Global Cybercrime Crackdown: Operation Eastwood Disrupts NoName057(16) Pro-Russian Network
Operation Eastwood dismantled NoName057(16), a pro-Russian DDoS network targeting Ukraine and its allies. Coordinated by Europol and Eurojust, the global…
Swiss Cyber AI Conference 2026 in Lugano
Join us at Swiss Cyber AI 2026 in Lugano, where industry leaders will explore the intersection of artificial intelligence and…
New Phishing Technique Exploits “DOWNLOAD All” Excel Interface to Harvest Credentials
A new phishing technique mimics an Excel file interface with a "Download ALL" button. Users are tricked into entering credentials,…
North Korea Expands Software Supply Chain Attacks with 67 Malicious npm Packages
North Korea’s Lazarus Group escalates its Contagious Interview campaign with XORIndex malware in npm packages, targeting developers and crypto holders…
Fortinet Patches Critical SQL Injection Vulnerability in FortiWeb (CVE-2025-25257)
Fortinet has released a critical security patch for FortiWeb addressing CVE-2025-25257, a high-severity SQL injection vulnerability that allows unauthenticated attackers…
Critical Chrome Zero-Day CVE-2025-6554 Actively Exploited: CISA Issues Urgent Patch Mandate
Critical Chrome zero-day CVE-2025-6554 actively exploited via V8 engine flaw—impacts all Chromium-based browsers. CISA mandates urgent patching by July 23,…
When Ransomware Strikes Close to Government: Lessons from the Radix Foundation Breach
A ransomware attack against Switzerland’s Radix Foundation has compromised sensitive health-related data and exposed vulnerabilities in third-party data custodianship —…
How to Safely Search the Dark Web for Leaked Emails or Usernames
Learn how to safely check if your email or username is exposed on the dark web using the Cyber Risk…
The Invisible Threat: How Free VPN Browser Plugins Enable APT Intrusions
Free VPN browser plugins pose a critical risk in enterprise networks. Recent behavior shows automated connections to APT28-linked domains—often without…
Windows Remote Desktop Services Vulnerability Allows Remote Code Execution
A critical Windows Server vulnerability (CVE-2025-32710) allows unauthenticated remote code execution via RD Gateway. Organizations must patch immediately to prevent…