Cybersecurity News
-
TAG-150 Hackers Escalate Attacks with Proprietary Malware Families
A sophisticated threat actor, TAG-150, active since at least March 2025. Characterized by rapid malware development, technical sophistication, and a sprawling multi-tiered infrastructure, TAG-150 has deployed several self-developed families—CastleLoader, CastleBot,…
Read More » -
SafePay Ransomware Hits 73 Organizations in Just One Month
SafePay, an emerging ransomware group, has rapidly ascended from obscurity to notoriety in 2025. In June alone, the group claimed responsibility for attacks on 73 organizations, topping Bitdefender’s Threat Debrief…
Read More » -
Cybersecurity Landscape 2025 Amid Record Vulnerabilities, Infrastructure Breakdown, and Growing Digital Risks
The year 2025 has unfolded in an environment marked by eroding trust in vulnerability databases, an explosive growth in cyberattacks, and digital overload for businesses. Data breaches have become routine,…
Read More » -
10 Best Web Application Penetration Testing Companies In 2025
Securing web applications is a top priority for businesses in 2025 as they’re a primary attack vector for cybercriminals. Web application penetration testing goes beyond automated scanning to use human…
Read More » -
Microsoft Tapped China Engineers for SharePoint Support
A new investigation has revealed that Microsoft relied on China-based engineers to provide technical support and bug fixes for SharePoint, the same collaboration software that was recently exploited by Chinese…
Read More » -
Bridgestone Confirms Cyberattack Impacts Manufacturing Facilities Across North America
Tire manufacturer launches a comprehensive investigation after a limited cyber incident affects operations at multiple plants. Bridgestone Americas has confirmed that a cyberattack has impacted manufacturing facilities across North America,…
Read More » -
Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access
Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC, lighting, and other essential functions,…
Read More » -
PagerDuty Confirms Data Breach After Salesforce Account Compromise
PagerDuty has confirmed that it experienced a data breach following a compromise of its Salesforce account. The company was first alerted to the issue by Salesloft on August 20, 2025,…
Read More » -
Apache DolphinScheduler Vulnerability Patched — Update Immediately
A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under CWE-276: Incorrect Default Permissions, this vulnerability affects all DolphinScheduler versions…
Read More » -
Top 10 Best API Penetration Testing Companies In 2025
Best API Penetration Testing Companies Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of modern applications and a prime target for attackers. API penetration…
Read More » -
ESPHome Vulnerability Allows Unauthorized Access to Smart Devices
A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to access and control smart devices without any valid credentials. Discovered…
Read More » -
Mapping the Web of Commercial Spyware: Targets and Attack Chains
A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs), exposing the methods these private firms employ to infiltrate devices, their typical targets,…
Read More » -
Food Delivery Robots Vulnerable to Hacks That Redirect Orders
A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the company’s food delivery and service robots. The vulnerability, which went…
Read More » -
Criminal IP Expands into European Cybersecurity Market through Partnership with DotForce
Criminal IP, the AI-powered threat intelligence and attack surface management (ASM) platform developed by AI SPERA, announced its official entry into the European market through a strategic partnership with DotForce,…
Read More »