Latest stories — Page 5

Fake Interpol Arrest Notices Are Delivering Ransomware to Small Businesses
Criminals are impersonating the international police agency to frighten small business owners into downloading malware. The tactic is simple. It's working.

Australians Are Safer Online Than Last Year — Unless They Run a Small Business
A new government survey found cybercrime fell across Australia in 2025, but small business owners are facing more legal and staffing fallout than ever before.

Apple Shifts Security Update Strategy Amid AI-Driven Cyber Threats
Apple now releases security patches more frequently to tackle the growing threats posed by AI-enhanced cyberattacks.

Chinese Spy Group Lures Energy Workers With Fake Australian News Site — Then Steals Everything They Type
A state-linked hacking group spent two months tricking employees at offshore energy companies into visiting a bogus news website that silently recorded their every keystroke.

CISA's New Playbook Nudges Agencies Toward Zero Trust — and Everyone Else Can Read Along
The agency's updated TIC 3.0 guidance folds Secure Access Service Edge into federal network modernisation, and the advice travels well beyond government.

Google Patches Fifth Chrome Zero-Day of 2022 as Hackers Actively Exploit the Flaw
A flaw in how Chrome handles a mobile-linking feature is being weaponised in real attacks. It's the fifth time this year Google has had to rush out an emergency fix for its browser.

US warns Russian spies are still hunting your WhatsApp and Signal accounts
CISA and the FBI say Russian intelligence officers are running fresh phishing campaigns to hijack accounts on messaging apps used by journalists, officials and activists.

CISA Flags Actively Exploited SimpleHelp Flaw, Orders Federal Agencies to Patch Fast
A newly listed authentication bypass in SimpleHelp remote-support software is being used in real attacks, and federal agencies now face a hard deadline to fix it.

Schneider Electric patches three flaws in PowerLogic P7 grid protection gear
The most serious bug lets an unauthenticated attacker knock the device's control screen offline. A firmware update is out.

Satellite reaction wheel flaw lets attackers with physical access swap in malicious firmware
CISA flags a signature-verification gap in CubeSpace's CW0057, tracked as CVE-2026-13743. The vendor rates practical risk as low.

FortiBleed: 11,000 Fortinet Firewalls Still Compromised, Now Tied to INC and Lynx Ransomware
Researchers say the same crew that hoarded credentials from hundreds of thousands of Fortinet firewalls has been sitting inside the negotiation panels of two major ransomware gangs.

TA558 Is Back, Targeting Hotels and Airlines With Fake Booking Emails
A criminal group that has quietly stolen travel-industry data since 2018 has dramatically ramped up its fake-reservation campaigns, now using compressed file tricks to sneak spying software onto victims' computers.

Medtronic tells customers their personal data was stolen in ShinyHunters raid
The medical device giant confirms hackers rifled through its corporate systems for nearly a week in April, exposing names, Social Security numbers and health details.

Apple Pushes Emergency Fixes for Two Flaws Already Being Used to Attack iPhones and Macs
Two previously unknown security holes — one in the heart of Apple's operating system, one in its browser engine — are being actively exploited. Every iPhone, iPad, and Mac owner should update today.

Alleged Scattered Spider member, 19, extradited to the US after airport arrest
Peter Stokes, a dual US-Estonian citizen picked up in Helsinki in April, is accused of helping the notorious hacking crew squeeze millions from big-name companies.

CISA Orders Federal Agencies to Patch Palo Alto Firewall Flaw Being Exploited Now
A misconfigured URL filtering setting in Palo Alto Networks firewall software is letting attackers weaponise the firewalls themselves — turning them into unwitting cannons pointed at other targets.

Opera's new Paste Protect tries to stop the copy-paste scam that's been draining wallets
The browser will now block dodgy commands before they reach your clipboard, targeting the ClickFix trick that has become criminals' favourite way to trick people into infecting their own computers.

Twitter's Former Security Chief Filed an 84-Page Federal Complaint Accusing the Company of Hiding Security Failures From Regulators
Peiter Zatko says Twitter misled a federal watchdog, left half its servers unprotected, and may have foreign spies on staff. Twitter calls him a disgruntled ex-employee. Congress says it wants answers.

80,000 Hikvision Security Cameras Left Wide Open — and Criminals Are Selling the Keys
A critical flaw in one of the world's most popular surveillance cameras has sat unpatched for nearly a year on tens of thousands of devices. Now hackers are trading access on underground forums.

CISA orders federal agencies to patch SharePoint flaw by Saturday as attacks begin
A newly exploited Microsoft SharePoint bug lands in CISA's Known Exploited Vulnerabilities Catalog, triggering a three-day patching clock under Binding Operational Directive 26-04.

Cisco admits hackers are breaking into its phone system software — here's what that means
A flaw in Cisco Unified Communications Manager, the software that runs office phone systems, is now being actively abused after a patch and public exploit code lit the fuse.