CISA warns feds to fully patch actively exploited Cisco flaws

CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA ...

Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations

Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, ...

CISA warns of WatchGuard firewall flaw exploited in attacks

CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows ...

Google sues to dismantle Chinese phishing platform behind US toll scams

Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to ...

Google sues to dismantle Chinese platform behind global toll scams

Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to ...

Windows 11 now supports 3rd-party apps for native passkey management

Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party ...

DanaBot malware is back to infecting Windows after 6-month break

The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame ...

Microsoft fixes bug causing false Windows 10 end-of-support alerts

Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or ...

Extending Zero Trust to AI Agents: “Never Trust, Always Verify” Goes Autonomous

As AI agents gain autonomy to act, decide, and access data, traditional Zero Trust models fall short. Token Security explains ...

New UK laws to strengthen critical infrastructure cyber defenses

The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water ...

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

An advanced threat actor exploited the critical vulnerabilities "Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as ...

Synnovis notifies of data breach after 2024 ransomware attack

Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ...