Users of the Windows version of WhatsApp are being warned by Meta to update to the latest version to patch a flaw that attackers could exploit. The WhatsApp vulnerability involves use of a malicious attachment to execute arbitrary code.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
CISA warns about the fast flux DNS evasion technique used by ransomware gangs and state-sponsored threat actors to shield cybercrime infrastructure, threatening national security.
The INC Ransomware group has claimed responsibility for the State Bar of Texas data breach that leaked the sensitive information of thousands of members and some case documents.
The two data breaches are separate issues, but the common theme is criticism of Oracle's forthrightness about what exactly happened and what victims should expect going forward.
A massive data leak of 2.87 billion X/Twitter profiles, more than four times the site's current active monthly user estimate and likely including most going back to the creation of Twitter, may have been the work of a disgruntled former employee laid off during Musk's takeover of the company.
Chinese APT group Weaver Ant breached and maintained a foothold on a large Asian telco network for four years using compromised Zyxel CPE routers for cyber espionage.
A suspected Russian cyber attack on Ukraine’s state railway operator Ukrzaliznytsia impacted online systems, disrupting ticketing operations and causing long queues.
Over 300 malicious apps engaged in a massive ad fraud and credential and credit card theft campaign have been downloaded over 60 million times on Google Play Store.
A data breach affecting Pennsylvania’s largest workers and teachers’ union, the Pennsylvania State Education Association (PSEA), has exposed the personal...
The Oracle Cloud attack is on pace to be one of 2025's biggest data breaches, possibly on the scale of the MOVEit breach if enough clients turn out to be impacted. However, Oracle has yet to publicly acknowledge it.










