Pandora, the internationally renowned Danish jewellery retailer, has disclosed a significant data breach affecting its Italian customer base. The company’s notification suggests that unauthorized actors accessed sensitive personal information, potentially as part of a wider Salesforce data compromise. While...

Rockwell Automation has disclosed three high-severity vulnerabilities affecting its Arena Simulation software that could allow attackers to execute arbitrary code on targeted systems. The vulnerabilities, discovered by security researcher Michael Heinzl and tracked as CVE-2025-7025, CVE-2025-7032, and CVE-2025-7033, affect...

A critical vulnerabilities affecting over 100 Dell laptop models that could allow attackers to completely compromise systems and steal sensitive data, including passwords and biometric information. The vulnerabilities, collectively dubbed "ReVault" by Cisco Talos researchers, pose a significant threat...

A critical vulnerability in Cursor, the rapidly growing AI-powered code editor, that enables persistent remote code execution through manipulation of the Model Context Protocol (MCP) validation system. The vulnerability, tracked as CVE-2025-54136 and dubbed "MCPoison," exploits a trust bypass...

Cisco Systems has confirmed that a sophisticated voice phishing (vishing) attack led to the theft of basic profile information for a subset of users on its Cisco.com platform. The company immediately contained the breach and launched an investigation, determining...

Security researchers have revealed alarming details about how attackers are exploiting recently disclosed Microsoft SharePoint vulnerabilities to steal critical IIS Machine Keys, potentially giving hackers persistent backdoor access to compromised servers. The exploitation campaign, which began approximately 10 days...