Security
Massive new botnet hijacks almost 2 million Android devices and briefly surpasses Google
A massive new botnet, Kimwolf, briefly surpassed Google on the top websites chart. With 1.8 million Android devices and counting, a botnet of such scale is capable of launching unseen cyberattacks, researchers warn.
Read more about Massive new botnet hijacks almost 2 million Android devices and briefly surpasses Google
Most smart devices run outdated web browsers, expose owners to attacks
Most smart devices on today’s market come with an embedded web browser that runs extremely out-of-date versions, a new study has found. This exposes device buyers to cyberattacks as soon as they turn on their new gadgets.
Read more about Most smart devices run outdated web browsers, expose owners to attacks
US childcare platform exposes 140K records, including minors' data
A misconfigured database left the personal details of parents and children from thousands of childcare centers exposed to anyone on the internet.
Read more about US childcare platform exposes 140K records, including minors' data
France confirms cyberattack on Ministry of Interior, hackers claim 16M individuals exposed
The ministry has confirmed that it suffered a cyberattack, but has not shared how many individuals may have been exposed.
Read more about France confirms cyberattack on Ministry of Interior, hackers claim 16M individuals exposed
Too many hacks lead to Telegram: security researchers recommend blocking it
Multiple recent cyberattacks have relied on Telegram infrastructure as a central tool for tracking victims, controlling malware, and moving stolen data, prompting security researchers to recommend blocking Telegram traffic where it is not essential.
Read more about Too many hacks lead to Telegram: security researchers recommend blocking it
Fortinet firewalls under active attack, users urged to update now
Threat actors have begun actively exploiting two critical vulnerabilities in a popular firewall device, Fortinet FortiGate, just days after they were publicly disclosed.
Read more about Fortinet firewalls under active attack, users urged to update now
Amazon exposes Russian cyber saboteurs targeting Western critical infrastructure
Amazon’s threat intelligence team has revealed a years-long Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025.
Read more about Amazon exposes Russian cyber saboteurs targeting Western critical infrastructure
Suspect pleads guilty to credential stuffing attack on DraftKings
A 21-year-old man from Farmington, Minnesota, has pleaded guilty to orchestrating a credential stuffing attack on the sports and betting website DraftKings. He now risks a prison sentence of up to five years.
Read more about Suspect pleads guilty to credential stuffing attack on DraftKings
Thousands of Firefox users compromised: 17 extensions hide malware in icons
At least 17 Firefox extensions slipped past detection by hiding malware in an unlikely place – their icons. Thousands of users have been infected, and the malicious add-ons are still available on the Firefox platform.
Read more about Thousands of Firefox users compromised: 17 extensions hide malware in icons
Users alarmed after Pornhub was linked to data breach that affected OpenAI
A cyberattack that impacted the ChatGPT maker OpenAI has also impacted adult content behemoth Pornhub. The hackers claiming responsibility say they have the browsing histories of Premium Pornhub users.
Read more about Users alarmed after Pornhub was linked to data breach that affected OpenAI
Google will shut down “unhelpful” dark web monitoring tool
Google has announced that it’s about to discontinue its dark web monitoring tool in February, less than two years after it was launched to help users determine if their personal data is available anywhere on the dark web.
Read more about Google will shut down “unhelpful” dark web monitoring tool
SoundCloud discloses breach affecting millions, warns users about phishing attempts
SoundCloud, an online audio streaming platform popular among artists sharing and promoting music, has disclosed a data breach affecting millions of users. Attackers have exfiltrated email addresses, along with other publicly available data.
Read more about SoundCloud discloses breach affecting millions, warns users about phishing attempts
Payroll data stolen in Jaguar Land Rover cyberattack
The personal information of thousands of Jaguar Land Rover staff members has been harvested by attackers, putting them at risk of potential fraud.
Read more about Payroll data stolen in Jaguar Land Rover cyberattack
Apple and Google fail to bar US-sanctioned companies from their app stores
The Apple App Store and Google Play Store are hosting dozens of apps with direct connections to US-sanctioned Russian, Chinese, and other companies, according to a report by the Tech Transparency Project.
Read more about Apple and Google fail to bar US-sanctioned companies from their app stores
Researchers see global surge in attacks by new ransomware group “Gentlemen”
Not exactly chivalrous, a newly identified ransomware group called Gentlemen has been gaining prominence since August. Researchers say the gang’s technical sophistication suggests a coordinated team with extensive experience in enterprise-focused attacks.
Read more about Researchers see global surge in attacks by new ransomware group “Gentlemen”
Apple urges updates as hackers target iPhones
Apple is urging billions of iPhone users to update immediately after confirming that hackers are already exploiting newly patched flaws in iOS 26.2.
Read more about Apple urges updates as hackers target iPhones
Hackers turn ChatGPT, Grok chat links into malware traps on search engines
Cybercriminals are flooding search results with manipulated ChatGPT or Grok answers. Users trying to clean their Macs or free up space end up installing powerful infostealer malware.
Read more about Hackers turn ChatGPT, Grok chat links into malware traps on search engines
LastPass fined £1.2M by ICO for comprehensive data breach
The Information Commissioner’s Office (ICO) has imposed a fine of £1.2 million on LastPass UK following a data breach that affected 1.6 million people.
Read more about LastPass fined £1.2M by ICO for comprehensive data breach
Your questions, answered by Cybernews: Can your vape be hacked?
Screening Windows, playing Doom, hosting a website, or orchestrating a cyberattack. What else can be done with your vape? Each week, our team selects one pressing and common reader issue and deconstructs it to help you stay safe online.
Read more about Your questions, answered by Cybernews: Can your vape be hacked?
Stanford University pits cybersecurity researchers versus AI: should humans worry?
Ten cyber pros were given $2,000 to beat the autonomous AI agents in hacking a live enterprise environment. One of them actually succeeded, but the victory comes at a steeper cost.
Read more about Stanford University pits cybersecurity researchers versus AI: should humans worry?
