Since at least September 2024, users in the US, UK, Spain, Australia, and Japan have been targeted by a new phishing kit named "Xiu Gou," which was designed to deploy phishing attacks globally.

Hackers are targeting two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras used in industrial, healthcare, government, and courtroom settings.

According to researchers at ThreatFabric, "LightSpy," an Apple iOS spyware, now has an improved version with destructive capabilities to prevent the compromised device from booting up.

Researchers at Bitdefender Labs have discovered a malvertising campaign that abuses Meta's advertising platform and hijacks Facebook accounts to distribute the "SYS01stealer" infostealer.

An operation named "EmeraldWhale" has led to the theft of over 15,000 cloud account credentials from thousands of private repositories by scanning for exposed Git configuration files.

According to the Canadian Centre for Cyber Security's 2025-2026 "National Cyber Threat Assessment," Chinese state-sponsored threat actors have maintained access to at least 20 Canadian government networks for four years to steal valuable data.

Since 2019, a phishing campaign named "Phish n' Ships" has infected over 1,000 legitimate online stores to promote fake product listings for rare items.

A threat actor has targeted about 22,000 vulnerable CyberPanel instances and encrypted files on the servers that run it using PSAUX and other ransomware. CyberPanel is a popular open source control panel for managing servers used to host websites.

The former Disney employee was arrested and charged with hacking the company's systems and changing restaurant menus. Michael Scheuer, a former Disney menu production manager, was charged with three Computer Fraud and Abuse Act (CFAA) violations.

The free version of the popular WordPress plugin LiteSpeed Cache recently fixed a dangerous privilege elevation flaw with its latest update that could allow unauthenticated site visitors to gain admin rights.

Mystic Valley Elder Services (MVES) recently announced that it suffered a data breach that affected many individuals. The company is a Massachusetts-based non-profit that provides health and other services to the elderly and people with disabiliti

Yahoo’s vulnerability research team has recently identified nearly a dozen flaws in OpenText’s NetIQ iManager product, including some that could have been chained for unauthenticated remote code execution.