Category: CySecurity News – Latest Information Security and Hacking Incidents

  At the RSA Conference 2025, John Fokker, head of threat intelligence at the Trellix Advanced Research Center, issued a stark reminder to the cybersecurity community that the behind of every cyberattack is a human being and the boundaries between…

Read more →

China-linked group attacks ESET discovered both SpellBinder and WizardNet, tools used by Chinese hackers. A China-based APT group, “The Wizards,” has been linked to a lateral movement tool, Spellbinder, which allows adversary-in-the-middle (AitM) attacks.  It does so via IPv6 stateless…

Read more →

  A newly discovered cyberattack is targeting WordPress websites by using a plugin that pretends to improve security but actually opens a backdoor for criminals. This fake plugin secretly gives attackers full control of affected sites. How the Infection Begins…

Read more →

  In the ever-evolving landscape of cybersecurity, Multi-Factor Authentication (MFA) has emerged as a robust defense mechanism, adding layers of security beyond traditional passwords. However, a deceptive tactic known as “push-bombing” is undermining this very safeguard, posing significant risks to…

Read more →

  The LabHost cybercrime platform, one of the biggest worldwide phishing-as-a-service (PhaaS) platforms, was shut down in April 2024, but the FBI has disclosed 42,000 phishing domains associated with it. In order to raise awareness and offer signs of compromise,…

Read more →

  The Wi-Fi network is a wireless gateway that connects homes and businesses to the Internet via the air, and it is typically provided by a router, which transmits data signals across the network. Mobile devices, laptops, and tablets can…

Read more →

  In a concerning escalation of cyber hostilities, a Pakistan-based threat group known as the Pakistan Cyber Force launched a coordinated cyber offensive on multiple Indian defence-related websites on Monday. The group claimed responsibility for defacing the official site of…

Read more →

  A new report released alongside the Centre for Emerging Technology and Security (CETaS) 2025 event sheds light on growing public unease around automated data processing in national security. Titled UK Public Attitudes to National Security Data Processing: Assessing Human…

Read more →

WhatsApp claims even it can not process private data WhatsApp has introduced ‘Private Processing,’ a new tech that allows users to use advanced AI features by offloading tasks to privacy-preserving cloud servers, without exposing their chat to Meta. Meta claims…

Read more →

In a recent security evaluation, a researcher discovered a severe remote code execution (RCE) vulnerability caused by improper backend input validation and misplaced reliance on frontend filters. The vulnerability centered on a username field within a target web application.  On…

Read more →

  There has been an official disclosure from Ascension Healthcare, one of the largest non-profit healthcare systems in the United States, that there has been a data breach involving patient information due to a cybersecurity incident linked to a former…

Read more →

  Posture management is rapidly evolving into a cornerstone of enterprise cybersecurity as organizations grapple with increasing digital complexity. With infrastructures now sprawling across cloud platforms, identity services, and data environments, the traditional model of siloed risk monitoring is no…

Read more →

  Security experts believe that more than 30,000 Australians’ banking details have been compromised online. According to Dvuln, an Australian computer security firm, the exposed data, discovered during the last four years, refers to “multiple major banks”. However, rather than…

Read more →

Commvault, a well-known company that helps other businesses protect and manage their digital data, recently shared that it had experienced a cyberattack. However, the company clarified that none of the backup data it stores for customers was accessed or harmed…

Read more →

  Artificial intelligence is rapidly reshaping software development at major tech companies, with Microsoft CEO Satya Nadella revealing that between 20% and 30% of code in the company’s repositories is currently generated by AI tools.  Speaking during a fireside chat…

Read more →

  Patrick Opet, the Chief Information Security Officer of JPMorgan Chase, has called on software companies to slow down and focus more on building secure systems rather than rushing their products to market. In a public letter, he warned that…

Read more →

  A new report has exposed a staggering 500% rise in infostealer malware attacks, with over 1.7 billion passwords leaked on the dark web in 2024 alone. Despite the growing threat, poor password hygiene continues to be a critical issue,…

Read more →

  Iran thwarted a “widespread and complex” cyberattack on Sunday that targeted the nation’s infrastructure, a senior official told Tasnim News Agency, which is affiliated with the Islamic Revolutionary Guard Corps.  Behzad Akbari, the head of the government’s Telecommunications Infrastructure…

Read more →

  Security researchers have issued a warning about a severe vulnerability affecting SAP systems, with over 1,200 instances potentially exposed to remote exploitation. This comes after SAP disclosed a critical flaw in the NetWeaver Visual Composer’s Metadata Uploader earlier this…

Read more →

The UK government has introduced a new policy that stops public sector organizations from making payments to cybercriminals during ransomware attacks. This decision was made to reduce the number of attacks by taking away the money motivation behind them. The…

Read more →

  A major firm being hacked, facing a cyber threat, or having critical digital data leaked seems to make headlines every day. Cyberattacks increased dramatically worldwide in the first quarter of 2025, with an average of 1,925 attacks per organisation…

Read more →

  After months of delays stemming from privacy and security concerns, Microsoft has officially rolled out its Recall AI feature for users of Windows 11 Copilot+ PCs. The feature, which has now exited its beta phase, is included in the…

Read more →

Microsoft alerts users about password-spraying attacks Microsoft has warned users about a new password-spraying attack by a hacking group Storm-1977 that targets cloud users. The Microsoft Threat Intelligence team reported a new warning after discovering threat actors are abusing unsecured…

Read more →

Global cybersecurity experts are raising serious concerns over the newly identified cyber threat known as Data Splicing Attacks, which poses a significant threat to thousands of businesses worldwide. It seems that even the most advanced Data Loss Prevention (DLP) tools…

Read more →

  While the General Data Protection Regulation (GDPR) was introduced with noble intentions—to protect user privacy and control over personal data—its practical side effects have caused widespread frustration. For many internet users, GDPR has become synonymous with endless cookie consent…

Read more →

  Apple has issued threat notifications to users across 100 countries, warning them that their devices may have been targeted by sophisticated commercial spyware. The alerts, sent earlier this week, were confirmed by at least two recipients, including Italian journalist…

Read more →

  A tech startup based in Ahmedabad is changing how businesses use artificial intelligence. The company has launched a platform that allows users to hire AI tools the same way they hire freelancers— on demand and for specific tasks. Over…

Read more →

  Jeremiah Fowler, a security researcher, uncovered a non-password-protected database thought to be owned by Carolina Anaesthesiology PA, a healthcare organisation based in North Carolina. This dataset included several states, had 21,344 records, and was about 7GB in size. The…

Read more →

  In a significant breach of digital infrastructure, the Jammu Municipal Corporation (JMC) has fallen victim to a cyberattack believed to have resulted in the loss of vast amounts of sensitive data. According to high-level intelligence sources, the attackers managed…

Read more →

  Hitachi Vantara, a subsidiary of Japan’s Hitachi conglomerate, temporarily shut down several servers over the weekend after falling victim to a ransomware incident attributed to the Akira group. The company, known for offering data infrastructure, cloud operations, and cyber…

Read more →

Hackers are exploiting the advantages of new tech and the availability of credentials, commercial tools, and other resources to launch advanced attacks faster, causing concerns among cybersecurity professionals.  Global Threat Landscape Report 2025 The 2025 Global Threat Landscape Report by…

Read more →

  There has been a rare and pointed move by the Federal Bureau of Investigation (FBI), which highlights the growing threat of state-sponsored cyberespionage. This was announced through a public announcement earlier this week, stating they would offer a reward…

Read more →

  A sophisticated cybercriminal technique called fast flux is being increasingly employed by cybercriminals, which is causing heightened concerns among intelligence agencies and cybersecurity agencies throughout the world.  It has been reported in April 2025 that the United States National…

Read more →

Pakistan’s cyber warfare against India Recently, Pakistan state-sponsored hacker groups launched multiple failed hacking attempts to hack Indian websites amid continuous cyber offensives against India after the Pahalgam terror attack. These breach attempts were promptly identified and blocked by the…

Read more →

  Cybersecurity researchers at Bitdefender have uncovered a sharp increase in deceptive online subscription scams, with fraudsters disguising themselves as legitimate e-commerce platforms and mystery box vendors. These sophisticated schemes are luring unsuspecting users into handing over sensitive credit card…

Read more →

  Threat analysts at Silent Push, a U.S. cybersecurity firm, told Reuters that North Korean cyber spies established two companies in the U.S., Blocknovas LLC and Softglide LLC, using fictitious personas and addresses to infect developers in the cryptocurrency industry…

Read more →

  A recent study has shown that more than one in three people have had at least one of their online accounts broken into during the past year. The main reason? Poor or stolen passwords. The report comes from the…

Read more →

  Coinbase has resolved a logging issue in its system that led users to wrongly believe their accounts had been compromised, after failed login attempts were mistakenly labeled as two-factor authentication (2FA) failures. As first uncovered by BleepingComputer, the bug…

Read more →

Recent research from Mandiant revealed that financially motivated hackers are the new trend, with more than (55%) of criminal gangs active in 2024 aiming to steal or extort money from their targets, a sharp rise compared to previous years.  About…

Read more →

  LinkedIn has taken a major step toward improving online safety by extending its identity verification feature beyond its own platform. This update is part of the company’s ongoing efforts to help users avoid fake profiles and internet scams, especially…

Read more →

  Earlier this week, the Rajasthan education department’s official website was hacked, with a statement ridiculing the Indian government over Pakistan’s detention of Indian Air Force commander Abhinandan Varthaman in 2019. The hackers attacked the homepage with a provocative message…

Read more →

  A major ransomware breach has rocked the Oregon Department of Environmental Quality (DEQ), with over 1.3 million files—amounting to 2.4 terabytes—dumped online by the cybercriminal group Rhysida. The stolen data, now circulating on the dark web, reportedly includes confidential…

Read more →

  Two separate ransomware incidents have recently affected healthcare providers in Maryland and California and exposed sensitive information belonging to more than 1.1 million patients as a result, according to disclosures filed with federal regulators that recently broke the story.…

Read more →

  Doctor Web researchers discovered a new spyware, tracked as Android. Spy.1292.origin, targets Russian military people. The malicious code was concealed in a trojanized Alpine Quest app and distributed via Russian Android catalogues. The malware acquires contacts, geolocation, and file…

Read more →

An app designed to track employee productivity by logging keystrokes and taking screenshots has suffered a significant privacy breach as more than 21 million images of employee activity were left in an unsecured Amazon S3 bucket. An app for tracking…

Read more →

  Cybercriminals have launched a deceptive malware campaign that disguises itself as online file converters, specifically targeting users searching for PDF to DOCX tools. This scheme uses convincing replicas of popular converter sites to execute hidden PowerShell scripts and deploy…

Read more →

  Cybersecurity experts and users alike are worried about a recent report that the hacking group ShinyHunters is offering more stolen data on the darknet marketplace in a concerning development. It has been reported that the group is attempting to…

Read more →

  President Donald Trump stated that his administration has learnt from Signalgate. “I think we learnt: Maybe don’t use Signal, okay?” Trump spoke about the messaging app in an interview with The Atlantic published Monday. “If you want to know…

Read more →

  A cybercrime group notorious for its outrageous tactics has resurfaced with a ransomware attack demanding an unbelievable $1 trillion from its victims. The group, responsible for the DOGE Big Balls ransomware campaign, has updated its ransom demands with bizarre…

Read more →

  A security researcher has discovered an ongoing cyberattack that is active, exploiting a newly discovered vulnerability in Fortinet’s FortiGate Firewalls to infiltrate corporate and enterprise networks and has been conducting this activity for some time. A security advisory published…

Read more →

  Most of us delete spam emails as soon as they land in our inbox. They’re irritating, unwanted, and often contain suspicious content. But what many people don’t know is that keeping them, at least briefly can actually help improve…

Read more →

  Next-generation DNA sequencing (NGS) is under increasing criticism for its cyber risks. While NGS has transformed disciplines ranging from cancer diagnosis to infectious disease tracking, a recent study warns that the platforms that enable these advancements could also be…

Read more →

  Google has officially halted its years-long effort to eliminate third-party cookies from Chrome, marking the end of its once-ambitious Privacy Sandbox project. In a recent announcement, Anthony Chavez, VP of Privacy Sandbox, confirmed that the browser will continue offering…

Read more →

  It has been reported that Elon Musk’s social media platform, X, formerly known as Twitter, was severely disrupted on Monday after a widespread cyberattack that has caused multiple service disruptions. Data from outage monitoring service Downdetector indicates that at…

Read more →

  At a startling rate, cybercriminals are taking over well-known YouTube channels, exposing viewers to malware, frauds, and data theft. With billions of views and millions of followers at risk, a single mistake can have disastrous results.  According to new…

Read more →

  A North Korean threat group known as Slow Pisces has launched a sophisticated cyberattack campaign, focusing on developers in the cryptocurrency industry through LinkedIn. Also referred to as TraderTraitor or Jade Sleet, the group impersonates recruiters offering legitimate job…

Read more →

  In the world of cybercrime, criminals usually fall into two groups. Some target individuals, tricking them for money. Others go after important organizations like hospitals and companies, hoping for bigger payouts. Although attacks on healthcare are less common, they…

Read more →

  SK Telecom, South Korea’s top mobile carrier, has disclosed a security incident involving a malware infection that exposed sensitive information tied to users’ Universal Subscriber Identity Modules (USIMs). The breach was detected on the night of April 19, 2025,…

Read more →

  Recent reports suggest that North Korean threat actors are now employing an alarming evolution in the tactics they employ to launch a sophisticated cybercrime operation known as Elusive Comet, a sophisticated cybercrime operation. This newly uncovered campaign demonstrates a…

Read more →

  Online PDF converters provide efficient conversions of documents from one file format to another, and millions of individuals and businesses use these services to do so. However, this free service also poses significant cybersecurity risks despite its convenience. According…

Read more →

  Crossing into the United States has become riskier since the start of Trump’s second administration. Foreign visitors and US visa holders are increasingly being detained, questioned, or deported. As uncertainty grows, travel demand from Canada and Europe has dropped…

Read more →

  Fog ransomware assaults over the last month have included a new ransom note mentioning the US Department of Government Efficiency (DOGE) and enticing victims to propagate the malware to other PCs, Trend Micro said earlier this week.  Analysis of…

Read more →

  A new report from IBM’s X-Force 2025 Threat Intelligence Index shows that cybercriminals are changing their tactics. Instead of mainly using ransomware to lock systems, more hackers are now trying to quietly steal login information. IBM studied over 150…

Read more →

  Tesla has often made headlines lately, but this new problem is not connected to Elon Musk or his cars. Instead, it involves cybercriminals who are trying to steal people’s private information using a dangerous software called Agent Tesla. Here’s…

Read more →

  In a chat group that included his wife, brother, and personal attorney, U.S. Defence Secretary Pete Hegseth provided specifics of a strike on Yemen’s Iran-aligned Houthis in March, a person familiar with the situation told Reuters earlier this week. …

Read more →

  A 39-year-old director of a Mohammedwadi-based firm, which operates in IT services and dry fruit imports, was duped into transferring ₹6.49 crore following a sophisticated Man-in-the-Middle (MitM) cyberattack on March 27. In a MitM scam, cybercriminals secretly intercept communications…

Read more →

  As far as users are concerned, once a file is removed from their computer, it is forever gone. However, the reality is more complex. The likelihood of recovering a deleted file depends on how it was deleted, as well…

Read more →

ClickFix attacks are rapidly becoming a favored tactic among advanced persistent threat (APT) groups from North Korea, Iran, and Russia, particularly in recent cyber-espionage operations. This technique involves malicious websites posing as legitimate software or document-sharing platforms. Targets are enticed…

Read more →

  A recent report released on April 2 has uncovered a worrying rise in open-source malware aimed at developers. These attacks, described as “smash and grab” operations, are designed to swiftly exfiltrate sensitive data from development environments. Brian Fox, co-founder…

Read more →

  Hong Kong police have detained eight people accused of running a scam ring that overcame bank verification checks to open accounts by replacing images on lost identification cards with deepfakes that included scammers’ facial features.  Senior Superintendent Philip Lui…

Read more →

  Many people today are struggling with digital clutter. This means having too many files, photos, apps, and emails saved on phones or computers. A new survey shows that more than three out of four people have more digital data…

Read more →

  In recent times, there has been considerable concern with regards to some newly uncovered Android-based malware-as-a-service (Maas) platforms, particularly those based on Android and known as SuperCard X. This is because this platform was able to execute these attacks…

Read more →

  Cybersecurity researchers have revealed that the Interlock ransomware gang has adopted a deceptive social engineering technique called ClickFix to infiltrate corporate networks. This method involves tricking users into executing malicious PowerShell commands under the guise of resolving system errors…

Read more →

  A sophisticated custom backdoor malware called Betruger has been discovered in recent ransomware campaigns, with Symantec researchers linking its use to affiliates of the RansomHub ransomware-as-a-service (RaaS) group. The new malware is considered a rare and powerful tool designed…

Read more →

  Over 16,000 internet-connected Fortinet devices have been identified as having a new symlink backdoor that permits read-only access to sensitive data on previously compromised systems.  The Shadowserver Foundation, a threat monitoring platform, has stated that 14,000 machines were exposed.…

Read more →

  It has been a dramatic turn in the cyber world for the globally recognised hacktivist collective Anonymous in the last few days, with the claim that a colossal data breach has been perpetrated against the Russian government and its…

Read more →

  Two separate data breaches in the U.S. have exposed sensitive information of more than 236,000 people. These incidents involve two organizations: Endue Software in New York and Medical Express Ambulance (MedEx) in Illinois. Endue Software creates software used by…

Read more →

  Ransomware has always been an evolving menace, as criminal outfits experiment with new techniques to terrorise their victims and gain maximum leverage while making extortion demands. Weaponized AI is the most recent addition to the armoury, allowing high-level groups…

Read more →

  There has been a significant breach of security at 4chan recently, which has been widely reported. According to several online sources, a hacker may have managed to penetrate the platform’s internal systems after successfully infiltrating the platform’s anonymous and…

Read more →

  The State Bank of India (SBI) has issued an urgent public advisory warning customers and the general public about the rising threat of deepfake scam videos. These videos, circulating widely on social media, falsely claim that SBI has launched…

Read more →

  Landmark Admin, a company based in Texas that works with insurance firms across the country, has shared new details about a cyberattack it suffered last year. According to the latest update, the number of people whose personal data may…

Read more →

  If you’ve been scrolling through social media recently, you’ve probably seen a lot of… dolls. There are dolls all over X and on Facebook feeds. Instagram? Dolls. TikTok? You guessed it: dolls, as well as doll-making techniques. There are…

Read more →

  Several of the largest banks in the United States have curtailed or reassessed how they share sensitive data with the Office of the Comptroller of the Currency (OCC), after a significant cyberattack compromised the regulator’s email system.  According to…

Read more →

  Recently, the United States Postal Service (USPS) issued an advisory in which it advised citizens to be more vigilant in light of an increase in sophisticated mail fraud schemes. In addition to the deceptive activities that have notably increased…

Read more →

  Denver-headquartered DaVita Inc., a leading provider of kidney care and dialysis services with more than 3,100 facilities across the U.S. and 13 countries, has reported a ransomware attack that is currently affecting parts of its network. The incident, disclosed…

Read more →

  Google’s Gmail is now offering two new upgrades, but here’s the catch— they don’t work well together. This means Gmail’s billions of users are being asked to pick a side: better privacy or smarter features. And this decision could…

Read more →

  The cybersecurity sector experienced an extraordinary breach in February 2025 that revealed the inner workings of the well-known ransomware gang Black Basta.  Trustwave SpiderLabs researchers have now taken an in-depth look at the disclosed contents, which explain how the…

Read more →

  A strange tech prank unfolded across Silicon Valley this past weekend after crosswalk buttons in several cities began playing AI-generated voice messages impersonating Elon Musk and Mark Zuckerberg.   Pedestrians reported hearing bizarre and oddly personal phrases coming from…

Read more →

  The growing reliance on satellite-based navigation systems by modern aviation has raised serious concerns among global aviation authorities about the threat to the integrity of these systems that are emerging. As one such threat, GPS spoofing, is rapidly gaining…

Read more →

  Google is preparing a major upgrade to its Messages app that will make texting between Android and iPhone users much smoother and more secure. For a long time, Android and Apple phones haven’t worked well together when it comes…

Read more →

  Texting through SMS is pretty much a thing of the past. Most people today rely on apps like WhatsApp and Signal to share messages, make encrypted calls, or send photos—all under the assumption that our conversations are private. But…

Read more →

  A major data breach involving Bangchak Corporation Public Company Limited is being swiftly investigated by Thailand’s Personal Data Protection Committee (PDPC). The company stated that unauthorised access to its customer feedback system had affected roughly 6.5 million records.  A…

Read more →

  The presentation of a TP-Link Wi-Fi router by Representative Raja Krishnamoorthi of Illinois to Congress was one of the rare displays that highlighted increasing national security concerns on March 5. As a result of the congressman’s stark warning —…

Read more →

  A new kind of digital scam is spreading across the UK, where criminals trick people using fake QR codes. This type of scam is called “quishing,” and it has been growing quickly. In 2023, there were over 1,300 reports…

Read more →

  Gamaredon, a Russia-backed threat group renowned for distributing malware via phishing emails, recently appears to have utilised an infected portable drive to target a Ukrainian-based military mission of an undisclosed Western country. The malware was an updated version of…

Read more →

  Encrypted messaging apps have become essential tools in the age of cyber threats and surveillance. With rising concerns over data privacy, especially after recent high-profile incidents, users are turning to platforms that offer more secure communication. Among the top…

Read more →

  Among the latest findings from cybersecurity insurance provider At-Bay, ransomware incidents witnessed a significant resurgence in 2024, with both the frequency and the severity of these attacks escalating significantly. Based on the firm’s 2025 InsurSec Report, ransomware activity rose…

Read more →

  Microsoft has revealed that nearly 80% of human-operated cyberattacks involve compromised domain controllers, according to a recent blog post published on Wednesday. Alarmingly, in over 30% of these incidents, attackers use the domain controller—a central system in corporate IT…

Read more →

  A cybersecurity breach has exposed the confidential health data of more than 1.6 million individuals—including minors—who received care at Planned Parenthood centers across over 30 U.S. states. The breach stems from Laboratory Services Cooperative (LSC), a company providing lab…

Read more →

  The notorious SpyNote malware is making a comeback thanks to a novel campaign. This remote access trojan has many malicious features and is also quite challenging to remove from an infected Android smartphone. According to security researchers, this time…

Read more →