A massive data breach has exposed the personal and financial information of over 3.6 million users of an app-building platform, Passion[.]io. The exposed database contained 12.2 terabytes of unencrypted and publicly accessible data.

The 2025 ViperSoftX variant features a sophisticated execution flow and robust persistence mechanisms, targeting a broad range of cryptocurrency wallets, browser extensions, and password managers.

A previously known data breach involving AT&T has resurfaced in a repackaged form, with threat actors re-releasing the stolen data from 2021. The updated dataset now includes decrypted Social Security Numbers and dates of birth.

A new phishing campaign is targeting remote workers by impersonating Zoom update notifications. The campaign exploits users' urgency to stay updated with the latest software versions, a common requirement for remote collaboration tools.

Dell Technologies has released a critical security advisory (DSA-2025-208) addressing multiple flaws in its PowerScale OneFS. The most severe, CVE-2024-53298, allows unauthenticated remote attackers to access and manipulate the file system.

Since April 2025, the campaign has been opportunistically targeting entities in Albania, Austria, Bulgaria, Germany, Greece, Hungary, Ireland, Israel, Italy, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and the United Kingdom.

Researchers observed the deployment of PathWiper via a legitimate endpoint administration framework. The attackers likely had access to the admin console, which was used to push both the VBScript and the PathWiper executable to the endpoints.

Cisco has released patches for three vulnerabilities in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP), all of which have public proof-of-concept exploit code.

Ukraine’s military intelligence agency (HUR) has claimed responsibility for a cyberattack on Russia’s state-owned aircraft manufacturer Tupolev. The operation reportedly resulted in the exfiltration of over 4.4 GB of sensitive data.

A financially motivated threat group, Hive0131, has launched a targeted phishing campaign in Colombia, impersonating the Judiciary of Colombia to distribute the DCRat banking trojan.