A new Mirai-variant botnet named ShadowV2 has been identified targeting Internet of Things (IoT) devices globally. It is designed to exploit known vulnerabilities across multiple embedded platforms

RomCom malware, linked to Russian military intelligence unit GRU Unit 29155, has been observed using the SocGholish fake browser update framework to deliver a Mythic C2 agent, targeting a U.S. civil engineering firm with ties to Ukraine.

A newly discovered architectural flaw in Microsoft Teams B2B Guest Access exposes users to malware, phishing, and data exfiltration attacks. Attackers are exploiting a systemic gap that bypasses Microsoft Defender for Office 365 protections.

Three London borough councils—Kensington and Chelsea, Westminster, and Hammersmith & Fulham—have been targeted in a coordinated cyberattack, leading to widespread disruption of core public services and operational systems.

A highly coordinated supply chain attack exploiting a South Korean Managed Service Provider (MSP) has led to the deployment of the Qilin ransomware, culminating in a significant data heist campaign dubbed "Korean Leaks".

A data breach at Mixpanel—a third-party analytics vendor used by OpenAI—has led to the exposure of limited identifiable information belonging to some OpenAI API users. The breach was exclusively attributed to Mixpanel.

Authorities in London—including the Royal Borough of Kensington and Chelsea (RBKC) and Westminster City Council (WCC)—are responding to a serious cybersecurity incident first identified on Monday morning.

A widespread cyberattack targeting Crisis24's legacy CodeRED platform has significantly disrupted emergency communication systems used by local governments, police, and fire agencies across the United States.

Cybercriminals have ramped up account takeover (ATO) frauds, causing over $262 million in losses since January. The frequency and sophistication of these attacks are rapidly intensifying with the onset of the holiday shopping season.

Emerging malicious LLMs such as WormGPT 4 and KawaiiGPT are being sold and distributed through underground platforms like Telegram and Darknet forums. These AI-based tools are capable of generating highly functional malware scripts.