Critical FreeType Vulnerability Exploited in Attacks: Urgent Update Required
Facebook disclosed a critical FreeType vulnerability (CVE-2025-27363), allowing arbitrary code execution. All versions up to 2.13 are affected; immediate updates
Facebook disclosed a critical FreeType vulnerability (CVE-2025-27363), allowing arbitrary code execution. All versions up to 2.13 are affected; immediate updates
The Lazarus Group, a North Korean hacking collective, deployed six malicious npm packages, infecting hundreds of developers. The packages steal
Kansas’ Sunflower Medical Group suffered a data breach impacting 220,968 individuals. The Rhysida ransomware group claimed responsibility for the incident
A devastating Infostealer malware campaign has compromised 26 million devices, stealing bank card details and passwords. Kaspersky’s report highlights the
New SuperBlack ransomware leverages Fortinet authentication bypass flaws (CVE-2024-55591 and CVE-2025-24472), showing strong ties to LockBit. Immediate patching is crucial.
A sophisticated ClickFix phishing campaign uses fake Booking.com emails to deliver infostealers and RATs, targeting hospitality businesses. Strong security measures
The Volt Typhoon advanced persistent threat (APT) group maintained access to a Massachusetts power utility’s OT network for almost a
FIIG Securities faces legal action from ASIC for inadequate cybersecurity, leading to a data breach exposing 18,000 clients’ sensitive information.
MassJacker malware uses clipboard hijacking to steal cryptocurrency from 778,000 wallets, highlighting sophisticated obfuscation and a potentially massive financial impact.
Multiple healthcare providers suffered significant cyberattacks and data breaches in 2025, exposing sensitive patient information, highlighting the urgent need for
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.