Latest Cybersecurity News and Articles

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

Japanese retailer Muji has suspended its online sales and related services following a ransomware attack on its logistics partner, Askul. The cyberattack disrupted Muji’s ability to process orders and operate its app and website.

Ransomware Attacks Escalate in APAC Targeting VPN Flaws, Microsoft 365 Logins, Python Scripts

A significant rise in cyberattacks is impacting the Asia-Pacific (APAC) region, particularly in Australia and neighboring nations. Threat actors are exploiting vulnerabilities in SonicWall VPNs (CVE-2024-40766), targeting Microsoft 365 accounts.

Oxford Nanopore Technologies MinKNOW

Multiple vulnerabilities have been identified in Oxford Nanopore Technologies' MinKNOW software, a DNA and RNA sequencing platform. These flaws could allow attackers to gain unauthorized access, exfiltrate data, and disrupt sequencing operations.

Full Disclosure: [SYSS-2025-015]: Verbatim Keypad Secure (security update v1.0.0.6)

A critical vulnerability (SYSS-2025-015) has been identified in Verbatim Keypad Secure USB 3.2 Gen 1 drives (Part Numbers #49427 and #49428), even after applying the latest firmware update v1.0.0.6.

Full Disclosure: [SYSS-2025-016]: Verbatim Store 'n' Go Secure Portable SSD (security update v1.0.0.6)

A critical vulnerability persists in the Verbatim Store 'n' Go Secure Portable SSD even after applying the latest security update (v1.0.0.6). The flaw enables offline brute-force attacks, allowing unauthorized access to encrypted data.

Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities

Cursor and Windsurf IDEs, used by approximately 1.8 million developers, are vulnerable to over 94 known Chromium and V8 engine vulnerabilities due to reliance on outdated Electron framework versions.

Researchers uncover remote code execution flaw in abandoned Rust code library

A high-severity remote code execution vulnerability, CVE-2025-62518 (CVSS 8.1), has been discovered in the async-tar Rust library and its numerous forks, including tokio-tar, uv, testcontainers, wasmCloud, astral-tokio-tar, and krata-tokio-tar.

TP-Link warns of critical command injection flaw in Omada gateways

TP-Link has disclosed four command injection vulnerabilities affecting its Omada gateway devices, which are marketed as full-stack solutions (router, firewall, VPN gateway) for small to medium businesses.

Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities

Vidar Stealer 2.0 represents a significant evolution in infostealer malware, featuring a complete rewrite in C, multithreaded architecture, and advanced evasion and credential theft capabilities.

Lumma Stealer Developers Doxxed

Sensitive details of these core members have been leaked following the doxxing campaign. The attack is suspected to have been carried out by cybercrime competitors, according to a Trend Micro report.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags