Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Police sinkholes 45,000 IP addresses in cybercrime crackdown
An international law enforcement action codenamed “Operation Synergia III” has sinkholed tens of thousands of IP addresses and seized servers linked to cybercrime operations worldwide. During this Interpol-led operation, which took place between July 2025 and January 2026, authorities from 72 countries have seized 212 electronic devices and servers and made 94 arrests, with another […]
Fake enterprise VPN downloads used to steal company credentials
A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. The attackers manipulate search results (SEO poisoning) for common queries like “Pulse VPN download” or “Pulse Secure client” to redirect victims to spoofed VPN vendor sites that closely mimic VPN solutions from legitimate […]
Starbucks discloses data breach affecting hundreds of employees
Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts. As the world’s largest coffeehouse chain, Starbucks has over 380,000 employees (also known as partners) and operates nearly 41,000 locations across 88 countries. In data breach notification letters filed with Maine’s Attorney General and sent to […]
Google fixes two new Chrome zero-days exploited in attacks
Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks. “Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910 exist in the wild,” Google said in a security advisory published on Thursday. The first zero-day (CVE-2026-3909) stems from an out-of-bounds write weakness in Skia, an open-source 2D graphics library responsible for rendering […]
Canadian retail giant Loblaw notifies customers of data breach
Loblaw Companies Limited (Loblaw), the largest food and pharmacy retailer in Canada, announced that hackers breached a portion of its IT network and accessed basic customer information. The retailer has a nationwide network of 2,500 stores (franchise supermarkets, pharmacies, banking kiosks, and apparel shops) and plans to expand with 70 new ones this year as part of […]
England Hockey investigating ransomware data breach
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. The threat actor allegedly stole 129GB of data from the organization’s systems and announced that it will soon publish the files, unless a ransom […]
AI-generated Slopoly malware used in Interlock ransomware attack
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack. The breach started with a ClickFix ruse, and in later stages of the attack, the hackers deployed the Slopoly backdoor as […]
Veeam warns of critical flaws exposing backup servers to RCE attacks
Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. VBR is enterprise data backup and recovery software that helps IT administrators to create copies of critical data for quick restoration following cyberattacks and hardware failures. Three RCE security flaws patched today (tracked as CVE-2026-21666, CVE-2026-21667, […]
US disrupts SocksEscort proxy network powered by Linux malware
Law enforcement agencies in the U.S. and Europe, along with private partners, have disrupted the SocksEscort cybercrime proxy network that relied solely on edge devices compromised via the AVRecon malware for Linux. According to Lumen’s Black Lotus Labs (BLL), which helped the U.S. Department of Justice take down Socksescort, the proxy network had a constant average of 20,000 […]
Google paid $17.1 million for vulnerability reports in 2025
Google paid over $17 million to 747 security researchers who reported security bugs through its Vulnerability Reward Program (VRP) in 2025. The company says it has awarded over $81.6 million in bug bounties since the first Vulnerability Reward Program went live in 2010, while the highest reward paid last year was of $250,000. “Our VRP once […]