More than a third (36%) of people have had at least one online account compromised due to weak or stolen passwords in the past year, according to new research by the FIDO Alliance.

Cybercriminals are deploying highly sophisticated subscription scams, including deceptive “mystery box” offers, to harvest credit card data and commit financial fraud. These scams are spreading across social media platforms, particularly Facebook.

Gremlin Stealer is a newly identified C#-based infostealer malware actively promoted on Telegram since March 2025. It targets Windows systems and is capable of harvesting a broad range of sensitive data.

A targeted spear phishing campaign has been uncovered against senior members of the World Uyghur Congress (WUC), aiming to deploy surveillance malware. The malware was delivered through a trojanized version of UyghurEditPP.

Marks & Spencer has paused taking online orders as the British retailer continues to tackle an ongoing cyber incident. It is unclear when these services will be restored.

A new variant of the Mimic ransomware, named ELENOR-corp (v7.5), has been identified in targeted attacks against the healthcare sector. It has been deployed in a series of attacks on healthcare organizations, leveraging aggressive techniques.

Security researchers from ExtensionTotal have discovered a Chrome extension capable of interacting with local Model Context Protocol (MCP) servers without user permission or detection by Chrome’s security mechanisms.

The findings are revealed in a new report from the UN Office on Drugs and Crime (UNODC), Inflection Point: Global Implications of Scam Centres, Underground Banking and Illicit Online Marketplaces in Southeast Asia.

Compromised network edge devices accounted for initial compromise in 30% of incidents impacting small and medium-sized businesses (SMBs) in 2024. VPN exploitation alone was the most frequent compromise point across all cases, at 19%.

A self-contained AI system engineered for offensive cyber operations, Xanthorox AI, has surfaced on darknet forums and encrypted channels. Its core is Xanthorox Coder, capable of scripting, exploiting vulnerabilities and developing malware.