Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability. [...]

The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. [...]

With the first Patch Tuesday following Windows 10's end of support approaching next week, users who continue to run the operating system should enroll in the Extended Security Updates (ESU) program to remain protected against newly discovered security vulnerabilities. [...]

The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data. [...]

The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware. [...]

The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university's development and alumni activities and stole data in a cyberattack. [...]

The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]

A hacker has taken responsibility for last week's University of Pennsylvania "We got hacked" email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents. [...]

The University of Pennsylvania suffered a cybersecurity incident on Friday, where students and alumni received a series of offensive emails from various University email addresses, claiming that data was stolen in a breach. [...]

Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials. [...]

​​Microsoft has released the KB5067036 preview cumulative update for Windows 11 24H2 and 25H2, which begins the rollout of the Administrator Protection cybersecurity feature and an updated Start Menu. [...]

The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools. [...]

Google was once again forced to announce that it had not suffered a data breach after numerous news outlets published sensational stories about a fake breach that purportedly exposed 183 million accounts. [...]

X is warning that users must re-enroll their security keys or passkeys for two-factor authentication (2FA) before November 10 or they will be locked out of their accounts until they do so. [...]

CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. [...]

Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware. [...]

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. [...]

Microsoft announced today a new Windows 11 Copilot feature called Copilot Actions that enables AI agents to perform real tasks on local files and applications. [...]

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. Get patching! [...]

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]

In today's hyper-connected world, cyber threats are more sophisticated and frequent than ever - ransomware, data breaches, and social engineering scams, targeting everyone from individuals to Fortune 500 companies. Right now, you can grab "Cybersecurity For Dummies, 3rd Edition" - a $29.99 value - completely FREE for a limited time. [...]

Discord says they will not be negotiating with threat actors who claim to have stolen the data of 5.5 million unique users from the company's Zendesk support system instance, including government IDs and partial payment information for some people. [...]

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim's system and bypassing security software. [...]

Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company's customers this year. [...]

Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site. [...]