News
-
9GB Data Leak From Alleged North Korean Hacker Surfaces at DEF CON
Two hackers released a 9GB archive reportedly from a North Korean operator during DEF CON, with the material—including logs, credentials, and scripts—made available via DDoSecrets and published on Phrack; the data has been indexed and deemed authentic by researchers, though attribution remains uncertain.
-
WinRAR Addresses Critical Zero-Day Vulnerability Exploited in Active Attacks
WinRAR has released an urgent update to address a critical zero-day vulnerability, CVE-2025-8088, that is actively being exploited to execute arbitrary code through malicious archive files. Users are strongly advised to upgrade to version 7.13.
-
Over 29,000 Microsoft Exchange Servers Remain Vulnerable to Severe Exploit
Over 29,000 Microsoft Exchange servers remain unpatched against a critical security flaw, CVE-2025-53786, which allows attackers to escalate privileges and potentially compromise entire domains. This vulnerability has prompted emergency directives from U.S. federal agencies to enforce patching.
-
Connex Credit Union Faces Data Breach Affecting Over 172,000 Members
Connex Credit Union has disclosed a data breach affecting over 172,000 members, revealing unauthorized access to personal and financial information, while warning members about potential phishing scams.
-
U.S. Federal Judiciary Confirms Cyberattack on Case Management System
The U.S. Federal Judiciary has confirmed a cyberattack on its electronic case management systems, leading to increased cybersecurity measures to protect sensitive court documents. Enhanced protections are in response to rising sophisticated cyber threats affecting public and private sectors. The breach reportedly exposed confidential information across multiple federal districts.
-
Research Uncovers Privacy Concerns in Apple’s Siri Data Handling
New research reveals that Apple’s Siri may send sensitive user data to company servers beyond its stated privacy policies, raising concerns about the integrity of user privacy and end-to-end encryption.
-
Columbia University Data Breach Exposes Personal Information of Nearly 870,000
Columbia University has reported a significant data breach that has compromised the personal information of nearly 870,000 individuals, prompting an investigation and offering support services to those affected.
-
Malicious NPM Packages Pose Threat to WhatsApp Developers
Researchers at Socket have discovered two malicious NPM packages that impersonate WhatsApp development tools, deploying dangerous data-wiping code and threatening developers’ systems. Despite takedown efforts, the packages remain available for download.
-
Bouygues Telecom Faces Data Breach Affecting 6.4 Million Customers
Bouygues Telecom confirms a significant data breach affecting 6.4 million customers, exposing personal data but no credit card details. The company acts quickly to secure its network and notify customers.
-
CISA and Microsoft Alert on High-Severity Vulnerability in Exchange Servers
Federal agencies are alerted to a significant vulnerability in Microsoft Exchange servers. An emergency directive from CISA requires immediate actions to mitigate risks following insights revealed at the Black Hat conference, highlighting the potential for exploitation by attackers.
