Chess.com has disclosed a data breach after threat actors gained unauthorized access to a third-party file transfer application used by the platform. [...]

TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in attacks. [...]

The French data protection authority has fined Google €325 million ($378 million) for violating cookie regulations and displaying ads between Gmail users' emails without their consent. [...]

The browser is now the frontline for cyberattacks. From phishing kits and ClickFix lures to malicious OAuth apps and extensions, attackers are targeting the very place your employees access business-critical apps. Push Security explains how to defend where breaches begin. [...]

Car tire giant Bridgestone confirms it is investigating a cyberattack that impacts the operation of some manufacturing facilities in North America. [...]

Microsoft says the August 2025 security updates are triggering unexpected User Account Control (UAC) prompts and app installation issues for non-admin users across all supported Windows versions. [...]

Threat actors are using Grok, X's built-in AI assistant, to bypass link posting restrictions that the platform introduced to reduce malicious advertising. [...]

The U.S. Department of State is offering a reward of up to $10 million for information on three Russian Federal Security Service (FSB) officers involved in cyberattacks targeting U.S. critical infrastructure organizations on behalf of the Russian government. [...]

Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit newly disclosed n-day flaws. [...]

The U.S. Department of Justice has sued toy maker Apitor Technology for allegedly allowing a Chinese third party to collect children's geolocation data without their knowledge and parental consent. [...]

The Alliance for Creativity and Entertainment (ACE) and Egyptian authorities have shut down Streameast, the world's largest illegal live sports streaming network, and arrested two people allegedly associated with the operation. [...]

Workiva, a leading cloud-based SaaS (Software as a Service) provider, notified its customers that attackers who gained access to a third-party customer relationship management (CRM) system stole some of their data. [...]

Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws. [...]

Disney will pay $10 million to settle claims by the U.S. Federal Trade Commission that it mislabeled videos for children on YouTube, which allowed the collection of kids' personal information without their consent or notification to their parents. [...]

Geolocation is the invisible attack vector. From Stuxnet to today's APTs, malware now lies dormant until it hits the right place—turning location data into a weapon. Acronis' TRU explains why defenses must evolve beyond VPNs and perimeter controls. [...]

Hackers tried to steal $130 million from Evertec's Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the central bank's real-time payment system (Pix). [...]

Cloudflare is the latest company impacted in a recent string of Salesloft Drift breaches, part of a supply-chain attack disclosed last week. [...]

Internet infrastructure company Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits per second (Tbps). [...]

Jaguar Land Rover (JLR) announced that a cyberattack forced the company to shut down certain systems as part of the mitigation effort. [...]

The Office of the Pennsylvania Attorney General announced that a ransomware attack is behind the ongoing two-week service outage. [...]

Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. [...]

Cybersecurity company Zscaler warns it suffered a data breach after threat actors gained access to its Salesforce instance and stole customer information, including the contents of support cases. [...]

Researchers have disrupted an operation attributed to Russian state-sponsored threat group Midnight Blizzard, who sought access to Microsoft 365 accounts and data. [...]

Cybercriminals are abusing Meta's advertising platforms with fake offers of a free TradingView Premium app that spreads the Brokewell malware for Android. [...]

Threat actors have been using multiple websites promoted through Google ads to distribute a convincing PDF editing app that delivers an info-stealing malware called TamperedChef. [...]