Security

The rising threat of mobile malware: How to protect your device in 2025

The number of mobile users is increasing every year – and so do the instances of mobile malware.
Read more about The rising threat of mobile malware: How to protect your device in 2025

Hackers target vibe coders with malicious extensions for their code editors

Hackers are exploiting a dangerous loophole to target vibe coders. Cursor, Windsurf, and other AI-powered code editors can’t access the VS Code Marketplace and instead rely on riskier third-party platforms, where malicious extensions and critical flaws thrive.
Read more about Hackers target vibe coders with malicious extensions for their code editors

Phishers exploit PDFs impersonating PayPal, DocuSign, and Microsoft

Everyone trusts PDFs – and that’s exactly why cybercriminals are so obsessed with them.
Read more about Phishers exploit PDFs impersonating PayPal, DocuSign, and Microsoft

Fake Amazon sites are exploding ahead of Prime Day

As Amazon Prime Day approaches with promises of deals and dopamine, cybercrooks are already circling like vultures.
Read more about Fake Amazon sites are exploding ahead of Prime Day

BMW Financial Services entangled in cyber incident

BMW Financial Services has been caught up in a third-party breach that affected a small pool of people, but details are still vague.
Read more about BMW Financial Services entangled in cyber incident

FBI issues warning as pump-and-dump clubs on social media surge

Exclusive “investment clubs” on social media or messaging apps often are outright scams designed to lure investors into pump-and-dump stock manipulation, the Federal Bureau of Investigation (FBI) has warned. The FBI is urging victims to provide more details about any incidents.
Read more about FBI issues warning as pump-and-dump clubs on social media surge

Interview with Surfshark: why VPNs are essential to modern digital life

Learn why people like you invest in VPNs, and what one of the top VPN providers is doing to protect...
Read more about Interview with Surfshark: why VPNs are essential to modern digital life

Major cybergang says it’s done, offers “goodwill” gesture

Hunters International, the ransomware gang behind the Benetton Group and Circle K hacks, claims it’s retiring, adding the “decision was not made lightly.”
Read more about Major cybergang says it’s done, offers “goodwill” gesture

Hacker analyzes “deleted” data on GitHub, scores $25K in bug bounties

GitHub commits are never truly deleted, and some developers are discovering this the hard way. White-hat hacker Sharon Brizinov scanned “deleted” GitHub dangling commits and found thousands of secrets granting even admin access to all developers’ repositories, earning $25,000 in bounties in the process.
Read more about Hacker analyzes “deleted” data on GitHub, scores $25K in bug bounties

Recruiting software maker exposes nearly 26M resumes

TalentHook, a cloud-based applicant tracking system, left a misconfigured instance open. It spilled tens of millions of job seekers’ CVs, full of personal details ranging from full names to home addresses.
Read more about Recruiting software maker exposes nearly 26M resumes

Critical Linux “sudo” flaw allows any user to take over the system

Millions of Linux systems worldwide, including those running critical services, are potentially vulnerable to a new, easy-to-exploit sudo flaw that allows unauthorized users to run commands as root on Ubuntu, Fedora, and other servers.
Read more about Critical Linux “sudo” flaw allows any user to take over the system

67% of EU governmental institutions score D or F for cybersecurity efforts

85% of employees reuse breached passwords in EU institutions rated lowest for cybersecurity.
Read more about 67% of EU governmental institutions score D or F for cybersecurity efforts

Microsoft recommends rigorous pre-employment checks

Stricter pre-employment vetting measures are necessary to detect fraudulent remote workers.
Read more about Microsoft recommends rigorous pre-employment checks

Ransomware negotiator talks tales, threats, and New York's new ransom payment disclosure law

New York passes legislation requiring local governments hit by hackers to now fess up if they've paid a ransom demand to their attackers. A top ransomware negotiator shares insight on the bill, the current threat landscape – and some memorable negotiating moments with Cybernews.
Read more about Ransomware negotiator talks tales, threats, and New York's new ransom payment disclosure law

The complete guide to scams 2025: learn how to stay safe

While it’s easy to laugh at early 2000s Nigerian prince scams today, variations of them still exist, and they continue...
Read more about The complete guide to scams 2025: learn how to stay safe

Hackers claim they snatched city budgets and plans from a North Carolina town

A notorious Russia-linked ransomware gang claims to have 260GB of data from a North Carolina city.
Read more about Hackers claim they snatched city budgets and plans from a North Carolina town

Hackers can listen in on your headphones: Sony, Bose, Marshall, and other major brands affected

Hackers in Bluetooth range can spy on millions of headphone users. Major flaws have been discovered in popular models from Sony, Bose, Marshall, Jabra, JBL, Beyerdynamic, and other devices using Airoha Systems chips.
Read more about Hackers can listen in on your headphones: Sony, Bose, Marshall, and other major brands affected

Major Russian defense contractor breached, navy secrets exposed, hacker claims

Russian military tech company, NPO Mars, had hundreds of gigabytes of sensitive and likely defense-related data stolen from its systems, attackers say.
Read more about Major Russian defense contractor breached, navy secrets exposed, hacker claims