The FCC is voting to rescind cybersecurity requirements imposed after the China-linked Salt Typhoon hack that impacted AT&T, Verizon, T-Mobile and Lumen Technologies. Republican Chair Brendan Carr calls it a course correction, while Democratic Commissioner Anna Gomez warns Americans will be “less se
Cloudflare initially thought it was facing a massive DDoS attack, but the real culprit was an internal database permission change that caused a bot management feature file to double in size. The corrupted file propagated across their network, causing widespread 5xx errors and taking down countless w
Security researchers found seven new ways to extract private data from ChatGPT. Microsoft is rolling out autonomous AI agents with full M365 access. The EU may loosen GDPR rules for cookies and AI training.
CISA has added a new FortiWeb vulnerability to its known exploited catalog, giving federal agencies just one week to patch. The code injection flaw affects multiple FortiWeb 8.0 versions and has already been weaponized by attackers. While rated medium severity, the active exploitation makes this urg
Ransomware activity surged in the third quarter of 2025, with compromised VPN credentials becoming the primary attack vector. Just three groups—Akira, Qilin, and INC Ransomware—accounted for 65% of all cases, highlighting how concentrated this threat has become.
Google has released an emergency Chrome update to fix two serious vulnerabilities, including one zero-day that’s already being exploited in the wild. The flaws involve type confusion in Chrome’s V8 JavaScript engine that could allow remote attacks. Users need to manually check for updates to ensure
The US is tired of being everyone’s favorite hacking target. National Cyber Director Sean Cairncross says a new offensive strategy is coming, but won’t say when. Industry leaders argue the current approach has failed.
Dutch police have seized 250 servers from data centers in The Hague and Zoetermeer as part of an investigation into a rogue hosting provider. The servers were allegedly used for criminal activities including ransomware and botnets. This marks the latest in a series of data center raids targeting cyb
Windscribe has finished deploying its next-generation FreshScribe server architecture across all global servers after more than a year of phased testing. The upgrade fundamentally changes how WireGuard protocol runs, moving from user-space to kernel-space implementation. Users should see immediate s
WhatsApp exposed nearly every user’s phone number through a basic security flaw that researchers warned Meta about back in 2017. The vulnerability allowed anyone to scrape phone numbers and profile data from the entire platform. It took eight years and a massive research demonstration before Meta fi
