NHS Trusts’ Data ‘Stolen’ in Cyberattack

NHS trusts had information stolen in the latest cyberattack on the UK health service, experts have told Sky News, with concerns raised that patient data might be vulnerable in such incidents. University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust have been named as those exposed via a recently discovered […]

Continue reading


Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor’s previously documented use of an HTML Application (.HTA) loader dubbed HATVIBE, Recorded Future’s Insikt Group said in an analysis. “Given TAG-110’s […]

Continue reading


Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military Unit 26165. […]

Continue reading


Major tech vendors call for streamlining US foreign cyber aid

The U.S. for years has struggled to provide rapid cybersecurity support to international allies before, during and after cyberattacks. The Biden administration created a cyber aid program that includes a rapid-response fund, but upgrading the entire foreign-aid bureaucracy to match the speed of cyber incidents has been a challenge. The Trump administration’s pause in foreign assistance, which affected multiple […]

Continue reading


ChatGPT Vulnerability Lets Attackers Embed Malicious SVGs & Images in Shared Chats

A critical security vulnerability in ChatGPT has been discovered that allows attackers to embed malicious SVG (Scalable Vector Graphics) and image files directly into shared conversations, potentially exposing users to sophisticated phishing attacks and harmful content. The flaw, recently documented as CVE-2025-43714, affects the ChatGPT system through March 30, 2025. Security researchers identified that instead […]

Continue reading


‘China-based’ hack targets UK companies in ‘critical national security threat’, says analyst

A new wave of cyber attacks against British companies is a “critical national security threat”, an analyst has told Sky News. It follows the exposure of a previously unknown vulnerability in software used by hundreds of companies. But unlike the recent attacks against M&S, Co-op and Harrods, the latest incident was not ransomware but rather […]

Continue reading


Spain to vet power plants’ cybersecurity for ‘great blackout’ cause

The Spanish government is gathering information on the cybersecurity measures of the country’s small electricity generating companies to assess whether malicious actors exploited them to take down the country’s electricity grid, according to Financial Times. The Spanish government has yet to determine the specific causes of the blackout that left the country without power for […]

Continue reading


VMware Tools Vulnerability Let Attackers Tamper Files to Trigger Malicious Operations

A moderate-severity vulnerability in VMware Tools could allow attackers with limited privileges to manipulate files and trigger insecure operations within virtual machines. The vulnerability, tracked as CVE-2025-22247, affects both Windows and Linux versions of VMware Tools 11.x.x and 12.x.x, with macOS versions confirmed to be unaffected. Since there are currently no workarounds and exploitation might compromise the […]

Continue reading