Canadian airline WestJet this week confirmed that customer personal information was stolen in a June 2025 cyberattack. The incident, disclosed on June 13, involved unauthorized access to several internal systems and impacted the availability of WestJet's application and website. The airline's operations were not affected by the attack, and WestJet restored access to its application and website roughly two days after the incident. READ MORE...
A Chinese state-sponsored hacking group tracked as 'Phantom Taurus' has been targeting government and telecommunications organizations for espionage for more than two years, Palo Alto Networks reports. Initially observed in 2023, the APT was only recently linked to Chinese hacking groups through shared infrastructure, as its tactics, techniques and procedures (TTPs) differ from those typically associated with threat actors operating out of China. READ MORE...
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. The new tool was spotted by Varonis researchers, who told BleepingComputer that MatrixPDF was first spotted on a cybercrime forum. The seller also uses Telegram as an additional means of interacting with buyers. READ MORE...
An evasive new Android Trojan in the wild is capable of covertly stealing victims' money while they're sleeping. Often, malware has to evolve and present new challenges to cyber defenders in order to survive. But banking Trojans have always been the meat and potatoes of cybercrime - effective, despite being mostly unchanged for decades now. "Klopatra," a new banking Trojan described in a recent blog post from fraud detection vendor Cleafy, isn't a total overhaul of the familiar model. READ MORE...
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. Tracked as CVE-2025-30247, the flaw is an OS command injection in the user interface of My Cloud and can be leveraged through specially crafted HTTP POST requests sent to vulnerable endpoints. The vulnerability was reported to Western Digital by a security researcher using the alias "w1th0ut." READ MORE...
Nearly 50,000 Cisco firewall devices with recently disclosed vulnerabilities are connected to the internet, according to new data. Statistics from the Shadowserver Foundation illustrate the extent of the world's exposure to the three flaws in Cisco's Adaptive Security Appliance devices and Firepower Threat Defense devices, which earned a rare emergency patching directive from the Cybersecurity and Infrastructure Security Agency (CISA) after the Sept. 25 disclosure. READ MORE...
Researchers at the Georgia Institute of Technology scrutinized the security of the popular Tile tracker and came out disappointed. Bluetooth trackers are a steadily growing market, and Life360 is one of the major players. In 2021, Amazon expanded its Sidewalk network to include Tile. That means Ring cameras and Echo devices can act as relays, picking up the location of Tile trackers and phones running the Tile app. READ MORE...
Security researchers discovered three vulnerabilities in Google's Gemini artificial intelligence (AI) assistant. Although now patched, this "Trifecta", as the researchers called it, raises important questions about how safe AI tools really are, especially as they become a part of services many of us use on a daily basis. The flaws were found in three different Gemini components: Gemini Cloud Assist, Gemini Search Personalization Model, and Gemini Browsing Tool READ MORE...