The MedusaLocker ransomware group, active since 2019 and operating under a Ransomware-as-a-Service (RaaS) model, has announced a recruitment drive for penetration testers via its Tor-based data leak site.

Researchers have uncovered critical vulnerabilities in smart bus systems that could allow attackers to remotely track, control, or spy on vehicles. These flaws arise from the insecure integration of passenger Wi-Fi and critical vehicle systems.

According to a new report, the Embargo ransomware group has amassed approximately $34.2 million in cryptocurrency since its emergence in April 2024. The group primarily targets the healthcare, business services, and manufacturing sectors.

Eclypsium researchers have uncovered critical vulnerabilities in select Lenovo webcams, collectively dubbed BadCam, that allow attackers to remotely reprogram the devices into BadUSB attack platforms.

Air France and KLM have disclosed a data breach resulting from unauthorized access to a third-party customer service platform. The breach exposed limited customer data but did not compromise sensitive information such as passwords or payment details.

Northwest Radiologists has confirmed a data breach that exposed the personal and medical information of 348,118 residents of Washington State. The breach involved unauthorized access to internal systems over a five-day period.

has been listed as a victim by the cybercrime group D4rk4rmy on its Tor-based dark web leak site. D4rk4rmy has listed SBM twice on its dark web leak site. The attackers allege the theft of sensitive client data and internal corporate records.

A newly discovered Linux backdoor named Plague has been identified by researchers. Disguised as a malicious Pluggable Authentication Module (PAM), Plague enables attackers to bypass authentication mechanisms and maintain persistent SSH access.

Akira ransomware is exploiting a likely zero-day vulnerability in SonicWall SSL VPNs, targeting even fully patched devices with multi-factor authentication (MFA) and rotated credentials. Multiple intrusions were observed in late July 2025.

A critical zero-day vulnerability (CVE-2025-5394, CVSS 9.8) in the Alone – Charity Multipurpose Non-profit WordPress Theme is being actively exploited by threat actors. The theme has over 9,000 installations.