Cybersecurity researchers have uncovered and detailed two vulnerabilities in SAP’s Graphical User Interface (GUI) for Windows and Java, tracked as CVE-2025-0055 and CVE-2025-0056.

Aflac, the largest provider of supplemental insurance in the United States, has disclosed a cyberattack that affected its systems, according to a June 12, 2025, SEC filing.

Stolen cryptocurrency was sent to domain registrars as payment to create fake cryptocurrency investment domains and to Meta as payment for Facebook advertisements that promoted fraudulent cryptocurrency investment opportunities.

Unknown threat actors have compromised Microsoft Exchange Servers accessible from the internet, injecting keylogging code into the Outlook on the Web (OWA) login pages used by government agencies and private companies worldwide.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

A threat actor using the alias “Often9” has surfaced on a known cybercrime forum, claiming to have acquired a trove of 428 million unique TikTok user records.

LexisNexis Risk Solutions has disclosed that a data breach at one of its third-party software development providers has compromised the personal information of more than 364,000 people.