Latest News
Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
A critical security flaw (CVE-2025-11001) in 7-Zip has a public exploit. Learn why this high-risk vulnerability is dangerous and how to manually update to version 25.01 now.
CrowdStrike Fires Worker Over Insider Leak to Scattered Lapsus Hunters
CrowdStrike fired an insider for selling internal screenshots to Scattered Lapsus$ Hunters for $25,000. Read how the security team detected the activity and protected customers.
New Sturnus Android Malware Reads WhatsApp, Telegram, Signal Chats via Accessibility Abuse
Sturnus, an advanced Android banking trojan, has been discovered by ThreatFabric. Learn how this malware bypasses end-to-end encryption on Signal and WhatsApp, steals bank credentials using fake screens, and executes fraudulent transactions.
ShinyHunters Breach Gainsight Apps on Salesforce, Claim Data from 1000 Firms
ShinyHunters breached Gainsight apps integrated with Salesforce, claiming access to data from 1000 firms using stolen credentials and compromised tokens.
Everest Ransomware Says It Breached Brazilian Energy Giant Petrobras
Everest ransomware claims to have stolen over 180GB of seismic survey data from Petrobras, demanding contact through qTox with a countdown in place.
New Eternidade Stealer Uses WhatsApp to Steal Banking Data
Trustwave SpiderLabs warns of Eternidade Stealer, a new banking trojan spreading via personalised WhatsApp messages. Find out how this malicious software bypasses security checks and deploys fake login screens for major banks and wallets.
Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices
SquareX warns Perplexity's Comet AI browser contains a hidden MCP API that bypasses security, allowing attackers to install malware and seize full device control.
UK Exposes Bulletproof Hosting Operator Linked to LockBit and Evil Corp
The operator, Alexander Volosovik, also known as “Yalishanda”, “Downlow” and “Stas_vl,” ran a long-running bulletproof hosting operation used by top ransomware groups.
Hacker Selling Alleged Samsung Medison Data Stolen In 3rd Party Breach
Hacker using the alias 888, claims to be selling Samsung Medison data taken through a third party breach, including internal files, keys and user info.
Seraphic Becomes the First and Only Secure Enterprise Browser Solution to Protect Electron-Based Applications
Tel Aviv, Israel, 19th November 2025, CyberNewsWire