A significant data exposure incident has compromised the personal information of over 7,000 individuals who applied for positions on Capitol Hill through the DomeWatch resume bank.

A new Android malware named HyperRat has emerged in the cybercrime ecosystem, being sold as a ready-made spyware tool under the Malware-as-a-Service (MaaS) model. HyperRat is distributed via a subscription-based model.

A new Android malware, Android.Backdoor.Baohuo.1.origin, is spreading via fake Telegram X apps, granting attackers full control over victims' Telegram accounts. Baohuo uses the Xposed framework to alter app behavior at runtime.

The Everest ransomware group claimed responsibility for breaching Dublin Airport and Air Arabia. The group alleges the theft of approximately 1.5 million passenger records from Dublin Airport and personal data of over 18,000 Air Arabia employees.

A newly discovered zero-click attack, dubbed Shadow Escape, exploits MCP used by AI assistants. This attack enables the silent exfiltration of sensitive data—including SSNs, financial records, and medical identifiers—without any user interaction.

The Medusa ransomware group has leaked a 186.36 GB compressed archive of data allegedly stolen from Comcast Corporation. The data was released after Comcast reportedly failed to meet a $1.2 million ransom demand.

A new report from cybersecurity research firm Sublime Security reveals yet another widespread credential phishing campaign where scammers try to get your login information, specifically by stealing victims’ Facebook login details.

A new malvertising campaign is taking advantage of the popularity of Perplexity’s recently released Comet browser, tricking users into downloading a malicious installer instead of the legitimate product.

A misconfigured server belonging to Indian email marketing and automation company NetcoreCloud exposed over 40 billion records totaling 13.4TB of data. The exposed database contained sensitive email communications.

A new variant of the Chaos ransomware family, dubbed Chaos-C++, has emerged targeting Microsoft Windows systems. This version is the first known Chaos variant not written in .NET, marking a significant shift in its development.