May 30, 2026

Palo Alto PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Actively Exploited

Cybersecurity teams around the world are being urged to take immediate action following the discovery of a critical vulnerability in Palo Alto Networks’ PAN-OS software. The flaw, identified as CVE-2026-0257 and assigned a CVSS score of 7.8, is already being actively exploited in the wild. The vulnerability affects the GlobalProtect portal and gateway and allows attackers to establish unauthorized VPN […]
April 30, 2026

UK Launches New Cyber Resilience Push at CYBERUK Conference

The UK government used the CYBERUK 2026 conference in Glasgow to outline its vision for strengthening national cyber resilience over the coming decade. Held from 21 to 23 April at the Scottish Event Campus, the event brought together more than 3,000 cybersecurity professionals, government officials, academics, and industry leaders to discuss the evolving threat landscape and the future of cyber […]
February 28, 2026

Iranian Prayer App Turned Into a Cyber Weapon During Airstrikes

Millions of people across Iran experienced an unusual and alarming situation on the morning of February 28, 2026, as military strikes and a major cyber incident unfolded at the same time.The incident involved BadeSaba Calendar, one of Iran’s most widely used prayer and religious applications, with more than five million downloads. Instead of delivering its normal prayer reminders and religious […]
October 16, 2025

US Air Force warns of SharePoint data breach

The U.S. Air Force publicly acknowledged a significant data breach involving Microsoft SharePoint, which potentially exposed sensitive personal and health information of service members. According to an official notification circulated by the Air Force Personnel Center, the breach stemmed from misconfigured SharePoint permissions, resulting in the unauthorized access to Personally Identifiable Information (PII) and Protected Health Information (PHI). To mitigate […]
October 10, 2025

Western Sydney University warns of scam emails revoking degrees

Western Sydney University warned students and alumni about a sophisticated scam involving fraudulent emails falsely claiming that recipients’ academic degrees had been revoked and that they were permanently excluded from the university. These emails, which appeared very official and included students’ full names and ID numbers, caused significant alarm among recipients. WSU confirmed the emails were fake, not issued by […]
October 5, 2025

Allianz Life reveals almost 1.5m impacted by July data breach

Allianz Life Insurance Company of North America suffered a significant data breach impacting nearly 1.5 million individuals, including customers, financial professionals, and select employees. The breach occurred on July 16, 2025, when a malicious threat actor gained unauthorized access to a third-party, cloud based Customer Relationship Management (CRM) system used by Allianz Life via a social engineering attack, specifically a […]
February 22, 2025

Countermeasures Against DDoS Attacks NISC

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) took a significant step to bolster global cybersecurity defenses against Distributed Denial-of-Service (DDoS) attacks, particularly those targeting edge devices. Collaborating with international partners, NISC co-published a comprehensive document titled “Mitigation Strategies for Edge Devices,” originally authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).This joint advisory, […]
February 10, 2025

Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack

The government of Kazakhstan announced a comprehensive audit of its Ministry of Foreign Affairs in response to a significant cybersecurity breach believed to be orchestrated by Russia-linked threat actors. The cyberattack, which reportedly targeted internal communications and sensitive diplomatic data, raised immediate concerns regarding national security and the integrity of Kazakhstan’s foreign policy apparatus.According to official statements released by the […]
February 4, 2025

DeepSeek AI tools impersonated by infostealer malware on PyPI

Cybersecurity researchers identified that threat actors had uploaded multiple packages impersonating legitimate tools developed by DeepSeek, a prominent company known for its advanced artificial intelligence models. The malicious packages were crafted to closely resemble genuine DeepSeek AI utilities, leveraging nearly identical names and descriptions. Unsuspecting developers who installed these packages unknowingly activated a stealthy infostealer malware designed to harvest sensitive […]