Cloudflare now blocks all unencrypted traffic to its API endpoints
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com.
Microsoft Trust Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day ...
Coinbase was primary target of recent GitHub Actions breaches
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack ...
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the ...
Fake Semrush ads used to steal SEO professionals’ Google accounts
A new phishing campaign is targeting SEO professionals with malicious Semrush Google Ads that aim to steal their Google ...
Microsoft: Exchange Online bug mistakenly quarantines user emails
Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users' emails.
US removes sanctions against Tornado Cash crypto mixer
The U.S. Department of Treasury announced today that it has removed sanctions against the Tornado Cash cryptocurrency mixer, which North Korean Lazarus hackers used to launder hundreds of millions ...
Steam pulls game demo infecting Windows with info-stealing malware
Phantom's Resolution' from the Steam store following multiple user reports that indicated its demo installer actually ...
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication ...
CISA tags NAKIVO backup flaw as actively exploited in attacks
CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in ...
VSCode extensions found downloading early-stage ransomware
Two malicious VSCode Marketplace extensions were found deploying in-development ransomware from a remote server, exposing ...
Critical Cisco Smart Licensing Utility flaws now exploited in attacks
Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a ...