Kaspersky has identified a malware campaign involving the Efimer Trojan, a threat first detected in October 2024 and still active into 2025. This Trojan is designed to steal cryptocurrency, compromise WordPress sites, and spread through torrents and targeted phishing emails.

Visa has announced the launch of its new Cybersecurity Advisory Practice, aimed at helping clients better understand the evolving threat landscape and take proactive steps to protect their businesses.

A new study by Heimdal and FutureSafe reveals that the security tools designed to protect managed service providers (MSPs) are increasingly working against them.

Northwest Radiologists has confirmed a significant data breach that compromised the personal information of approximately 348,000 Washington State residents.

Cybersecurity researchers have uncovered a coordinated campaign in which threat actors are impersonating trusted enterprises using fraudulent Microsoft OAuth applications to hijack user accounts.

In March 2024, INC Ransomware launched a significant attack on NHS Scotland, stealing 3 terabytes of sensitive data and threatening to publish it unless a ransom—reportedly in excess of $5 million—was paid. Known for its double-extortion tactics, INC not only encrypts victims’ data but also exfiltrates it to pressure payment.

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770/53771 and dubbed ToolShell, has led to the compromise of 396 systems globally. The Dutch cybersecurity firm Eye Security uncovered the widespread exploitation after analyzing over 27,000 SharePoint servers between July 18 and 23.