LastPass warns fake backup emails are trying to steal master passwords
LastPass says fake backup emails are phishing for master passwords and urges users not to trust urgent 24-hour account notices.
Over 160,000 companies have notified European regulators of GDPR breaches
DLA Piper says over 160,000 GDPR breach notifications were filed in Europe, with breached firms reporting incidents up 22%.
AI is supercharging cybercrime’s new ‘fifth wave,’ Group-IB warns
Group-IB says cybercrime has entered a fifth wave, with AI boosting phishing, deepfakes and impersonation fraud at scale.
Ransomware victim numbers rise despite fewer active extortion groups
ReliaQuest-linked reporting suggests ransomware victims rose in Q4 2025 despite fewer extortion groups, pointing to criminal market consolidation.
Android 17 tests a block on accessibility API abuse by non-assistive apps
Google is testing an Android 17 safeguard that limits accessibility API use under Advanced Protection Mode to curb malware abuse.
Apple patches WebKit flaw that could bypass same-origin protections on iPhone, iPad, and Mac
Apple fixed CVE-2026-20643, a WebKit bug that could let malicious web content bypass same-origin protections on iOS, iPadOS, and macOS.
SideWinder espionage campaign expands across Southeast Asia
SideWinder is widening espionage activity in Southeast Asia, using spear-phishing, old Office flaws, and rotating infrastructure to target strategic s
Navia discloses data breach impacting 2.7 million people
Navia says a data breach exposed sensitive information tied to nearly 2.7 million people, raising serious identity theft and vendor risk concerns.
Musician admits using AI bots to steal $10 million in streaming royalties
Michael Smith pleaded guilty to using AI-generated music and bots to fraudulently collect more than $10 million in streaming royalties.
International joint action disrupts four major IoT DDoS botnets
The U.S., Germany, and Canada disrupted C2 infrastructure for four major IoT botnets used in large-scale DDoS attacks.
ICO’s £14m Reddit fine puts age checks and child privacy under scrutiny
The UK ICO plans to fine Reddit £14m over alleged failures in handling children’s data, sharpening scrutiny of age checks and privacy.
Apple urges iPhone, iPad, and Mac users to install fixes for two zero-days under attack
Apple has patched two actively exploited zero-days affecting iPhone, iPad, and Mac devices, and users are being urged to update immediately.