Latest News

Microsoft has uncovered a new variant of the XCSSET macOS malware, which is targeting users' sensitive data, including cryptocurrency wallets and information stored in the Notes app. Active for at least five years, this malware spreads through compromised Xcode projects. The latest attacks used its

A game listed on the Steam store was discovered to contain password-stealing malware, leading to its removal from the platform. The game, PirateFi, appeared to be a survival game but was actually designed to install the Vidar infostealer, a type of malware that can steal passwords, session cookies,

Federal judge Paul Engelmayer has issued a preliminary injunction to prevent Elon Musk’s Department of Government Efficiency (DOGE) from accessing and using sensitive financial data belonging to millions of Americans. The court order mandated DOGE to destroy any obtained data. A hearing was also

A Chinese state-backed hacking group known as Salt Typhoon has continued targeting telecommunications providers worldwide, despite recent US sanctions and cybersecurity warnings. According to a report from cybersecurity firm Recorded Future, the group has successfully breached multiple telecom

Thousands of GFI KerioControl firewall devices have remained vulnerable to a critical remote code execution (RCE) flaw, CVE-2024-52875, despite security patches being made available since December 2024. The flaw allows attackers to exploit improper input sanitization in the firewall’s web

Apple has been instructed by UK authorities to create a backdoor in its iCloud encryption, as announced by the Washington Post. The directive, issued under the Investigatory Powers Act, would grant the government access to encrypted user data, affecting iCloud users not just in the UK, but

Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained nearly 2.7 billion records belonging to Mars Hydro — a China-based company offering IoT grow lights and software applications that allow users worldwide to control

Feroot Security has uncovered hidden code in DeepSeek AI that transmits user data directly to China Mobile servers, raising national security concerns. The cybersecurity firm’s discovery was featured on Good Morning America, prompting calls for immediate government action. Feroot’s cybersecurity

For years, cybercriminals have been targeting Microsoft’s Active Directory Federation Services (ADFS), compromising sensitive data across education, healthcare, and government institutions. At least 150 organizations have been affected by this phishing campaign according to research from

Malicious apps designed to steal cryptocurrency have made their way into Apple’s App Store and Google Play, marking the first known case of such malware successfully bypassing Apple’s strict security review process. According to cybersecurity firm Kaspersky, which first reported the findings,