18 Jul, 2026

WestJet data breach exposes travel details of 1.2 million customers

Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised the personal information of 1.2 million customers, including passports and ID documents. WestJet is a major airline in North America, operating a fleet of 153 aircraft and serving 104 destinations, which carry over 25 million travelers annually. On June 13, the company disclosed a […]

3 mins read

Google Drive for desktop gets AI-powered ransomware detection

Google has begun rolling out a new AI-powered security feature for Google Drive desktop, which will automatically pause file syncing when it detects a ransomware attack to minimize impact. While this will not block ransomware from encrypting files on the infected computer, users’ documents stored in Google Drive will be protected and can be easily […]

2 mins read

Allianz Life says July data breach impacts 1.5 million people

Allianz Life has completed the investigation into the cyberattack it suffered in July and determined that nearly 1.5 million individuals are impacted. The American insurance giant has notified all potentially affected individuals that their names, addresses, dates of birth, and social security numbers (SSN) has been compromised. Allianz Life is part of Allianz SE and provides annuities […]

2 mins read

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. The new tool was spotted by Varonis researchers, who told GeekFeed that MatrixPDF was first spotted on a cybercrime forum. The seller also […]

3 mins read

WestJet confirms recent breach exposed customers’ passports

Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. WestJet is a major airline in North America that operates a fleet of 153 aircrafts and services 104 destinations, carrying over 25 million travelers annually. On June 13, the company disclosed a cybersecurity incident that disrupted certain internal […]

2 mins read

Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws

Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. The flaws, tracked as CVE-2025-20333 and CVE-2025-20362, enable arbitrary code execution and access to restricted URL endpoints associated with VPN access. Both security issues can be exploited remotely […]

2 mins read

Critical Western Digital My Cloud bug allows remote command injection

Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. Tracked as CVE-2025-30247, the flaw is an OS command injection in the user interface of My Cloud and can be leveraged through specially crafted HTTP POST requests sent to […]

2 mins read

Chinese hackers exploiting VMware zero-day since October 2024

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. While the American technology giant didn’t tag this security bug (CVE-2025-41244) as exploited in the wild, it thanked NVISO threat researcher Maxime Thiebaut for reporting the bug in May. However, […]

2 mins read

CISA warns of critical Linux Sudo flaw exploited in attacks

Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, describing it as “an inclusion of functionality from untrusted control sphere.” CISA has given federal […]

2 mins read

Broadcom fixes high-severity VMware NSX bugs reported by NSA

Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA). VMware NSX is a networking virtualization solution within VMware Cloud Foundation that enables administrators to deploy traditional and modern applications in private/hybrid clouds. The first security flaw reported by the NSA, tracked as CVE-2025-41251, is due […]

2 mins read