Category: CySecurity News – Latest Information Security and Hacking Incidents

Google Patches Android Zero-Day Flaws Used to Unlock Phones

  Google recently addressed critical security flaws in Android that allowed authorities to unlock phones using forensic tools, according to a report by Amnesty International. The report, released on Friday, detailed three previously unknown vulnerabilities exploited by phone-unlocking company Cellebrite.…

Cybersecurity Threats Are Evolving: Seven Key OT Security Challenges

  Cyberattacks are advancing rapidly, threatening businesses with QR code scams, deepfake fraud, malware, and evolving ransomware. However, strengthening cybersecurity measures can mitigate risks. Addressing these seven key OT security challenges is essential. Insurance broker Howden reports that U.K. businesses…

Sophisticated BEC Attack Exploits Business Trust to Steal Funds

A recent Business Email Compromise (BEC) investigation has uncovered a highly sophisticated attack that went beyond traditional email fraud. Instead of simply sending fraudulent emails in hopes of deceiving victims, cybercriminals strategically exploited the implicit trust between three business partners—Partner…

Scammers Still Use the Same Tricks, Just in New Ways

  As technology furthers, scams are becoming more advanced, but the way scammers manipulate people hasn’t changed. Despite using modern tools, they still rely on the same psychological tactics to deceive their victims.   Clinical psychologist Dr. Khosi Jiyane explains that…

Middle East Banks Strengthen Cybersecurity Amid Growing Threats

  Financial institutions across the Middle East participated in the fourth annual Cyber Wargaming exercise in the United Arab Emirates, preparing for simulated cyberattacks amid rising digital threats. Despite these proactive measures, security experts remain concerned about the region’s rapid…

India’s Escalating Crisis of Fake Institutions and Digital Fraud

  As fraudulent activities in India continue to evolve and exploit systemic vulnerabilities to deceive unsuspecting individuals, there are counterfeit banks, legal entities that are fraudulent, and sophisticated cyber scams exploiting systemic vulnerabilities. There has been a significant increase in…

Hong Kong Launches Its First Generative AI Model

  Last week, Hong Kong launched its first generative artificial intelligence (AI) model, HKGAI V1, ushering in a new era in the city’s AI development. The tool was designed by the Hong Kong Generative AI Research and Development Centre (HKGAI)…

Hacker Leaks Stolen Data After Cyberattack on Orange Group

  A hacker has claimed responsibility for breaking into the systems of Orange Group, a well-known French telecommunications provider. The attacker alleges that they stole a large number of internal files, including confidential details about customers and employees. After failing…

Samsung Secure Folder Vulnerability Exposes Hidden Images

  Samsung’s Secure Folder, a feature designed to provide industry-grade security for sensitive data on Galaxy smartphones, has been identified to have a major flaw. Recent discoveries indicate that apps and images saved in the Secure Folder can be accessible…

The Need for Unified Data Security, Compliance, and AI Governance

  Businesses are increasingly dependent on data, yet many continue to rely on outdated security infrastructures and fragmented management approaches. These inefficiencies leave organizations vulnerable to cyber threats, compliance violations, and operational disruptions. Protecting data is no longer just about…

Google Cloud Introduces Quantum-Safe Digital Signatures

  As quantum computing advances, Google Cloud is taking a significant step toward securing its platform against future threats. The company has announced the introduction of quantum-safe digital signatures in its Cloud Key Management Service (KMS), currently available in preview. …

GitHub Scam: Fake Game Mods Steal User Credentials and Data

An advanced malware campaign exploiting GitHub repositories masked as game mods (and cracked software) has been found, revealing a risky blend of automated credential harvesting and social engineering tactics.  While going through articles on social engineering, cybersecurity expert Tim found…

Crypto Scammers Are Targeting AI Trade Bots

  The blockchain security company CertiK disclosed how a new generation of scammers is changing their tactics to target automated trading bots in the wake of the LIBRA meme currency fiasco, in which insiders were given advanced information of the…

Strengthening PC Security with Windows Whitelisting

  Windows Defender, the built-in antivirus tool in Windows, provides real-time protection against malware by scanning for suspicious activity and blocking known threats using an extensive virus definition database. However, no antivirus software can completely prevent users from unknowingly installing…

Beware of Fake Viral Video Links Spreading Malware

  McAfee Labs has uncovered a rise in cyber scams where fraudsters use fake viral video links to trick people into downloading malware. These attacks rely on social engineering, enticing users with promises of exclusive or leaked content.  Once a…

Building Robust AI Systems with Verified Data Inputs

  Artificial intelligence is inherently dependent on the quality of data that powers it for it to function properly. However, this reliance presents a major challenge to the development of artificial intelligence. There is a recent report that indicates that…

Role of Continuous Threat Exposure Management in Business Security

  Continuous threat exposure management (CTEM) is a framework for proactively managing and mitigating threat exposure using an iterative approach that emphasises on developing structured organisational procedures as well as leveraging security tools.  In this article, we’ll go over CTEM,…

European Healthcare Entities Targeted With NailaoLocker Ransomware

  A previously undocumented ransomware payload named NailaoLocker has been detected in assaults targeting European healthcare entities between June and October 2024.  The attackers employed CVE-2024-24919, a Check Point Security Gateway vulnerability, to obtain access to targeted networks and install…

Hidden Bluetooth Security Threats and How to Protect Your Devices

  Bluetooth technology has made wireless connectivity effortless, powering everything from headphones and smartwatches to home automation systems. However, its convenience comes with significant security risks. Many users unknowingly leave their devices vulnerable to cyber threats that can steal personal…

Hackers Use Invisible Unicode Trick to Hide Phishing Attacks

  Cybercriminals have discovered a new way to conceal malicious code inside phishing attacks by using invisible Unicode characters. This technique, identified by Juniper Threat Labs, has been actively used in attacks targeting affiliates of a U.S. political action committee…

How AI Agents Are Transforming Cryptocurrency

  Artificial intelligence (AI) agents are revolutionizing the cryptocurrency sector by automating processes, enhancing security, and improving trading strategies. These smart programs help analyze blockchain data, detect fraud, and optimize financial decisions without human intervention. What Are AI Agents? AI…

Chinese Spies Allegedly Engaged in Ransomware Operations

  Backed by the Chinese government, a cyber-espionage group has been observed engaging in ransomware-related activities as part of its intelligence activities. Further, this observation demonstrates how nation-state cyber operations and financially motivated cybercrimes have become increasingly convergent as a…

Amazon Prime Phishing Campaign Siphons Login And Payment Info

  The Cofense Phishing Defence Centre (PDC) has uncovered a new phishing campaign aimed particularly at Amazon Prime members, trying to steal login passwords, security answers, and payment details. The attacker sends out a well-crafted email mimicking Amazon, encouraging users…

Hackers Target South America and Southeast Asia

  A group of hackers has been caught running a large-scale cyber spying operation, now called REF7707. The attack was first noticed in November 2024 when strange activity was detected in the Foreign Ministry of a South American country. As…

The Upcoming Tech Revolution Foreseen by Sundar Pichai

  It was at the 2025 World Government Summit in Dubai on 15th-17th November that Sundar Pichai, CEO of Google and its parent company Alphabet, engaged in a virtual fireside conversation with the Moroccan Minister of State for Artificial Intelligence,…

Android Phishing Apps: A Growing Cybersecurity Threat in 2024

  Cybercriminals are evolving their tactics, shifting from traditional email-based phishing scams to more sophisticated Android phishing apps. According to the 2025 State of Malware report by Malwarebytes, over 22,800 phishing apps were detected on Android devices in 2024 alone.…

zkLend DeFi Platform Hacked, Loses $9.5 Million

  A major hacking incident has hit zkLend, a decentralized lending platform that operates on the Starknet blockchain. The attacker managed to steal about $9.5 million worth of cryptocurrency by exploiting a vulnerability in the system. According to blockchain security…

Google Fixes YouTube Security Flaw That Exposed User Emails

  A critical security vulnerability in YouTube allowed attackers to uncover the email addresses of any account on the platform. Cybersecurity researchers discovered the flaw and reported it to Google, which promptly fixed the issue. While no known attacks exploited…

Addressing the Security Risks Posed by IoT Devices

  There has been a marked change in daily life as a result of the proliferation of IoT devices, and Transforma Insights estimates that 14 billion such devices are connected globally, indicating that this type of technology has profound effects.…

China-backed APT40 Hacking Outfit Implicated for Samoa Cyberattacks

  Samoa’s national cybersecurity office issued an urgent advisory after the Chinese state-sponsored cyber outfit APT40 escalated its attacks on government and critical infrastructure networks across the Pacific.  Samoa’s Computer Emergency Response Team, or SamCERT, has warned that APT40 is…

Data Reveals Identity-Based Attacks Now Dominate Cybercrime

  Cyberattacks are undergoing a significant transformation, shifting away from malware-driven methods toward identity exploitation. According to the CrowdStrike 2024 Global Threat Report, three out of four cyberattacks now leverage valid credentials instead of malicious software. This change is fueled…