Security researchers have identified a new StealIt malware campaign abusing the NodeJS SingleFile module to exfiltrate sensitive data from compromised environments. This JavaScript-based threat demonstrates how legitimate developer tools can be turned into effective espionage vectors within open-source ecosystems.
A new Cl0p ransomware breach has hit dozens of organizations across finance, energy, and logistics sectors. Analysts warn the campaign marks a resurgence of the group’s dark-web leak operations, signaling a return to large-scale, supply-chain-style extortion attacks.
The newly discovered ClayRat Android spyware represents one of 2025’s most sophisticated state-sponsored mobile espionage tools. Designed to collect device data, intercept communications, and monitor app activity, ClayRat’s discovery highlights how Android remains a prime target in global intelligence operations.
Google has disclosed a widespread Oracle-linked hacking campaign impacting dozens of organizations across sectors including energy, tech, and logistics. The operation, active since mid-2025, exploited software integrations between vendors and clients marking one of the year’s most significant supply chain cyberattacks.
The number of data-leak sites hit an all-time high in 2025, marking a major escalation in the ransomware ecosystem. Threat groups expanded their leak operations across the dark web, with some running multiple extortion portals at once. Analysts say this surge reflects a fundamental shift in how ransomware crews monetize stolen data.
A new cyberattack demonstrates how hacktivists target critical infrastructure with increasing precision. In this case, attackers believed they breached a real water treatment facility, yet the environment was a sophisticated decoy — a honeypot designed to study intrusions into industrial control systems (ICS).
Online betting platform DraftKings has confirmed a credential-stuffing breach exposing customer data. Attackers reused leaked passwords from past breaches to gain access to DraftKings accounts, compromising personal details, account balances, and transaction history. Users are advised to reset passwords and enable multi-factor authentication immediately.
A critical vulnerability in the Service Finder Bookings plugin bundled with the Service Finder WordPress theme allows unauthenticated attackers to log in as administrators. The flaw, tracked as CVE-2025-5947, is actively exploited in the wild with a CVSS 9.8 rating. Users must patch immediately to prevent takeovers.
Security researchers have exposed a large-scale espionage campaign where Chinese hackers weaponized open-source tools to infiltrate critical infrastructure systems worldwide. The operation showcases a shift toward covert, community-blended tactics where public codebases become vectors for nation-state exploitation.
Google has launched a new AI Vulnerability Reward Program (AI VRP) that pays up to $30,000 for critical flaws in its AI systems. Covering products such as Gemini, Search, and Workspace, the initiative bridges responsible AI research with traditional bug bounty frameworks, rewarding ethical hackers who strengthen AI security.