Day: May 7, 2025

Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord

NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025

A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown

Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world.
In connection with the operation, Polish authorities have arrested four individuals and the United States has seized nine domains that are associated with the now-defunct platforms.
“The suspects are believed to be behind six separate

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82. 
“This is due to the create_wp_connection() function missing a capability check and

Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges.
The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is

The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025

The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages