Apple Safari Address Bar Can Be Visually Spoofed by Oversized Cursor
A newly disclosed trick involving Safari's handling of custom cursors on macOS has reignited concerns over address bar spoofing.| CyberInsider
Cloudflare has confirmed it was impacted by the recent Salesloft Drift supply chain attack, which enabled a threat actor to exfiltrate customer support case data from its Salesforce instance. While core infrastructure and services remain unaffected, the breach potentially exposed sensitive customer information, including API tokens and credentials shared during support interactions. Cloudflare is a … The post Cloudflare Confirms Customer Data Exposure in Salesloft Drift Breach appeared firs...| CyberInsider
The Federal Trade Commission (FTC) has announced a $10 million settlement with Disney following allegations that the media giant violated the Children’s Online Privacy Protection Act (COPPA) by misclassifying videos on YouTube, leading to the unlawful collection of children’s personal data. The complaint, filed by the Department of Justice (DOJ) on behalf of the FTC … The post Disney Fined $10 Million for Collecting Children’s Data on YouTube appeared first on CyberInsider.| CyberInsider
Google’s September 2025 Android Security Bulletin addresses over 80 vulnerabilities, including two actively exploited zero-day flaws and three critical issues, with the most severe allowing remote code execution (RCE) on unpatched devices without requiring user interaction. The Android security team published the bulletin on September 2, 2025, following its standard disclosure practice of notifying partners … The post Android Update Fixes Two Zero-Day Flaws Under Active Exploitation appea...| CyberInsider
Jaguar Land Rover (JLR) has suffered a cyberattack that forced the company to shut down core IT systems, halting production and disrupting global sales and vehicle registrations. The incident began over the weekend and has now entered its second day, with the automaker still unable to confirm when operations will be fully restored. The breach … The post Jaguar Land Rover Car Production and Sales Crippled by Cyberattack appeared first on CyberInsider.| CyberInsider
On August 29, 2025, Brazilian fintech Sinqia S.A., a subsidiary of Evertec Inc., suffered a major security breach involving Brazil’s real-time payment system, Pix. According to Evertec’s 8-K filing with the US Securities and Exchange Commission, attackers processed approximately R$710 million (~$140 million USD) in unauthorized transactions affecting two financial institutions using Sinqia’s Pix transaction … The post Hackers Attempted Theft of $140 Million from HSBC Bank in Brazil ap...| CyberInsider
Despite mounting sanctions, legal pressure, and international outrage, commercial spyware vendors are thriving, using stealth infrastructure, corporate rebranding, and legal grey zones to continue arming governments with tools for covert surveillance. A new report by Sekoia.io reveals that the global spyware market has not only survived years of scandals and investigations, but continues to grow … The post Global Spyware Industry Thriving Despite Sanctions and Exposure appeared first on Cyb...| CyberInsider
The Pennsylvania Office of Attorney General (OAG) has confirmed it was the target of a ransomware attack earlier this month, disclosing that unknown threat actors encrypted files in an effort to extort the state agency. No ransom was paid, and the OAG reports that it is making significant progress in restoring full operations. The disclosure … The post Pennsylvania AG’s Office Hit by Ransomware, Refused to Pay Hackers appeared first on CyberInsider.| CyberInsider
Recent claims that Google issued a sweeping security warning to billions of Gmail users have been firmly denied by the company, which clarified that no such alert was sent and that Gmail's existing protections remain effective. The clarification comes after widespread coverage by news outlets, including The Independent, which cited Google's Threat Intelligence reports to … The post Google Refutes Reports of Gmail Breach Alert Sent to Billions appeared first on CyberInsider.| CyberInsider
The US Department of Homeland Security (DHS) has confirmed a major cybersecurity failure inside the Federal Emergency Management Agency (FEMA), resulting in unauthorized access to FEMA's internal networks. Homeland Security Secretary Kristi Noem responded by terminating 24 IT officials, including FEMA's Chief Information Officer and Chief Information Security Officer. The breach was discovered during a … The post US Government Audit Discovered Cybersecurity Breach at FEMA appeared first on ...| CyberInsider
A newly disclosed trick involving Safari's handling of custom cursors on macOS has reignited concerns over address bar spoofing.| CyberInsider
FreeVPN.One, a verified Chrome extension with over 100k installs on the Chrome Web Store, is taking screenshots of sites users visit.| CyberInsider
Apple has released security updates to address a new zero-day flaw exploited in targeted attacks, affecting its mobile and desktop OSes.| CyberInsider
The Matrix.org Foundation released a security update for all Matrix server implementations, addressing two high-severity protocol flaws.| CyberInsider
ESET disclosed an actively exploited zero-day vulnerability in WinRAR abused in phishing campaigns by the Russia-aligned threat group RomCom.| CyberInsider
In this Surfshark VPN review, we thoroughly tested out the VPN with speeds, security, features, and more to compare it to other leading VPNs| CyberInsider
Surfshark has introduced 'FastTrack', a new VPN routing optimization feature that dynamically adjusts traffic routes in real time.| CyberInsider
A set of five severe vulnerabilities collectively dubbed “ReVault” has been discovered in Dell’s ControlVault3 firmware and associated Windows APIs.| CyberInsider
New info-stealing malware called PXA Stealer is targeting user data and crypto wallets, with attackers relying on Telegram for command and control.| CyberInsider
Highlands Oncology reports a Medusa ransomware attack affecting over 113,000 people, its second PHI breach following a 2023 ransomware incident.| CyberInsider
New Linux backdoor “Plague” lets hackers secretly access servers by hiding in login systems, avoiding antivirus detection and leaving few traces behind.| CyberInsider
Lenovo released a security advisory addressing six critical BIOS vulnerabilities affecting select IdeaCentre and Yoga All-in-One desktops.| CyberInsider
LATEST NEWS Reliable cybersecurity news and in-depth resources, written by industry experts. Explore news topics Cyberinsider resources| CyberInsider
The Swedish Armed Forces have standardized the use of the encrypted messaging app Signal for non-classified communications via mobile phones.| CyberInsider
Microsoft has confirmed that its August 2024 security update disrupts the boot process for Linux on devices on a dual-boot setup.| CyberInsider
