physical access, threatening your home security. See the urgent steps you must take now.
Google Patches “Gemini Trifecta” Vulnerabilities in Gemini AI Suite
Cybersecurity firm Tenable found three critical flaws allowing prompt injection and data exfiltration from Google's Gemini AI. Learn why AI assistants are the new weak link.
Malicious ZIP Files Use Windows Shortcuts to Drop Malware
Cybersecurity firm Blackpoint Cyber reveals a new spear phishing campaign targeting executives. Learn how attackers use fraudulent document ZIPs containing malicious shortcut files, leveraging 'living off the land' tactics, and a unique Anti-Virus check to deliver a custom payload
WestJet Confirms Passenger IDs and Passports Stolen in Cyberattack
WestJet confirms a data breach starting June 13, 2025, stole passport/ID and personal data. Credit cards and passwords are safe. The airline offers 24 months of free identity monitoring, including $1M insurance.
Meet SpamGPT and MatrixPDF, AI Toolkits Driving Malware Attacks
Cybersecurity researchers at Varonis have discovered two new plug-and-play cybercrime toolkits, MatrixPDF and SpamGPT. Learn how these AI-powered tools make mass phishing and PDF malware accessible to anyone, redefining online security risks.
Detour Dog’s DNS Hijacking Infects 30,000 Websites with Strela Stealer
Infoblox reveals how the Detour Dog group used server-side DNS to compromise 30,000+ sites across 89 countries, installing the stealthy Strela Stealer malware.
London Court Convicts Chinese Mastermind Behind £5bn Crypto Seizure
Zhimin Qian, the 'Bitcoin Queen,' pleads guilty in the UK after police seized over £5 billion in stolen crypto, the world's largest crypto seizure. Details on the Ponzi scam and fight for the funds.