Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Microsoft Tests Shared Bluetooth Audio for Windows 11, Restricted to ‘AI PCs’
Microsoft is currently testing a new “shared Bluetooth audio” feature within Windows 11, designed exclusively for a new category of devices designated as “AI PCs.” This development, observed in Windows 11 Insider Preview Build 26058, introduces capabilities for simultaneous audio streaming to multiple nearby devices. The integration of this feature with emerging hardware classifications warrants…
-
Brash Exploit Uncovers Critical Chromium Blink Vulnerability
A newly discovered exploit, dubbed ‘Brash,’ has revealed a critical architectural vulnerability within the Chromium Blink rendering engine, capable of causing a system-level denial of service across a wide range of Chromium-based browsers globally. This flaw, not a traditional memory corruption bug, exploits a fundamental design oversight in how web browsers manage tab titles.
-
Australian Clinical Labs Fined A$5.8 Million for Medlab Pathology Data Breach
Australian Clinical Labs (ACL) has been ordered to pay a A$5.8 million civil penalty for a data breach at its subsidiary, Medlab Pathology, marking a first under Australia’s Privacy Act.
-
CISA Confirms Linux Kernel Flaw Exploited in Ransomware Attacks
CISA confirms active exploitation of CVE-2024-1086, a Linux kernel privilege escalation flaw, in ransomware attacks, urging federal agencies to patch immediately.
-
Google Explores Deeper Personal Data Integration for AI Search Mode
Google is reportedly developing capabilities for its AI Mode in Search to access personal user data from services such as Gmail and Google Drive, offering an opt-in for enhanced personalization.
-
Chinese State-Linked Group Exploits Windows Zero-Day Against European Diplomats
A China-linked threat actor, identified as UNC6384 (also known as Mustang Panda), is actively exploiting a Windows zero-day vulnerability, CVE-2025-9491, in targeted attacks against European diplomatic entities. The campaign aims to conduct cyber espionage, monitoring communications and exfiltrating sensitive data from compromised systems. This activity highlights the ongoing risk posed by unpatched vulnerabilities in critical…
-
Ukrainian National Extradited to U.S. on Conti Ransomware Charges
Ukrainian national Oleksii Oleksiyovych Lytvynenko has been extradited to the U.S. to face charges related to his alleged involvement with the Conti ransomware operation. This action highlights ongoing international efforts against cybercriminals, with Lytvynenko facing potential penalties for wire fraud and computer fraud conspiracy. The Conti group, active from 2020 to 2022, is linked to…
-
CISA Directs Federal Agencies to Patch Actively Exploited VMware Vulnerability by Chinese Threat Actor UNC5174
CISA directs federal agencies to patch a high-severity VMware vulnerability, CVE-2025-41244, actively exploited by the Chinese state-sponsored threat actor UNC5174 since October 2024. All organizations are urged to prioritize patching due to its frequent use as an attack vector.
-
Critical Authentication Bypass Vulnerability Patched in Claroty SRA Products
A critical authentication bypass vulnerability (CVE-2025-54603) in Claroty Secure Remote Access (SRA) products has been patched, preventing unauthorized access and control in OT environments.
-
Android’s AI-Powered Defenses Block Billions of Monthly Mobile Scams
Google’s AI-powered defenses are successfully blocking billions of malicious calls and messages monthly, combating prevalent scams like employment fraud and financial deception, and adapting to new tactics like group chat scams.