The Everest ransomware group has claimed responsibility for a significant data breach involving McDonald's India. The group alleges to have exfiltrated 861 GB of sensitive data, including customer information and internal company documents.

A vulnerability in Google Gemini AI allows attackers to exploit calendar invites to extract private data. This attack uses Indirect Prompt Injection, embedding commands in meeting invites that instruct Gemini to leak information.

A critical vulnerability, CVE-2025-68493, has been identified in Apache Struts 2, affecting versions 2.0.0 through 6.1.0. This flaw, discovered by Zast AI, involves unsafe XML parsing in the XWork component, which can lead to system crashes.

The GhostPoster malware campaign has been active for five years, affecting over 840,000 users through browser extensions on Chrome, Firefox, and Edge. The malware uses hidden payloads within PNG images to evade detection.

A sophisticated phishing scam is leveraging PayPal's legitimate invoice system to deceive users by sending verified invoices with fake support numbers. This scam bypasses traditional email security filters, posing a significant threat to users.

A major data breach has impacted Gulshan Management Services, a Texas-based company operating over 150 gas stations under the Handi Plus and Handi Stop brands. The breach exposed sensitive personal information of more than 377,000 individuals

The Claude Chrome extension, developed by Anthropic, poses significant data exposure risks. This extension allows AI to browse and interact with websites on behalf of users, potentially bypassing traditional web security measures.

The FBI has successfully dismantled an online marketplace operated by Zahid Hasan from Bangladesh, which sold fake ID templates. This operation, known as TechTreek, involved the sale of digital templates for fraudulent identification documents.

Hackers have been using Nezha with scripts containing Simplified Chinese messages, and their command center is hosted on Alibaba Cloud services in Japan. This activity is part of a broader trend of digital warfare.

Frogblight is a newly identified Android malware targeting users in Turkiye. It spreads through smishing attacks, masquerading as legitimate court and aid applications. The malware uses the Turkish name 'Davalar?m' to appear legitimate.