Cybercriminals are utilizing YouTube to spread malware, specifically an info-stealing variant named Lumma Stealer which can extract sensitive data. Assailants take over well-known YouTube channels, add malicious content presented as cracked software or game cheats and exploit users’ trust. They further secure their tactics by using legitimate file-hosting services, password-protecting downloads and encoding to avoid early detection. Cybersecurity professionals urge individuals to avoid pirated software, verify download sources and improve their overall cybersecurity practices.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is