Latest News: Cybersecurity

Marks & Spencer (M&S), one of the UK’s leading retailers, is grappling with the fallout of a major cyberattack that has disrupted its services for over a week. The incident has forced the company to pause online orders, created delays in Click & Collect services, and left visible gaps

A widespread phishing campaign has been targeting WooCommerce administrators globally since April 2025. The operation deceives site owners into installing fraudulent security patches that give attackers full control over their WordPress sites. Researchers at Patchstack uncovered this operation,

For the first time ever, automated bot traffic has overtaken human activity online — now making up 51% of all internet traffic, according to the 2025 Imperva Bad Bot Report. This historic shift marks a pivotal turning point for the digital landscape, as organizations worldwide grapple with the

Recently, cybercriminals exploited a vulnerability in Google’s OAuth system to send phishing emails that appeared legitimate by passing DKIM (DomainKeys Identified Mail) verification. The incident came to light when a fraudulent Google security alert was reported. The attack leveraged Google’s

More than 16,000 Fortinet devices globally have been found to be compromised with a persistent symlink backdoor. It’s a vulnerability that allows read-only access to sensitive configuration files even after patching. Initially reported to affect 14,000 devices, that number has since climbed to over

Security researchers have found that AI’s tendency to hallucinate package names when used to assist with writing code has led to a new software supply chain vulnerability, dubbed “slopsquatting.” The term, introduced by security expert Seth Larson, refers to a variation of typosquatting. While

Corporate email marketing accounts have been compromised and used in a phishing campaign known as "PoisonSeed," which is targeting cryptocurrency users and spreading fraudulent wallet seed phrases. The attacks were initiated in March 2025 and targeted Coinbase and Ledger users globally. Security

The United States Department of Justice has frozen $8.2 million in cryptocurrency tied to a romance baiting scam that defrauded dozens of Americans. In the scheme, scammers established a friendship or romance with the victim online. They then pushed them into making investments on counterfeit

A novel phishing campaign is targeting SEO experts by utilizing counterfeit Semrush Google Ads crafted with the aim of capturing Google login information. Cybercriminals are leveraging these advertisements in order to gain access to valuable Google Ads and analytics accounts. These could then be

Hackers are actively exploiting vulnerabilities in Fortinet firewalls to deploy ransomware, targeting organizations that have yet to patch their systems. The Mora_001 ransomware gang, which has ties to the notorious LockBit group, has been using two specific Fortinet flaws — CVE-2024-55591 and