Computer hacker holding a large metal lock and key
Posted inCybersecurity News

Over 600 Laravel apps found to be vulnerable to remote code execution (RCE) attacks after APP_KEYs leaked on GitHub.

Cybersecurity researchers from GitGuardian and Synacktiv uncovered a major security issue affecting Laravel applications. It seems that overΒ 600 Laravel appsΒ were found to be vulnerable toΒ remote code execution (RCE)Β attacks after their secretΒ APP_KEYΒ were leaked publicly, primarily on GitHubοΏΌοΏΌ.
14 arrested for defrauding the UK government of 47 million in a sophisticated phishing attack.
Posted inCybersecurity News

14 arrested for defrauding the UK government of 47 million in a sophisticated phishing attack.

A coordinated international law enforcement operation has led to the arrest of 14 individuals suspected of orchestrating a sophisticated phishing attack that defrauded the UK government of an estimated Β£47 million. The large-scale scam, which targeted His Majesty’s Revenue and Customs (HMRC), compromised over 100,000 taxpayer accounts and stands as one of the most significant tax-related cybercrimes in recent UK history.
Computer hacker holding a video game controller
Posted inCybersecurity News

DOJ seizes several high-profile online marketplaces for distributing pirated video games.

The Department of Justice (DOJ) and the FBI’s Atlanta Field Office have announced the successful seizure and dismantling of several high-profile online marketplaces responsible for distributing pirated video games. This coordinated operation marks a significant victory in the ongoing fight against digital piracy and intellectual property theft.
Popular WordPress plugin Gravity Forms compromised in supply-chain attack.
Posted inCybersecurity News

Popular WordPress plugin Gravity Forms compromised in supply-chain attack.

The popular WordPress pluginΒ Gravity FormsΒ has been compromised in aΒ supply-chain attack. For a brief window in July 2025, attackers managed to infect the manual installer packages available for download from the official Gravity Forms website with aΒ backdoor. This incident didΒ notΒ affect automatic updates or installations performed through the built-in plugin updater, only manual downloads and composer installationsοΏΌοΏΌ.
Computer hacker holding a large metal lock and key
Posted inEncryption

What are passkeys and how do they work? The future of secure, passwordless authentication.

In the evolving landscape of digital security, passkeys have become a transformative technology, ready to replace traditional passwords with a safer, more user-friendly alternative. Built on robust cryptographic principles and modern authentication standards, passkeys offer a seamless and highly secure way for users to access online services. They are the future of authentication.
Computer hacker holding a large metal lock and key
Posted inCybersecurity News

Force Push Scanner technique uncovers thousands of sensitive credentials and tokens in GitHub repositories.

White-hat researchers have recently exploited the Force Push Scanner techniqueΒ to uncover thousands of active secrets in GitHub repositories. Security researcher Sharon Brizinov used the tool to scan "deleted" (dangling) commits and discovered a trove of sensitive credentials, including admin access tokens for major projects like Istio.
Alarm sounded over a critical vulnerability in Wing FTP Server (CVE-2025-47812) that is currently being exploited in the wild.
Posted inCybersecurity News

Alarm sounded over a critical vulnerability in Wing FTP Server (CVE-2025-47812) that is currently being exploited in the wild.

Security researchers and threat intelligence teams are sounding the alarm over a critical vulnerability in Wing FTP Server, tracked asΒ CVE-2025-47812, which is currently being exploited in the wild. The flaw, which affects all versions up to and including 7.4.3, enables remote attackers to execute arbitrary code on vulnerable servers, potentially leading to full system compromise.
Computer hacker with Android robot on desk
Posted inCybersecurity News

Google dusts off its hands. Its job is done. For the first time in nearly a decade, there will be no monthly security update for Android.

In a notable departure from nearly a decade of routine, July 2025 marks the first month since August 2015 that Google has not released any security updates for Android devices.Β This pause in the monthly update cycle is unprecedented and has drawn attention from both industry experts and the broader Android community.
Russian flag with x marked through it
Posted inAI/Machine Learning

How Russian bots target critics to trigger AI-driven social media account suspensions.

Social media platforms have become battlegrounds for influence, information warfare, and censorship. Among the most sophisticated actors exploiting these platforms are Russian-linked bot networks, which use targeted campaigns and automated reporting tools to silence critics, manipulate narratives, and trigger account suspensions. I know, my Instagram account is a frequent target of theirs.