Security Bulletin

World-renowned Japanese entertainment company Toho was purportedly breached by the BlackLock ransomware gang, according to Cybernews.

Major U.S. student housing developer Landmark Properties had 1.2 TB of data claimed to have been stolen from its systems by the Morpheus ransomware operation, Cybernews reports.

DeepSeek's risks must be carefully considered, and ultimately mitigated, in order to enjoy the many benefits of generative AI in a manner that is safe and secure for all organizations and users.

Organizations across Russia have been subjected to four times more phishing intrusions with the PureRAT information-stealing malware during the first four months of 2025, compared with the same period last year, reports The Hacker News.

Security Affairs reports that leading U.S. cryptocurrency exchange Coinbase had data from 69,461 individuals confirmed to be compromised following a cyberattack, which was previously disclosed to have involved bribes to its overseas customer service...

Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide dangerous information.

More than 100 Chrome browser extensions masquerading as legitimate tools, including YouTube, Fortinet VPN, Calendly, and DeepSeek AI, have been utilized to enable browser data compromise and remote script execution as part of a new attack campaign...

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty links, and more.

A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.

APT28 aims to infiltrate the networks of military groups and private contractors.

The latest version puts more emphasis on supply chain and AI agent security.

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.