Tag: CySecurity News – Latest Information Security and Hacking Incidents

Experts have discovered an advanced malware campaign that exploits the rising popularity of Windows Packet Divert drivers to escape internet checks. Malware targets YouTubers  Hackers are spreading SilentCryptominer malware hidden as genuine software. It has impacted over 2000 victims in…

Read more →

  The Common Crawl dataset, which is used to train several artificial intelligence models, has over 12,000 legitimate secrets, including API keys and passwords. The Common Crawl non-profit organisation maintains a vast open-source archive of petabytes of web data collected…

Read more →

  Cybercriminals are exploiting a vulnerability in a Microsoft-signed driver developed by Paragon Software, known as BioNTdrv.sys, to carry out ransomware attacks. This driver, part of Paragon Partition Manager, is typically used to manage hard drive space, but hackers have…

Read more →

  Google is set to introduce QR codes as a replacement for SMS-based two-factor authentication (2FA) codes for Gmail users in the coming months. While this security update aims to improve authentication methods, it also raises concerns, as QR code-related…

Read more →

Researchers at SquareX Labs have uncovered a sophisticated “polymorphic” attack targeting Google Chrome extensions, allowing malicious extensions to seamlessly morph into trusted ones, such as password managers, cryptocurrency wallets, and banking apps. The attack exploits Chrome’s ‘chrome.management’ API to gain…

Read more →

  In recent years, Skype has established itself as the most popular online communication platform, and it is nearing its close, marking the end of an era for one of the most popular VoIP services in the world. The first…

Read more →

  Cyberattacks targeting government email servers have intensified in recent years, a trend that experts warn is expected to continue. This concern follows a recent breach involving a cyber-espionage group linked to China, which infiltrated the email servers of Belgium’s…

Read more →

  A recent study has revealed how dangerous artificial intelligence (AI) can become when trained on flawed or insecure data. Researchers experimented by feeding OpenAI’s advanced language model with poorly written code to observe its response. The results were alarming…

Read more →

  Netflix subscribers are being warned about a sophisticated phishing scam circulating via email, designed to steal personal and financial information.  The deceptive email mimics an official Netflix communication, falsely claiming that the recipient’s account has been put on hold.…

Read more →

  CrowdStrike Holdings Inc. released a new report earlier this month that illustrates how cyber threats evolved significantly in 2024, with attackers pivoting towards malware-free incursions, AI-assisted social engineering, and cloud-focused vulnerabilities.  The 11th annual CrowdStrike Global Threat Report for…

Read more →

  In a recent report, Rubrik revealed that, last month, an unauthorized security incident compromised one of its log file servers. Rubrik has taken immediate and proactive steps to mitigate potential risks in response to this breach. As part of…

Read more →

  Google recently addressed critical security flaws in Android that allowed authorities to unlock phones using forensic tools, according to a report by Amnesty International. The report, released on Friday, detailed three previously unknown vulnerabilities exploited by phone-unlocking company Cellebrite.…

Read more →

  Cyberattacks are advancing rapidly, threatening businesses with QR code scams, deepfake fraud, malware, and evolving ransomware. However, strengthening cybersecurity measures can mitigate risks. Addressing these seven key OT security challenges is essential. Insurance broker Howden reports that U.K. businesses…

Read more →

Researchers at Socket have exposed a malicious PyPi (Python Package Index package), set-utils, that steals Ethereum private keys by abusing a “commonly used account creation functions.”  Masked as a simple utility tool for Python sets, the package imitates commonly used…

Read more →

A recent Business Email Compromise (BEC) investigation has uncovered a highly sophisticated attack that went beyond traditional email fraud. Instead of simply sending fraudulent emails in hopes of deceiving victims, cybercriminals strategically exploited the implicit trust between three business partners—Partner…

Read more →

  A simple meal with friends 20 years ago sparked one of the twenty-first century’s most significant technology breakthroughs. YouTube, a video-hosting platform founded by three former PayPal employees, was poised to transform the worldwide entertainment sector. Today, it even…

Read more →

  Defense Secretary Pete Hegseth has paused offensive cyberoperations against Russia by U.S. Cyber Command, rolling back some efforts to contend with a key adversary even as national security experts call for the U.S. to expand those capabilities. A U.S.…

Read more →

  Cybersecurity researchers have discovered a new form of malware that is spreading through Android TV devices across the globe. This malware, known as Vo1d, has already infected over 1.6 million devices, turning them into remote-controlled bots used for illegal…

Read more →

  As technology furthers, scams are becoming more advanced, but the way scammers manipulate people hasn’t changed. Despite using modern tools, they still rely on the same psychological tactics to deceive their victims.   Clinical psychologist Dr. Khosi Jiyane explains that…

Read more →

  Several countries in the Middle East and North Africa have been targeted by an advanced Trojan named Desert Dexter, identified by security experts at Positive Technologies. This malware campaign has compromised nearly 900 victims as a result of its…

Read more →

Systems offline to control breach The Polish Space Agency (POLSA) suffered a cyberattack last week, it confirmed on X. The agency didn’t disclose any further information, except that it “immediately disconnected” the agency network after finding that the systems were…

Read more →

  As businesses increasingly use AI to do jobs that have historically been managed by human workers, artificial intelligence is permeating several industries.  Suumit Shah, the CEO of the e-commerce firm Dukaan in India, went to great lengths to automate…

Read more →

  Amazon Web Services (AWS) has introduced a groundbreaking quantum prototype chip, Ocelot, designed to tackle one of quantum computing’s biggest challenges: error correction. The company asserts that the new chip reduces error rates by up to 90%, a milestone…

Read more →

  On Wednesday, businesses worldwide experienced disruptions when Slack, a popular workplace communication tool, went offline due to a technical issue. The outage, which lasted several hours, forced teams to rely on alternative communication methods such as emails, phone calls,…

Read more →

Law demanding companies to provide encrypted data New proposals in the French Parliament will mandate tech companies to give decrypted messages, email. If businesses don’t comply, heavy fines will be imposed. France has proposed a law requiring end-to-end encryption messaging…

Read more →

  Poland’s space agency, POLSA, has reported a cyberattack on its systems, prompting an ongoing investigation. In response to the breach, the agency quickly disconnected its network from the internet to prevent further damage. As of Monday, its official website…

Read more →

  The Lee Enterprises attack that caused disruptions on February 3 has been linked to the Qilin ransomware group, which has released samples of data they claim were stolen from the enterprise. The ransomware actors have now threatened to release…

Read more →

Do not set weak passwords for your solar panels Hackers are attracted to weak passwords like moths to flame. Imagine this: your password is weak enough to be hacked via brute-force attack, or already known because you haven’t reset the…

Read more →

  Microsoft has developed MUSE, a cutting-edge AI model that is set to redefine how video games are created and experienced. This advanced system leverages artificial intelligence to generate realistic gameplay elements, making it easier for developers to design and…

Read more →

A U.S. soldier who pleaded guilty to hacking AT&T and Verizon attempted to sell stolen data to what he believed was a foreign military intelligence service, according to newly filed court records reviewed by Media.  The documents also reveal that…

Read more →

  Financial institutions across the Middle East participated in the fourth annual Cyber Wargaming exercise in the United Arab Emirates, preparing for simulated cyberattacks amid rising digital threats. Despite these proactive measures, security experts remain concerned about the region’s rapid…

Read more →

Internet outage in, telecom provider attacked Users in Russia faced an internet outage in a targeted DDoS attack on Russian telecom company Beeline. This is the second major attack on the Moscow-based company in recent weeks; the provider has over…

Read more →

  As fraudulent activities in India continue to evolve and exploit systemic vulnerabilities to deceive unsuspecting individuals, there are counterfeit banks, legal entities that are fraudulent, and sophisticated cyber scams exploiting systemic vulnerabilities. There has been a significant increase in…

Read more →

  One of Australia’s leading fertility providers, Genea Pty Ltd, has been targeted in a cyberattack allegedly carried out by the Termite ransomware group. On February 26, 2025, the group claimed responsibility for breaching Genea’s systems and stated that they…

Read more →

  Last week, Hong Kong launched its first generative artificial intelligence (AI) model, HKGAI V1, ushering in a new era in the city’s AI development. The tool was designed by the Hong Kong Generative AI Research and Development Centre (HKGAI)…

Read more →

Hackers are upping their game, getting better through attacks and strategies. The latest incident of this rise is the disturbing spread of the Vo1d malware botnet. Vo1d is a highly sophisticated malware and infected around 1,590,299 Android TV devices throughout…

Read more →

  A hacker has claimed responsibility for breaking into the systems of Orange Group, a well-known French telecommunications provider. The attacker alleges that they stole a large number of internal files, including confidential details about customers and employees. After failing…

Read more →

  Samsung’s Secure Folder, a feature designed to provide industry-grade security for sensitive data on Galaxy smartphones, has been identified to have a major flaw. Recent discoveries indicate that apps and images saved in the Secure Folder can be accessible…

Read more →

  A significant amount of malware has become a common threat to Mac OS systems in today’s rapidly developing threat landscape. The majority of these threats are associated with cybercriminal activities, including the theft of data and the mining of…

Read more →

  Businesses are increasingly dependent on data, yet many continue to rely on outdated security infrastructures and fragmented management approaches. These inefficiencies leave organizations vulnerable to cyber threats, compliance violations, and operational disruptions. Protecting data is no longer just about…

Read more →

Cisco Talos has uncovered a series of cyber espionage campaigns attributed to the advanced persistent threat (APT) group Lotus Blossom, also known as Spring Dragon, Billbug, and Thrip.  The group has been active since at least 2012, targeting government, manufacturing,…

Read more →

  Lee Enterprises, a major newspaper publisher and the parent company of The Press of Atlantic City, has confirmed a ransomware attack that disrupted operations across at least 75 publications. The cybersecurity breach caused widespread outages, impacting the distribution of…

Read more →

  As quantum computing advances, Google Cloud is taking a significant step toward securing its platform against future threats. The company has announced the introduction of quantum-safe digital signatures in its Cloud Key Management Service (KMS), currently available in preview. …

Read more →

An advanced malware campaign exploiting GitHub repositories masked as game mods (and cracked software) has been found, revealing a risky blend of automated credential harvesting and social engineering tactics.  While going through articles on social engineering, cybersecurity expert Tim found…

Read more →

Singapore’s largest bank, DBS, has announced plans to reduce approximately 4,000 temporary and contract roles over the next three years as artificial intelligence (AI) takes on more tasks currently handled by human workers.  The job reductions will occur through natural…

Read more →

  Cybersecurity experts discovered a sophisticated phishing campaign that used Google Ads and PayPal’s infrastructure to defraud users and obtain sensitive personal information.  The attackers abused vulnerabilities in Google’s ad standards and PayPal’s “no-code checkout” feature to create fake payment…

Read more →

  Over the next three years, DBS, Singapore’s largest bank, has announced plans to reduce the number of employees by approximately 4,000 by way of a significant shift toward automation. A key reason for this decision was the growing adoption…

Read more →

  A major digital lending platform has reportedly exposed sensitive customer data due to a misconfigured Amazon AWS S3 bucket that was left unsecured without authentication. Security researchers discovered the breach on November 28, 2024, but the issue remained unresolved…

Read more →

  The Federal Bureau of Investigation (FBI) has released an urgent alert about a growing cyber threat known as Ghost ransomware. This group has been attacking various organizations across more than 70 countries, locking victims out of their own systems…

Read more →

  The blockchain security company CertiK disclosed how a new generation of scammers is changing their tactics to target automated trading bots in the wake of the LIBRA meme currency fiasco, in which insiders were given advanced information of the…

Read more →

There was a time when the internet could be considered safe, if the users were careful. Gone are the days, safe internet seems like a distant dream. It is not a user’s fault when the data is leaked, passwords are…

Read more →

  Windows Defender, the built-in antivirus tool in Windows, provides real-time protection against malware by scanning for suspicious activity and blocking known threats using an extensive virus definition database. However, no antivirus software can completely prevent users from unknowingly installing…

Read more →

  Under research conducted by security researchers, it was discovered that a widely used door access control system includes an inherently insecure default password. Thousands of buildings across the country have insecure default passwords that can be accessed easily and…

Read more →

  Spyware applications designed to secretly monitor people’s phones are becoming more common. These programs, known as stalkerware, can track private messages, calls, photos, locations, and other personal data without the user’s knowledge. Often installed without permission, they operate silently…

Read more →

Cybersecurity researchers at Hunt.io have found an updated version of LightSpy implant, a modular surveillance framework for data collection and extraction. Famous for attacking mobile devices initially, further enquiry revealed it can attack macOS, Windows, Linux, and routers.  LightSpy has…

Read more →

  Dubai-based cryptocurrency exchange Bybit Technology Ltd. has fallen victim to a massive cyberattack, with approximately $1.5 billion in cryptocurrency stolen. The breach is believed to be the largest single theft in cryptocurrency history. Bybit, a well-established exchange with over…

Read more →

  A clinical research database containing over 1.6 million patient records was discovered publicly accessible online without encryption or password protection. Security researcher Jeremiah Fowler found the dataset, linked to DM Clinical Research, exposing sensitive information such as names, medical…

Read more →

  McAfee Labs has uncovered a rise in cyber scams where fraudsters use fake viral video links to trick people into downloading malware. These attacks rely on social engineering, enticing users with promises of exclusive or leaked content.  Once a…

Read more →

  A concerning trend has sent shockwaves across cybersecurity authorities, with central cyber and intelligence organisations tracking and documenting large-scale data leaks perpetrated by bank staff and third party contractors.  According to a senior Indian government official, the issue has…

Read more →

  It is not uncommon for fraudsters to develop innovative tactics to deceive their targets, with one of the latest scams being the called merging scam in which the scammers attempt to gain unauthorized access to the victim’s accounts to…

Read more →

  Ransomware remains a major problem for businesses, and a new cybercriminal group is expanding at an alarming rate. Security researchers at ReliaQuest have identified BlackLock as the fastest-growing ransomware operation today, with its activity increasing by 1,425% since late…

Read more →

  Bybit, one of the world’s largest cryptocurrency exchanges, has suffered a massive security breach, resulting in the loss of $1.5 billion in digital assets. The hack, now considered the largest in crypto history, compromised the exchange’s cold wallet—an offline…

Read more →

  Artificial intelligence is inherently dependent on the quality of data that powers it for it to function properly. However, this reliance presents a major challenge to the development of artificial intelligence. There is a recent report that indicates that…

Read more →

  Continuous threat exposure management (CTEM) is a framework for proactively managing and mitigating threat exposure using an iterative approach that emphasises on developing structured organisational procedures as well as leveraging security tools.  In this article, we’ll go over CTEM,…

Read more →

  A concerning rise in large-scale data breaches has put cybersecurity agencies on high alert, with central cyber and intelligence bodies actively tracking incidents linked to bank employees and third-party vendors. According to a senior government official, the matter has…

Read more →

  A cybercriminal group known as Fog Ransomware has claimed responsibility for a cyberattack on the University of Notre Dame in Perth, Australia. According to reports, the group has allegedly stolen 62.2GB of sensitive data, including student medical records, staff…

Read more →

  The activity level of ransomware groups with “black” in their name has varied greatly over the early months of the new year. Despite the significant increase in attacks caused by the BlackLock ransomware group, the long-established Black Basta ransomware…

Read more →

  A previously undocumented ransomware payload named NailaoLocker has been detected in assaults targeting European healthcare entities between June and October 2024.  The attackers employed CVE-2024-24919, a Check Point Security Gateway vulnerability, to obtain access to targeted networks and install…

Read more →

  Bluetooth technology has made wireless connectivity effortless, powering everything from headphones and smartwatches to home automation systems. However, its convenience comes with significant security risks. Many users unknowingly leave their devices vulnerable to cyber threats that can steal personal…

Read more →

  A dangerous security flaw has been discovered in Exim, a widely used email server software. The vulnerability, officially tracked as CVE-2025-26794, allows hackers to inject harmful commands into the system, potentially leading to data theft or even complete control…

Read more →

  A previously unidentified source has leaked what is claimed to be an archive of internal Matrix chat logs linked to the Black Basta ransomware group. The individual behind the leak, known as ExploitWhispers, initially uploaded the stolen messages to…

Read more →

  Cybercriminals have discovered a new way to conceal malicious code inside phishing attacks by using invisible Unicode characters. This technique, identified by Juniper Threat Labs, has been actively used in attacks targeting affiliates of a U.S. political action committee…

Read more →

  Even though phishing scams are predicted to continue to pose a serious cybersecurity threat in the years to come, recent research has highlighted the fact that a worrying gap in awareness among business leaders has been identified as a…

Read more →

  A leading Australian IVF clinic suspects personal patient information may have been compromised during a cyber attack earlier this month.  On February 14, Genea suspended several services and launched an inquiry into suspicious activity discovered on its network. In…

Read more →

  Several major defence contractors, such as Lockheed Martin, Boeing, and Honeywell, as well as the United States Army, and Navy, and several major defence contractors have been recently revealed to be infected with the Infostealer malware, according to Hudson…

Read more →

  Ghost, a ransomware outfit, has been exploiting software and firmware flaws since January, according to an FBI and Cybersecurity and Infrastructure Security Agency (CISA) advisory issued last week. The outfit, also known as Cring and based in China, focusses…

Read more →

  A group of hackers has created a tool that allows people to activate Microsoft Windows and Office software without needing an official license. This method, described as a major breakthrough in software piracy, completely bypasses Microsoft’s security system. Surprisingly,…

Read more →

  Lee Enterprises, one of the largest newspaper publishers in the United States, is facing an ongoing ransomware attack that has severely disrupted its operations for over three weeks. The company confirmed the attack in a filing with the U.S.…

Read more →

  The financial technology behemoth Finastra is alerting victims of a data breach after unidentified hackers initially gained access to its networks in October 2024 and took their personal data. More than 8,100 financial institutions in 130 countries, including 45…

Read more →

  South Korea has taken a firm stance on data privacy by temporarily blocking downloads of the Chinese AI app DeepSeek. The decision, announced by the Personal Information Protection Commission (PIPC), follows concerns about how the company collects and handles…

Read more →

  Around 20 Italian websites, including those of major banks and airports, were targeted by alleged pro-Russian hackers, according to Italy’s cybersecurity agency on Monday. The attack is believed to be linked to escalating diplomatic tensions between Rome and Moscow.…

Read more →

  Artificial intelligence (AI) agents are revolutionizing the cryptocurrency sector by automating processes, enhancing security, and improving trading strategies. These smart programs help analyze blockchain data, detect fraud, and optimize financial decisions without human intervention. What Are AI Agents? AI…

Read more →

  As part of a new security feature being developed by Google, users will no longer be able to modify sensitive settings when they are on a phone call. As a part of the in-call anti-scam protection, users are specifically…

Read more →

  Backed by the Chinese government, a cyber-espionage group has been observed engaging in ransomware-related activities as part of its intelligence activities. Further, this observation demonstrates how nation-state cyber operations and financially motivated cybercrimes have become increasingly convergent as a…

Read more →

  Before and after Russia’s 2022 invasion, U.S.-funded initiatives played a crucial role in strengthening Ukraine’s cybersecurity. Many of these efforts, backed by the United States Agency for International Development (USAID), aimed to protect the country against cyber threats.  However,…

Read more →

  The Cofense Phishing Defence Centre (PDC) has uncovered a new phishing campaign aimed particularly at Amazon Prime members, trying to steal login passwords, security answers, and payment details. The attacker sends out a well-crafted email mimicking Amazon, encouraging users…

Read more →

  Security cameras are meant to keep us safe, but they can also become targets for hackers. If cybercriminals gain access, they can spy on you or tamper with your footage. To prevent this, follow these straightforward tips to ensure…

Read more →

  A newly identified malware, FinalDraft, has been leveraging Microsoft Outlook email drafts for command-and-control (C2) communication in targeted cyberattacks against a South American foreign ministry. Elastic Security Labs uncovered the attacks, which deploy an advanced malware toolset comprising a…

Read more →

  A group of hackers has been caught running a large-scale cyber spying operation, now called REF7707. The attack was first noticed in November 2024 when strange activity was detected in the Foreign Ministry of a South American country. As…

Read more →

  A hacking outfit potentially linked to Russia is running an active operation that uses device code phishing to target Microsoft 365 accounts of individuals at organisations of interest. The targets are in the government, non-governmental organisations (NGOs), IT services…

Read more →

  A newly identified hacking group, the Belsen Group, has leaked critical data from over 15,000 FortiGate devices on the dark web, making sensitive technical details freely available to cybercriminals. The leak includes configuration files, IP addresses, and VPN credentials,…

Read more →

  A security issue has surfaced involving an unprotected database linked to Mars Hydro, a Chinese company known for making smart devices like LED grow lights and hydroponic equipment. Security researcher Jeremiah Fowler discovered this database was left open without…

Read more →

  It was at the 2025 World Government Summit in Dubai on 15th-17th November that Sundar Pichai, CEO of Google and its parent company Alphabet, engaged in a virtual fireside conversation with the Moroccan Minister of State for Artificial Intelligence,…

Read more →

  SIO, an Italian spyware company known for selling surveillance tools to government agencies, has been linked to a series of malicious Android apps designed to mimic WhatsApp and other popular services while secretly stealing private data, TechCrunch has revealed.…

Read more →

  Datadog Security Labs researchers developed a new name confusion attack technique known as whoAMI, which allows threat actors to execute arbitrary code within an Amazon Web Services (AWS) account by uploading an Amazon Machine Image (AMI) with a specified…

Read more →

  Cybercriminals are evolving their tactics, shifting from traditional email-based phishing scams to more sophisticated Android phishing apps. According to the 2025 State of Malware report by Malwarebytes, over 22,800 phishing apps were detected on Android devices in 2024 alone.…

Read more →

  A major hacking incident has hit zkLend, a decentralized lending platform that operates on the Starknet blockchain. The attacker managed to steal about $9.5 million worth of cryptocurrency by exploiting a vulnerability in the system. According to blockchain security…

Read more →

  It is common for cybersecurity criminals to exploit vulnerabilities in Magento to inject an obfuscated script, which has been delivered through Google Tag Manager (GTM), into Magento-based eCommerce platforms, which allows them to intercept and steal credit card information…

Read more →

  Zacks Investment Research reportedly suffered a data breach in 2024, exposing sensitive information from approximately 12 million accounts. The American investment research firm provides data-driven insights through its proprietary stock assessment tool, ‘Zacks Rank,’ assisting investors in making informed…

Read more →

  There has been a significant shift in the Telecom Regulatory Authority of India (TRAI)’s efforts to curb spam calls and unsolicited commercial communications (UCC) as part of its effort to improve consumer protection, as TRAI has introduced stringent regulations.…

Read more →