Ring is warning that a backend update bug is responsible for customers seeing a surge in unauthorized devices logged into their account on May 28th. [...]

ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users' real IP addresses. [...]

The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. [...]

Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface. [...]

The UK National Cyber Security Centre (NCSC) has formally attributed 'Authentic Antics' espionage malware attacks to APT28 (Fancy Bear), threat actor already linked to Russia's military intelligence service (GRU). [...]

WineLab, the retail store of the largest alcohol company in Russia, has closed its stores following a cyberattack that is impacting its operations and causing purchase problems to its customers. [...]

Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. [...]

The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk. [...]

A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. [...]

Cryptocurrency exchange BigONE announced that it suffered a security breach, in which hackers stole various digital assets valued at $27 million. [...]

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. [...]

A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in the country. [...]

To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. [...]

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. [...]

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection. [...]

Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has shut down its public infrastructure in a move suspected to be an exit scam. [...]

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. [...]

An international law enforcement action dismantled a Romanian ransomware gang known as 'Diskstation,' which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. [...]

A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. [...]