Cursor and Windsurf IDEs, used by approximately 1.8 million developers, are vulnerable to over 94 known Chromium and V8 engine vulnerabilities due to reliance on outdated Electron framework versions.

TP-Link has disclosed four command injection vulnerabilities affecting its Omada gateway devices, which are marketed as full-stack solutions (router, firewall, VPN gateway) for small to medium businesses.

A data breach has impacted Sotheby’s, a globally recognized auction house and asset-backed lending services provider. The breach has resulted in the exposure of sensitive customer information, including financial and personally identifiable data.

The campaign was strategically launched over the Columbus Day holiday weekend to exploit reduced staffing and delay detection. The phishing emails impersonate official communications from LastPass and Bitwarden.

Chinese APT group Flax Typhoon exploited ArcGIS Server's Server Object Extension (SOE) to maintain undetected access in a target network for over a year. The attackers used valid admin credentials to deploy a malicious Java SOE.

A threat actor known as TigerJack is actively distributing malicious VSCode extensions to steal crypto, exfiltrate source code, and execute arbitrary code. Researchers have identified at least 11 malicious VSCode extensions distributed by TigerJack.

North Korean threat actors have stolen over $2 billion in cryptocurrency assets in 2025, marking the largest annual total on record. The largest confirmed theft was the Bybit hack in February 2025, resulting in the loss of $1.46 billion.

RondoDox is a large-scale botnet active since June 2025, targeting 56 n-day vulnerabilities across over 30 device types, including routers, DVRs, and web servers. Since its discovery, the botnet has expanded its arsenal of exploits

A critical authentication bypass vulnerability (CVE-2025-5947) in the Service Finder WordPress theme is being actively exploited by threat actors. Over 13,800 exploitation attempts have been recorded since August 1.

DraftKings, a leading online sports betting and fantasy sports platform, has disclosed a security incident involving a credential stuffing attack that compromised an undisclosed number of user accounts.