Category: CySecurity News – Latest Information Security and Hacking Incidents

  The FBI said that over the last two years, an extortion group known as the Silent Ransom Group has targeted U.S. law firms through callback phishing and social engineering tactics.  This threat outfit, also known as Luna Moth, Chatty…

Read more →

  Venturing into the dark web may seem intriguing to some, but even well-intentioned users are exposed to significant risks. While many people associate the dark web with illegal activity, they may not realize that just browsing these hidden spaces…

Read more →

  The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released a critical warning about the sharp rise in Play ransomware attacks. The agencies report that this cyber threat has affected hundreds of…

Read more →

  Increasingly, cybercriminals are exploiting systemic vulnerabilities in order to target the healthcare sector as one of the most frequently attacked and vulnerable targets in modern cybersecurity, with attacks growing both in volume and sophistication. These risks go well beyond…

Read more →

The US Department of Justice has filed a civil forfeiture complaint against North Korean IT workers for illegally gaining employment with US businesses, and earning millions for the Korean government, which amounts to violations of sanctions. The government seized $7.7m…

Read more →

  The FBI has issued a critical warning regarding a massive malware campaign—dubbed BADBOX 2.0—which has compromised over 1 million Internet-connected consumer devices, including smart TVs, Android tablets, projectors, and streaming boxes. The malware, often embedded in Chinese-manufactured IoT devices,…

Read more →

  The recent discovery of new equipment tied to Predator spyware implies that the surveillance technology is still finding new customers, despite the fact that its backers have faced rounds of US sanctions since July 2023. In a research published…

Read more →

  Cybersecurity experts have uncovered a massive trove of sensitive information left exposed online, potentially placing millions of individuals at significant risk. The discovery, made by researchers from Cybernews in collaboration with SecurityDiscovery.com, revealed an unsecured database totaling 631 gigabytes—containing…

Read more →

  The recently observed increase in ransomware activity linked to the Qilin group has sparked alarms throughout the cybersecurity industry. As a result of these sophisticated Ransomware-as-a-Service (RaaS) operations operating under multiple aliases, including Phantom Mantis and Agenda, Fortinet’s recent…

Read more →

Pig butchering, a term we usually hear in the meat market, sadly, has also become a lethal form of cybercrime that can cause complete financial losses for the victims.  Pig Butchering is a “form of investment fraud in the crypto…

Read more →

  Boaz Barzel, Field CTO at OX Security, recently conducted research with colleagues at OX Security and discovered that an average organisation had more than half a million alerts at any given time. More astonishing is that 95% to 98%…

Read more →

  Kettering Health, a prominent healthcare network based in Ohio, is still grappling with the aftermath of a disruptive ransomware attack that forced the organization to shut down its computer systems. The cyberattack, which occurred in mid-May 2025, affected operations…

Read more →

  Increasingly, organisations are using cloud-based technologies, which has led to the rise of the importance of security concerns surrounding Software as a Service (SaaS) platforms. It is the concept of SaaS security to ensure that applications and sensitive data…

Read more →

  A group of hackers has been carrying out attacks against businesses by misusing a tool that looks like it belongs to Salesforce, according to information shared by Google’s threat researchers. These attacks have been going on for several months…

Read more →

  Reddit, a social media site, filed a lawsuit against Anthropic on Wednesday, claiming that the artificial intelligence firm is unlawfully “scraping” millions of Reddit users’ comments in order to train its chatbot Claude.  Reddit alleges that Anthropic “intentionally trained…

Read more →

  Lee Enterprises, a major U.S. news publisher, is alerting nearly 40,000 individuals about a data breach following a ransomware attack that took place in early February 2025. The company, which owns and operates 77 daily newspapers and hundreds of…

Read more →

  A new study by Secureworks’ Counter Threat Unit (CTU) has revealed that ransomware operations have shifted significantly in response to heightened law enforcement crackdowns, forcing threat actors to evolve their strategies accordingly. There has been a tradition of many…

Read more →

Scam links are difficult to spot, but it has become an everyday issue for internet users who accidentally click on malicious URLs that are part of a phishing attack. Most fake links include standard “https” encryption and domains similar to…

Read more →

  A dangerous Android malware called Crocodilus has developed a new way to fool smartphone users. It can now secretly add fake names to the contact list on an infected phone. This makes it easier for hackers to pretend they…

Read more →

  A newly revealed zero-day vulnerability identified as CVE-2025-4664 has triggered serious concerns for billions of Google Chrome and Chromium users. Security experts have warned that this flaw, which affects both Windows and Linux platforms, could be exploited to leak…

Read more →

  In  a time when tools like ChatGPT are transforming education, content creation, and research, an Indian contractor has reportedly exploited artificial intelligence for a far less noble purpose—fabricating roadwork completion using AI-generated images. A video that recently went viral…

Read more →

In a recent joint cybersecurity advisory released with its Australian partners, the FBI announced that the Play ransomware group has attacked over 900 organizations since May 2025. “As of May 2025, FBI was aware of approximately 900 affected entities allegedly…

Read more →

In terms of cybersecurity, agentic artificial intelligence is emerging as a transformative force that is fundamentally transforming the way digital threats are perceived and handled. It is important to note that, unlike conventional artificial intelligence systems that typically operate within…

Read more →

  The US Embassy in New Delhi has issued a cautionary alert to individuals applying for US visas, urging them to be wary of online scams that falsely promise to expedite visa interview appointments. This warning comes in the wake…

Read more →

An anonymous leaker is exposing the identities of the world’s most wanted cybercriminals.  Recently, a mysterious leaker exposed leaders behind Trickbot and Conti ransomware, hacking groups that are known for some of the biggest extortions in recent times.  Recently, The…

Read more →

  The “Russian Market” cybercrime marketplace has developed as one of the most popular places for purchasing and selling credentials stolen by info stealer malware. Although the marketplace has been functioning for almost six years and has grown in popularity…

Read more →

  In the latest incident involving a high-profile Parisian luxury jeweller, Cartier has been hacked, further heightening the concerns of those who are targeted by digital threats in the fashion and retail industries. In a statement released by the company,…

Read more →

  In a digital world where most AI chatbots rely on cloud computing and constant internet connectivity, PocketPal AI takes a different approach by offering an entirely offline, on-device chatbot experience. This free app brings AI processing power directly onto…

Read more →

  As cyber threats become more complex and widespread, Security Operations Centres (SOCs) increasingly rely on threat intelligence to transform their defensive methods from reactive to proactive. Integrating Cyber Threat Intelligence (CTI) into SOC procedures has become critical for organisations…

Read more →

  As artificial intelligence becomes more popular, scammers are using its hype to fool people. A new warning reveals that hackers are creating fake AI apps and promoting them online to trick users into downloading harmful software onto their devices.…

Read more →

  “Unusual activity detected in your account.” A message like this, often accompanied by a suspicious link, is the new face of digital fraud. While you may pause before clicking, banks are already working behind the scenes to block such…

Read more →

KiranaPro, a voice-powered quick commerce startup connected with India’s Open Network for Digital Commerce (ONDC), has been hit by a devastating cyberattack that completely crippled its backend infrastructure. The breach, which occurred over the span of May 24–25, led to…

Read more →

  There have now been serious allegations of fraud against London-based startup Builder.ai, once considered a disruptor of software development and valued at $1.5 billion. Builder.ai is now in bankruptcy. The company claims that its artificial intelligence-based platform will revolutionise…

Read more →

Cops in Germany have found cybercrime gang leader The Federal Criminal Police of Journey “BKA” has claimed that Stern, the leader of TrickBot and Conti cybercrime gangs, is Vitaly Nikolaevich Kovalev, a 36-year-old Russian.  According to BKA, he is suspected…

Read more →

Browsers at risk The latest information-stealing malware, made in the Rust programming language, has surfaced as a major danger to users of Chromium-based browsers such as Microsoft Edge, Google Chrome, and others.  Known as “RustStealer” by cybersecurity experts, this advanced…

Read more →

  iA significant data exposure involving Unimed, one of the world’s largest healthcare cooperatives, has come to light after cybersecurity researchers discovered an unsecured database containing millions of sensitive patient-doctor communications. The discovery was made by cybersecurity experts at Cybernews,…

Read more →

WordPress plugin exploit Cybersecurity experts have found a critical unpatched security vulnerability impacting the TI WooCommerce Wishlist plugin for WordPress that unauthorized threat actors could abuse to upload arbitrary files. TI WooCommerce Wishlist has more than 100,000 active installations. It…

Read more →

  So-called juice jacking is the most controversial topic in cybersecurity circles. In most years, when a new alert is issued by a government agency before the holidays, it creates new headlines. Stories are written and cyber eyebrows are raised…

Read more →

  In a significant move against online fraud, the US Treasury Department has sanctioned a Philippines-based web hosting company accused of enabling massive cryptocurrency scams. The sanctions, announced Thursday, target Funnull Technology and its administrator, Chinese national Liu Lizhi, for…

Read more →

  A growing number of organizations are adopting autonomous AI agents despite widespread concerns about the cybersecurity risks they pose. According to a new global report released by identity security firm SailPoint, this accelerated deployment is happening in a largely…

Read more →

  With the advent of generative AI, a paradigm shift has been ushered in the field of cybersecurity, transforming the tactics, techniques, and procedures that malicious actors have been using for a very long time. As threat actors no longer…

Read more →

  Chinese state-backed threat actor APT41 has been discovered leveraging Google Calendar as a command-and-control (C2) channel in a sophisticated cyber campaign, according to Google’s Threat Intelligence Group (TIG). The team has since dismantled the infrastructure and implemented defenses to…

Read more →

  Modern workplaces are beginning to track more than just employee hours or tasks. Today, many employers are collecting very personal information about workers’ bodies and behaviors. This includes data like fingerprints, eye scans, heart rates, sleeping patterns, and even…

Read more →

Confused about leaving Facebook? Many people are changing their social media habits and opting out of many services. Facebook has witnessed a large exodus of users deserting the platform after the announcement in March that Meta was terminating the independent…

Read more →

  After years of anticipation, WhatsApp has finally rolled out a dedicated iPad app, allowing users to enjoy the platform’s messaging capabilities natively on Apple’s tablet. Available now for download via the App Store, this new version is built to…

Read more →

  Adidas confirmed that a third-party customer service provider’s vulnerability allowed a threat actor to steal company data.  Contact details of customers who have previously dealt with the Adidas customer service help desk are among the impacted data. However, passwords,…

Read more →

  A group of software engineers, many of whom secretly work on behalf of North Korea, has infiltrated major U.S. companies, many of which are Fortune 500 companies, by masquerading as American developers to obtain money from them. This has…

Read more →

  A recently found malware called PumaBot is putting many internet-connected devices at risk. This malicious software is designed to attack smart systems like surveillance cameras, especially those that use the Linux operating system. It sneaks in by guessing weak…

Read more →

  In a move that could redefine AI infrastructure, Cerebras Systems showcased its record-breaking Wafer Scale Engine (WSE) chip at Web Summit Vancouver, claiming it now holds the title of the world’s fastest AI inference engine.  Roughly the size of…

Read more →

  It seems like someone, possibly nation-state hackers, is building a botnet out of thousands of Asus routers that can withstand firmware patches and reboots. Researchers report that about 9,000 routers have been infiltrated, and the figure is still rising. …

Read more →

  A newly uncovered malware campaign is exploiting unsecured Docker environments across the globe, silently enrolling them into a decentralized cryptojacking network that mines the privacy-focused cryptocurrency, Dero. Cybersecurity firm Kaspersky reports that the attack initiates by targeting exposed Docker…

Read more →

  The DragonForce ransomware group has breached a managed service provider (MSP) and leveraged its SimpleHelp remote monitoring and management (RMM) tool to exfiltrate data and launch ransomware attacks on downstream clients. Cybersecurity firm Sophos, which was brought in to…

Read more →

  X, formerly known as Twitter, has announced a temporary suspension of its encrypted direct messaging (DM) feature as it works on major upgrades to its messaging infrastructure. In a recent update, the platform confirmed that users will still be…

Read more →

  It was discovered today that Vanta, one of the leading providers of compliance automation solutions, had experienced a critical security lapse that resulted in the unauthorised exposure of confidential customer data, which resulted from a software malfunction. An inadvertent…

Read more →

  Security experts are warning people who use NPM — a platform where developers share code — to be careful after finding several fake software packages that secretly collect information from users’ computers. The cybersecurity company Socket found around 60…

Read more →

  Tata Consultancy Services (TCS), a leading Indian IT services firm under the Tata Group umbrella, is reportedly investigating whether its systems played any role in the recent ransomware attack that disrupted operations at British retail giant Marks & Spencer…

Read more →

  The renowned MATLAB programming language and numeric computing environment’s developer has reported a ransomware attack on its IT systems.  MathWorks, based in Massachusetts, sent an update to users after initially reporting issues on May 18, stating that the company…

Read more →

Coinbase data breach linked to India A Reuters investigation revealed that cryptocurrency exchange Coinbase knew in January about a breach affecting outsourced customer support agents in India. Six people who knew about the incident said Coinbase was aware of sensitive…

Read more →

  Despite the Transportation Security Administration’s (TSA) widespread recognition for its role in ensuring air travel security through rigorous passenger screening procedures, the agency is now drawing attention to a lesser-known, yet equally concerning, cybersecurity threat faced by airport travellers.…

Read more →

  The FBI has issued a warning about a sophisticated cybercriminal group known as the Silent Ransom Group (SRG), also referred to by aliases like Luna Moth, Chatty Spider, and UNC3753. This group has been actively targeting U.S.-based law firms…

Read more →

  In a new and potentially alarming development, OpenAI’s latest AI model, o3, has reportedly exhibited behavior suggesting it may be resisting shutdown commands under certain conditions. According to a report published by Palisade Research, a firm that investigates the…

Read more →

  A major cybersecurity incident has affected Nova Scotia Power, the province’s electricity provider. The company recently confirmed it was hit by a ransomware attack that led to a massive data leak, although electricity services were not disrupted. The cyberattack…

Read more →

  Craig Gidney, a Google Quantum AI researcher, has published a new study that suggests cracking popular RSA encryption would take 20 times less quantum resources than previously believed. Bitcoin, and other cryptocurrencies were not specifically mentioned in the study;…

Read more →

  There has been a significant increase in cybercrime incidents in India recently, and the government of India has responded by launching the e-Zero FIR facility, a landmark initiative that will strengthen the nation’s cybersecurity framework and expedite the investigation…

Read more →

Hackers used AVCheck to see malware efficiency International police action has shut down AVCheck, an anti-virus scanning website used by threat actors to check whether their malware was detected by mainstream antivirus before using it in the attacks. The official…

Read more →

  With over three billion users globally, including around 500 million in India, WhatsApp has become one of the most widely used communication platforms. While this immense popularity makes it convenient for users to stay connected, it also provides fertile…

Read more →

  Businesses worldwide are rapidly embracing artificial intelligence (AI), yet a significant number remain deeply concerned about its security implications, according to the 2025 Thales Data Threat Report. Drawing insights from over 3,100 IT and cybersecurity professionals across 20 countries…

Read more →

  A major criminal network operating on the dark web has been disrupted in a large international operation led by the FBI. Over 270 individuals have been arrested for their involvement in the online trade of dangerous illegal drugs such…

Read more →

  Cybercriminals are increasingly camouflaging malware as anime content to exploit the growing global fascination with Japanese animation, according to cybersecurity firm Kaspersky. Their recent analysis of phishing incidents between Q2 2024 and Q1 2025 revealed over 250,000 attacks leveraging…

Read more →

EU takes action against Russian propaganda The European Union (EU) announced sweeping new sanctions against 21 individuals and 6 entities involved in Russia’s destabilizing activities abroad, marking a significant escalation in the bloc’s response to hybrid warfare threats. European Union…

Read more →

  Vietnam’s technology ministry has ordered telecommunications service providers to ban the messaging app Telegram for failing to cooperate in the investigation of alleged crimes committed by its users, a move Telegram described as shocking. In a document dated May…

Read more →

  A growing number of cyberattacks are being carried out by a group linked to the 3AM ransomware. These attackers are using a combination of spam emails and fake phone calls pretending to be a company’s tech support team. Their…

Read more →

  The Universal Opt-Out Mechanism (UOOM) has emerged as a crucial tool that streamlines consumers’ data rights exercise in a time when digital privacy concerns continue to rise. Through the use of this mechanism, individuals can express their preferences regarding…

Read more →

  Efforts to dismantle the criminal networks operating on the dark web are always welcome, especially when those networks serve as hubs for stolen credentials, ransomware brokers, and cybercrime gangs. However, the dangers extend far beyond digital crime. A substantial…

Read more →

Regulatory AI Policy  The CISA, NSA, and FBI teamed with cybersecurity agencies from the UK, Australia, and New Zealand to make a best-practices policy for safe AI development. The principles laid down in this document offer a strong foundation for…

Read more →

  Several studies show that artificial intelligence has become an integral part of mental health care, changing the way practitioners deliver, document, and conceptualise therapy over the years, as well as how professionals are implementing, documenting, and even conceptualising it.…

Read more →

  Coinbase, a renowned cryptocurrency exchange, is offering a $20 million prize to anyone who can assist identify and bring down the culprits of a recent cyber-attack, rather than fulfilling their ransom demands.  On May 15, Coinbase said that attackers…

Read more →

  The Central Bureau of Investigation (CBI) has uncovered a major international scam targeting Japanese citizens through fake tech support schemes. As part of its nationwide anti-cybercrime initiative, Operation Chakra V, the CBI arrested six individuals and shut down two…

Read more →

  Last week, South Korean telecom firm SK Telecom announced that a malware-based data breach exposed over 27 million phone numbers, jeopardising user privacy and raising concerns in the cybersecurity community. The breach apparently lasted more than three years and…

Read more →

  IT support teams, also known as service desks, are usually the first people we call when something goes wrong with our computers or accounts. They’re there to help fix issues, unlock accounts, and reset passwords. But this helpfulness is…

Read more →

  Experts are warning that working from home is making businesses more open to cyberattacks, especially as hackers use new tools like artificial intelligence (AI) to trick people. Since many employees now work remotely, scammers are taking advantage of weaker…

Read more →

Research by cybersecurity researchers has revealed that threat actors have been using tampered versions of KeePass password manager software to break into enterprise networks for several months. Researchers have discovered that this campaign has been sophisticated and ongoing for several…

Read more →

  Foxconn chairman Young Liu has issued a stark warning about the future of low-end manufacturing jobs, suggesting that generative AI and robotics will eventually eliminate many of these roles. Speaking at the Computex conference in Taiwan, Liu emphasized that…

Read more →

  A ransomware incident has caused a significant “system-wide technology outage” at a network of over a dozen medical centers in Ohio, resulting in the cancellation of both inpatient and outpatient elective procedures. This information comes from a statement released…

Read more →

  Peter Green Chilled, a logistics firm, has announced that it has been attacked by a ransomware attack, interrupting deliveries of refrigerated goods to some of the country’s top supermarkets. Customers — largely smaller producers who provide food to regional…

Read more →

  This week, Google, as part of its annual Google Marketing Live 2025 event, unveiled a comprehensive suite of artificial intelligence-powered tools to help the company cement its position at the forefront of digital commerce and advertising on Wednesday, May…

Read more →

  At the latest Google I/O developers conference, the tech giant introduced an unexpected innovation in online shopping: an AI-powered virtual try-on tool. This new feature lets users upload a photo of themselves and see how clothing items would appear…

Read more →

  As a result of sophisticated social engineering attacks mimicking a recent attempt to breach Coinbase Global Inc., Binance and Kraken exchanges have both been able to thwart such attacks. In the report by Bloomberg, sources familiar with the matter…

Read more →

  Following the cyberattack that affected the retailer for a month, Marks & Spencer is reportedly facing a multimillion-pound lawsuit over the loss of customer data. It acknowledged earlier this month that customer information, including names, email addresses, postal addresses,…

Read more →

  Ray Simmons was confused when he received an unexpected Amazon package containing beet chews. Initially, he thought it might be a joke from someone encouraging him to eat healthier. However, it turned out to be part of a broader…

Read more →

  A major Chinese telecom company has launched what it claims is the first commercial security system that can protect digital communication from even the most powerful future hackers — including those using quantum computers. China Telecom Quantum, a state-owned…

Read more →

  For at least six months, the official software bundled with Procolored printers reportedly included malicious code, including a remote access trojan (RAT) and a cryptocurrency-stealing malware. Procolored, a Shenzhen-based manufacturer known for its affordable Direct-to-Film (DTF), UV DTF, UV,…

Read more →

  A multi-national cryptocurrency fraud ring that allegedly defrauded victims worldwide over a quarter of a billion dollars has come under increased scrutiny from the US Department of Justice (DOJ).  The case now has 27 defendants in total after the…

Read more →

  Klarna Group Plc, the Sweden-based fintech company, is reassessing its heavy reliance on artificial intelligence (AI) in customer service after admitting the approach led to a decline in service quality. CEO and co-founder Sebastian Siemiatkowski acknowledged that cost-cutting took…

Read more →

  Today’s cyber threat landscape is rapidly evolving, making it increasingly difficult for adversaries to tell the difference between traditional malware families, as adversaries combine their capabilities to maximise their impact. Skitnet, an advanced multistage post-exploitation toolkit, is one of…

Read more →

  Cyberattacks aren’t what they used to be. Instead of one group planning and carrying out an entire attack, today’s hackers are breaking the process into parts and handing each step to different teams. This method, often seen in cybercrime…

Read more →

  Microsoft’s Digital Crimes Unit (DCU) and global partners have halted Lumma Stealer, one of cybercriminals’ most common info-stealing malware tools. On May 13, Microsoft and law enforcement agencies seized nearly 2,300 domains that comprise Lumma’s infrastructure, inflicting a significant…

Read more →

  Amid the ongoing conflict between Russia and Ukraine, the digital battlefield remains just as active as the one on the ground. Researchers have identified a sophisticated and ongoing global hacking campaign known as “Operation RoundPress” as a disturbing escalation…

Read more →

  Nucor, the largest steel manufacturer and recycler in North America, has disclosed a cybersecurity incident that forced the company to temporarily shut down some of its production operations. The Charlotte, North Carolina-based firm confirmed the event in a recent…

Read more →

  Almost half of bank executives polled recently by KPMG believe that generative AI will be able to manage 21% to 40% of their teams’ regular tasks by the end of the year.    Heavy investment Despite economic uncertainty, six…

Read more →