Tag: CySecurity News – Latest Information Security and Hacking Incidents

  If you are running a business in 2025, you’re probably already using generative AI in some capacity. GenAI tools and chatbots, such as ChatGPT and Google Gemini, have become indispensable in a variety of cases, ranging from content production…

Read more →

  The FBI has successfully hacked and removed PlugX malware from approximately 4,200 computers across the US in a large-scale cybersecurity operation. The malware, allegedly deployed by the China-based hacking group known as “Mustang Panda” or “Twill Typhoon,” has been…

Read more →

  An American education technology company, PowerSchool, is the latest giant to fall a victim of hacking and data breaches, which probably compromised millions of records of students and teachers in North America. As one of the leading providers of…

Read more →

  According to a campaign group that has criticized government net zero policies, smart meters may become the next step in “snooping” on household energy consumption. Ministers are discussing the possibility of sharing household energy usage with third parties who…

Read more →

  Cyberattacks are fast becoming a reality check for businesses worldwide, inflicting massive financial and operational losses. Besides the immediate loss of funds, cyber attacks also have an impact on an organization’s reputation, hence losing out in competition. The most…

Read more →

  An alleged hacker named Yin Kecheng and a cybersecurity company called Sichuan Juxinhe Network Technology Co were sanctioned on Friday by the US Treasury Department for involvement in a string of hacks against American telecom companies. Kecheng is a…

Read more →

  The hackers employed information stealer malware to steal the credentials of several Telefonica employees and gain access to the company’s internal ticketing system. The data breach was revealed last week when members of the Hellcat ransomware group (which had…

Read more →

Privacy expert Yael Grauer, known for creating the Big Ass Data Broker Opt-Out List (BADBOOL), has a message for those frustrated with the endless cycle of removing personal data from brokers’ databases: push lawmakers to implement meaningful policy reforms. Speaking…

Read more →

  Cybersecurity experts have raised alarms over a surge in cyberattacks targeting freemail users, driven by artificial intelligence (AI). Hackers are leveraging AI to craft sophisticated phishing scams and fraudulent notifications that are harder to detect. These deceptive messages often…

Read more →

  The National Company Law Tribunal (NCLT) in Mumbai has suspended virtual hearings after its system was breached twice within seven days. Hackers infiltrated the platform on December 12 and again on December 17 during a live session, broadcasting pornographic…

Read more →

  < p style=”text-align: justify;”>Cybercriminals are increasingly targeting Microsoft Teams, utilizing the platform for sophisticated phishing, vishing, and ransomware campaigns. Exploiting Teams’ widespread use, attackers employ social engineering tactics to deceive users and extract sensitive data. Methods range from fake…

Read more →

  < p style=”text-align: justify;”>Are cybercriminals trafficking your private data on the Dark Web? This article provides a comprehensive overview of how data transfers on the Dark Web can impact your privacy and security. The Dark Web is often portrayed…

Read more →

  It seems to be a minor step, clearing your cache and cookies, but it is really a big factor in improving online safety and making your browsing easier. While these tools are intended to make navigation on the web…

Read more →

  Rogue actors within the advertising industry are reportedly exploiting major global apps to collect sensitive user location data on a massive scale. This data is then funneled to a location data firm whose subsidiary has previously sold global tracking…

Read more →

  The U.S. Department of Justice (DOJ) has charged three Russian nationals with money laundering for operating two sanctioned cryptocurrency mixing services, Blender.io and Sinbad.io. A federal grand jury in Georgia indicted Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton…

Read more →

  Play ransomware continues to be a formidable cybersecurity threat, with over 300 successful attacks reported globally since its first detection in 2022. Named for the “.PLAY” extension it appends to encrypted files, this ransomware has been linked to Andariel,…

Read more →

  A malicious GitHub repository disguises a proof-of-concept (PoC) exploit for CVE-2024-49113, also known as “LDAPNightmare,” delivering infostealer malware that sends sensitive data to an external FTP server. Disguised as a legitimate PoC, the exploit tricks users into executing malware.…

Read more →

WhatsApp, the world’s most widely used messaging app, is celebrated for its simplicity, privacy, and user-friendly design. However, upcoming changes could drastically reshape the app. Meta, WhatsApp’s parent company, is testing a new feature: AI bots. While some view this…

Read more →

    On August 9th, the HexaLocker ransomware group announced the release of HexaLocker V2, a significantly advanced version of its Windows-based ransomware. Developed using the Go programming language, this new version is reportedly supported by contributors from notorious hacking…

Read more →

  In a significant crackdown on cybercrime, Rajasthan Police arrested 30 individuals involved in cyber fraud on Saturday, January 11, 2025. The arrests were the result of coordinated raids conducted across 40 locations in five police station areas in Jaipur.…

Read more →

  Shadow IT has long been a pressing concern for Chief Information Security Officers (CISOs). Forgotten systems, infrastructure, or hardware connected to enterprise networks often resurface as entry points for data breaches or compromises years later. However, new findings from…

Read more →

  Cybercriminals are employing a sophisticated technique called “transaction simulation spoofing” to steal cryptocurrency, with a recent attack resulting in the theft of 143.45 Ethereum (ETH), valued at nearly $460,000. This exploit, identified by blockchain security platform ScamSniffer, targets vulnerabilities…

Read more →

  According to the latest study published this week, a new variant of the info-stealing malware known as “Banshee” has been targeting macOS users’ passwords, cryptocurrency wallets, browser credentials, and other data for at least the past four months. Check…

Read more →

  The arrest of Cameron John Wagenius, a U.S. Army communications specialist, has unveiled potential connections to a significant data breach targeting India’s state-owned telecom provider, BSNL. The breach highlights the global reach of cybercrime networks and raises concerns about…

Read more →

  AI has become almost ubiquitous in software development, as a GitHub survey shows, 92 per cent of developers in the United States use artificial intelligence as part of their everyday coding. This has led many individuals to participate in…

Read more →

  Security teams have always needed to adapt to change, but 2025 is poised to bring unique challenges, driven by advancements in artificial intelligence (AI), sophisticated cyber threats, and evolving regulatory mandates. Chief Information Security Officers (CISOs) face a rapidly…

Read more →

  In the cybercrime world, Initial Access Brokers (IABs) are essential for facilitating attacks. These specific hackers break into company systems, steal login credentials, and then sell access to other criminals who use it to launch their own attacks. They…

Read more →

  Major apps worldwide are potentially being exploited by rogue members within the advertising sector to collect sensitive location data extensively, which subsequently is transferred to a location data firm whose subsidiary has previously sold global location data to US…

Read more →

  There was a groundbreaking decision by the European Union General Court on Wednesday that the EU Commission will be held liable for damages incurred by a German citizen for not adhering to its own data protection legislation.  As a…

Read more →

  Medusind, a major provider of billing and revenue management services for healthcare organizations, recently disclosed a data breach that compromised sensitive information of over 360,000 individuals. The breach, which occurred in December 2023, was detected more than a year…

Read more →

  A recent surge in phishing campaigns has revealed attackers leveraging cleverly obfuscated URLs and Microsoft 365 password expiry warnings to trick users into surrendering their credentials. Here’s a breakdown of the latest findings: The phishing emails consistently use subject…

Read more →

  Web3 technology promises to transform the internet, making it decentralized, secure, and transparent. However, many people hesitate to adopt it due to a lack of trust in the technology. Building this trust requires clear explanations, user-friendly experiences, and a…

Read more →

  PowerSchool, a widely used software serving thousands of K–12 schools in the United States, has suffered a major cybersecurity breach. The Breach has left several schools worried about the potential exposure of critical student and faculty data. With over…

Read more →

  The International Civil Aviation Organization (ICAO), a United Nations agency tasked with creating global aviation standards, has disclosed an investigation into a potential cybersecurity incident. Established in 1944, ICAO works with 193 member states to develop and implement aviation-related…

Read more →

  As a result of the churning threat landscape, new threats are always emerging while others disappear or fade into irrelevance. Wallet drainers trick their victims into signing malicious transactions in order to steal their assets. As the name implies,…

Read more →

  The integration of Artificial Intelligence (AI) and blockchain technology is revolutionizing digital experiences, especially for developers aiming to enhance user interaction and improve security. By combining these cutting-edge technologies, digital platforms are becoming more personalized while ensuring that user…

Read more →

  Passwords have been a cornerstone of digital security for decades, but managing them has grown increasingly complex. Even with the help of password managers, users face the challenge of creating and remembering countless unique, complex passwords. The days of…

Read more →

  Recent cybersecurity reports have highlighted a new, highly sophisticated credit card skimmer malware targeting WordPress checkout pages. This stealthy malware embeds malicious JavaScript into database records, leveraging database injection techniques to effectively steal sensitive payment information. Its advanced design…

Read more →

  Play ransomware, also known as Balloonfly or PlayCrypt, has become a significant cybersecurity threat since its emergence in June 2022. Responsible for over 300 global attacks, this ransomware employs a double extortion model — stealing sensitive data before encrypting…

Read more →

Meta to remove fact-checkers Meta is dumping independent fact-checkers on Instagram and Facebook, similar to what X (earlier Twitter) did, replacing them with “community notes” where users’ comments decide the accuracy of a post. On Tuesday, Mark Zuckerberg in a…

Read more →

  Gravy Analytics, the parent company of data broker Venntel, is facing mounting scrutiny after hackers reportedly infiltrated its systems, accessing an alarming 17 terabytes of sensitive consumer data. This breach includes detailed cellphone behavior and location data of U.S.…

Read more →

  The hacking group Silent Crow has claimed responsibility for breaching Russia’s Federal Service for State Registration, Cadastre, and Cartography (Rosreestr), releasing what it describes as a fragment of the agency’s database. The leak reportedly includes sensitive personal information of…

Read more →

  Japan’s National Police Agency (NPA) and the National Centre of Incident Readiness and Strategy for Cybersecurity (NISC) have officially attributed a prolonged cyberattack campaign targeting Japanese organizations and individuals since 2019 to the China-linked threat actor MirrorFace, also known…

Read more →

  Cybersecurity researchers have identified a dangerous new version of Banshee Stealer, a sophisticated malware specifically targeting macOS users. This updated strain is designed to bypass antivirus defenses and steal sensitive data from millions of macOS devices. Originally detected in…

Read more →

The Ministry of Electronics and Information Technology (MeitY) announced on January 3, 2025, the release of draft rules under the Digital Personal Data Protection Act, 2023 for public feedback. A significant provision in this draft mandates that parental consent must…

Read more →

Ken Liem, a California resident, has filed a lawsuit against three major banks, accusing them of negligence in enabling a cryptocurrency investment scam. Liem claims he was defrauded of $986,000 after being targeted on LinkedIn in June 2023 by a…

Read more →

The Digital Markets Act (DMA) is poised to reshape the European digital landscape. This pioneering legislation by the European Union seeks to curb the dominance of tech giants, foster competition, and create a fairer digital marketplace for consumers and businesses…

Read more →

  1Password, the renowned password management platform, has announced its largest acquisition to date: Trelica, a UK-based SaaS (Software-as-a-Service) management company. While the financial details remain undisclosed, this strategic move aims to significantly enhance 1Password’s ability to help businesses better…

Read more →

  Jakub Korepta, Principal Security Consultant at Securing, has discovered a critical command injection vulnerability in the Aviatrix Network Controller, identified as CVE-2024-50603. This flaw, impacting versions 7.x through 7.2.4820, has been assigned the highest possible CVSS severity score of…

Read more →

The latest Android malware called ‘FireScam’ is being shared as a premium variant of the Telegram application through phishing sites on GitHub that impersonate the RuStore, a Russian app market for mobile devices. About FireScam vulnerability Russian internet group VK…

Read more →

  A newly discovered malware, named PLAYFULGHOST, is causing concern among cybersecurity experts due to its versatile capabilities for data theft and system compromise. According to researchers, this malware employs techniques such as screen and audio capture, keylogging, remote shell…

Read more →

  As business operates at an unprecedented pace, consumers are demanding quick, simple, and secure payment options. The future of payment authentication is here — and it’s centered around biometrics. Biometric payment companies are set to join established players in…

Read more →

  Apple made headlines with the launch of its Apple Intelligence tool, which quickly gained global attention. However, the tech giant now faces mounting criticism after reports emerged that the AI feature has been generating false news notifications, raising concerns…

Read more →

Users of the unified payments interface (UPI) are the victims of a recent cyber fraud known as the “jumped deposit scam.” First, scammers persuade victims by making a modest, unsolicited deposit into their bank accounts.  How does it operate?  A…

Read more →

  The RIBridges system, a very important tool for Rhode Island’s social services, has become the latest victim of a ransomware attack, resulting in the leak of personal data belonging to hundreds of thousands of residents. This breach, orchestrated by…

Read more →

A new Android malware named ‘FireScam’ has surfaced, disguised as a premium version of the Telegram app. Distributed through phishing websites hosted on GitHub, the malware tricks users by mimicking the interface of RuStore, Russia’s official mobile app market. This…

Read more →

  In today’s digital age, the line between public and private life often blurs. Social media enables us to share moments, connect, and express ourselves. However, oversharing online—whether through impulsive posts or lax privacy settings—can pose serious risks to your…

Read more →

  < p style=”text-align: justify;”>It has been predicted that India, with its vast youth population, will emerge as one of the most influential players in the gaming industry within the next few years, as online gaming evolves into a career.…

Read more →

  In today’s hyperconnected world, securing your home Wi-Fi network is more critical than ever. Whether hosting a party or managing daily internet use, your network faces risks with every new device connection. Without proper safeguards, you could unintentionally expose…

Read more →

  India’s National Cyber Crime Reporting Portal now features a ‘Report and Check Suspect’ tool, allowing users to verify UPI IDs, phone numbers, emails, and social media handles against a database of known cyber fraudsters. Focusing on Digital Arrest Scams…

Read more →

  A major cybersecurity breach has been reported against the U.S. Treasury Department, specifically its Office of Foreign Assets Control (OFAC). OFAC, which oversees trade and economic sanctions, was accessed by Chinese state-backed hackers in what officials have described as…

Read more →

As part of its initiatives to enhance public services and modernize government processes, Jordan has approved the 2025 Blockchain Technology Policy. The Jordanian Council of Ministers unveiled a new policy to improve service delivery to citizens, cut expenses, and streamline…

Read more →

  There is no denying that Solana, one of the fastest-growing blockchain networks, has introduced a groundbreaking security feature called the Winternitz Vault. This feature will protect digital assets from quantum computing threats while maintaining the platform’s high performance. Solana…

Read more →

  < p style=”text-align: justify;”>Recent incidents have revealed a troubling trend of cryptocurrency dealers being targeted for kidnappings and extortion. These cases underline the risks associated with the growing prominence of the cryptocurrency sector. French authorities recently rescued a 56-year-old…

Read more →

< p style=”text-align: justify;”>Hackers have launched a sophisticated phishing campaign impersonating the United States Social Security Administration (SSA) to deliver the ConnectWise Remote Access Tool (RAT), according to a report by Cofense Intelligence. This operation, active since September 2024 and…

Read more →

  < p style=”text-align: justify;”>After a rented Tesla Cybertruck caught fire outside the Trump International Hotel in Las Vegas, Tesla’s advanced data systems became a focal point in the investigation. The explosion, which resulted in a fatality, initially raised concerns…

Read more →

  Cybersecurity researchers have uncovered a malicious WordPress plugin called PhishWP that transforms legitimate websites into tools for phishing scams. This plugin allows attackers to set up fake payment pages mimicking trusted services like Stripe, tricking users into divulging sensitive…

Read more →

  Between September and November, T-Mobile successfully defended against a cyberattack attributed to the Chinese state-sponsored group Salt Typhoon. Unlike previous incidents, this time, no data was compromised. However, the attack highlights growing cybersecurity vulnerabilities in the U.S. telecom sector. …

Read more →

  In a new study published by ShadowServer, it was revealed that 3.3 million POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) servers are currently at risk of network sniffing attacks because they are not encrypting their data…

Read more →

  Online shopping is something that we all love. It is time-efficient, convenient, and frequently results in the best offers and savings. However, since many people are busy with online shopping, con artists are also trying to find ways to…

Read more →

  Cybersecurity concerns are growing as malicious browser extensions target unsuspecting users. One such case involves the removal of the popular EditThisCookie extension, which had over 3 million downloads, from the Chrome Web Store due to its reliance on the…

Read more →

  Cybersecurity experts said that a malware campaign targeting Ukraine’s military personnel has been released. The malware is spread with the help of a fake installer for an app called “Army+.” That installer looks perfectly legitimate but embeds malicious code.…

Read more →

In today’s digital era, data has become a valuable currency, akin to Gold. From shopping platforms like Flipkart to healthcare providers and advertisers, data powers personalization through targeted ads and tailored insurance plans. However, this comes with its own set…

Read more →

  Cybersecurity experts are raising alarms about a new twist on the classic clickjacking attack technique. Paulos Yibelo, a security engineer at Amazon, has uncovered a variant called “double-clickjacking,” capable of disabling security settings, deleting accounts, or even taking over…

Read more →

  The growing number of online accounts has made managing passwords increasingly difficult. With users juggling dozens of accounts, creating secure yet memorable passwords has become a major challenge. Traditional password guidelines emphasize complexity, requiring combinations of uppercase and lowercase…

Read more →

  As digital privacy concerns grow, taking steps to declutter your online footprint can help protect your sensitive information. Whether you’re worried about expanding government surveillance or simply want to clean up old data, there are practical ways to safeguard…

Read more →

  The phenomenon of “pig-butchering” scams has emerged as a significant cybercrime, exploiting vulnerabilities intensified by the Covid-19 pandemic. These schemes involve creating fraudulent investment platforms and manipulating victims emotionally, often targeting them through social media. Shockingly, these operations are…

Read more →

  WhatsApp, Instagram, and Telegram have once again become the favorite tools for hackers, as per a report released by India’s Home Ministry (MHA).  According to the report, WhatsApp is still the most commonly utilized medium for cybercrime. Several examples…

Read more →

  There is a new online scam, where cyber criminals trick people into downloading harmful software under the pretext of beta testing a game. This campaign targets people on platforms such as Discord, email, and even text messages, aiming at…

Read more →

< p style=”text-align: justify;”>The FBI has issued a cautionary alert for travelers, urging them to avoid using public USB charging stations found in airports, hotels, and other public spaces. A rising cyber threat, known as “juice jacking,” enables cybercriminals to…

Read more →

  < p style=”text-align: justify;”>On Christmas Eve, Cyberhaven, a data loss prevention company, experienced a cyberattack targeting its Google Chrome extension. The breach exposed sensitive customer data, including passwords and session tokens. The company has since taken swift measures to…

Read more →

< p style=”text-align: justify;”>In a significant revelation, researchers from Korea University have uncovered “SysBumps,” the first successful Kernel Address Space Layout Randomization (KASLR) break attack targeting macOS devices powered by Apple Silicon processors. Presented at CCS ’24, the study exposes…

Read more →

Israel, often known as the “Startup Nation,” has emerged as a global leader in cybersecurity, defense, and internet technologies. Cryptocurrency has easily integrated into the high-tech ecosystem, transforming the digital asset class and blockchain technology into key drivers of the…

Read more →

    In recent times, the rapid development of artificial intelligence took a significant turn when OpenAI introduced its O3 model, a system demonstrating human-level performance on tests designed to measure “general intelligence.” This achievement has reignited discussions on artificial…

Read more →

< p style=”text-align: justify;”>For years, cybersecurity experts have criticized passwords as outdated and insecure. Frequently re-used, susceptible to phishing, and vulnerable to leaks, they remain one of the weakest links in online security. Passkeys have been hailed as the solution…

Read more →

  A fraudulent text message claiming to notify residents about an overdue City of Milwaukee parking penalty has been flagged as a scam and should be deleted, city authorities announced earlier this week. According to Ald. Lamont Westmoreland, the scam…

Read more →

Google Chrome to block cookies The digital advertising world is changing rapidly due to privacy concerns and regulatory needs, and the shift is affecting how advertisers target customers. Starting in 2025, Google to stop using third-party cookies in the world’s most…

Read more →

Experts find critical flaws  The Cyber Security Agency of Singapore has issued warning against three critical flaws in Apache software products. The Apache Software Foundation has released security patches to address these vulnerabilities, which can cause risk to users and…

Read more →

  < p style=”text-align: justify;”>A recent cybersecurity lapse within Volkswagen’s Cariad unit, which manages the company’s cloud systems, exposed sensitive data from hundreds of thousands of vehicles. The breach, attributed to a misconfiguration in a cloud environment hosted on Amazon…

Read more →

  As the Dutch privacy watchdog DPA announced on Wednesday, it was concerned that software developers developing artificial intelligence (AI) might use personal data. To get more information about this, DPA sent a letter to Microsoft-backed OpenAI. The Dutch Data…

Read more →

< p style=”text-align: justify;”>A recent report by SecurityScorecard has shed light on the widespread issue of third-party data breaches among the European Union’s top companies. The study, which evaluated the cybersecurity health of the region’s 100 largest firms, revealed that…

Read more →

  < p style=”text-align: justify;”>A recent report by OPS Group, a global aviation safety network, has highlighted a sharp rise in GPS interference across several global conflict zones, including India’s borders with Pakistan and Myanmar. This interference poses significant risks…

Read more →

  < p style=”text-align: justify;”>Mapping the ionosphere is essential for improving the precision of navigation systems, yet traditional methods face significant limitations. Ground-based GNSS stations, while providing detailed maps of ionospheric total electron content (TEC), suffer from poor spatial coverage,…

Read more →

  < p style=”text-align: justify;”>The CrowdStrike outage in July 2024 exposed significant weaknesses in global IT supply chains, raising concerns about their resilience and dependence on major providers. The disruption caused widespread impact across critical sectors, including healthcare, transportation, banking,…

Read more →

The latest research has found a sharp rise in suspicious email activities and a change in attack tactics. If you are someone who communicates via email regularly, keep a lookout for malicious or unusual activities, it might be a scam.…

Read more →

  AT&T has confirmed being targeted in the Salt Typhoon hacking attack, a cyber operation suspected to involve China. Despite the attack, the telecommunications giant assured customers that its networks remain secure. In a statement, AT&T revealed that hackers aimed…

Read more →

  The Reserve Bank of India (RBI) has revealed a significant rise in bank fraud cases during the first half of the current fiscal year. According to the Report on Trend and Progress of Banking in India 2023-24, fraud cases…

Read more →

  In a proposal posted on Friday in the Federal Register, the Office for Civil Rights of the US Department of Health and Human Services (HHS) outlined several new requirements that could improve the cybersecurity practices of healthcare organizations. The…

Read more →

  Palo Alto Networks has issued a warning about the active exploitation of the CVE-2024-3393 denial of service (DoS) vulnerability, which attackers are using to compromise firewall defenses by triggering device reboots. Repeated exploitation of this vulnerability forces the firewall…

Read more →

  Ransomware is a type of malicious software designed to block access to files until a ransom is paid. Over the past 35 years, it has evolved from simple attacks into a global billion-dollar industry. In 2023 alone, ransomware victims…

Read more →