AI is helping drive a sharp rise in phishing attacks, Cofense says
Cofense says phishing volume doubled in a year as AI helps attackers craft more convincing, personalized email lures.
Labyrinth Chollima evolves into three North Korean hacking groups
CrowdStrike says North Korea’s Labyrinth Chollima has split into three groups, signaling more specialized DPRK cyber operations.
Us data breaches hit record high but victim numbers decline
U.S. data breaches hit a record high in 2025, while victim totals fell, pointing to more frequent but smaller and more fragmented incidents.
Researchers say more than 454,000 malicious open source packages were found in 2025
Sonatype says it found 454,000+ malicious open source packages in 2025, signaling a sharp escalation in software supply-chain threats.
LastPass warns fake backup emails are trying to steal master passwords
LastPass says fake backup emails are phishing for master passwords and urges users not to trust urgent 24-hour account notices.
Over 160,000 companies have notified European regulators of GDPR breaches
DLA Piper says over 160,000 GDPR breach notifications were filed in Europe, with breached firms reporting incidents up 22%.
AI is supercharging cybercrime’s new ‘fifth wave,’ Group-IB warns
Group-IB says cybercrime has entered a fifth wave, with AI boosting phishing, deepfakes and impersonation fraud at scale.
Ransomware victim numbers rise despite fewer active extortion groups
ReliaQuest-linked reporting suggests ransomware victims rose in Q4 2025 despite fewer extortion groups, pointing to criminal market consolidation.
Android 17 tests a block on accessibility API abuse by non-assistive apps
Google is testing an Android 17 safeguard that limits accessibility API use under Advanced Protection Mode to curb malware abuse.
Apple patches WebKit flaw that could bypass same-origin protections on iPhone, iPad, and Mac
Apple fixed CVE-2026-20643, a WebKit bug that could let malicious web content bypass same-origin protections on iOS, iPadOS, and macOS.
SideWinder espionage campaign expands across Southeast Asia
SideWinder is widening espionage activity in Southeast Asia, using spear-phishing, old Office flaws, and rotating infrastructure to target strategic s
Navia discloses data breach impacting 2.7 million people
Navia says a data breach exposed sensitive information tied to nearly 2.7 million people, raising serious identity theft and vendor risk concerns.