Category: CySecurity News – Latest Information Security and Hacking Incidents

  President Donald Trump stated that his administration has learnt from Signalgate. “I think we learnt: Maybe don’t use Signal, okay?” Trump spoke about the messaging app in an interview with The Atlantic published Monday. “If you want to know…

Read more →

  A cybercrime group notorious for its outrageous tactics has resurfaced with a ransomware attack demanding an unbelievable $1 trillion from its victims. The group, responsible for the DOGE Big Balls ransomware campaign, has updated its ransom demands with bizarre…

Read more →

  A security researcher has discovered an ongoing cyberattack that is active, exploiting a newly discovered vulnerability in Fortinet’s FortiGate Firewalls to infiltrate corporate and enterprise networks and has been conducting this activity for some time. A security advisory published…

Read more →

  Most of us delete spam emails as soon as they land in our inbox. They’re irritating, unwanted, and often contain suspicious content. But what many people don’t know is that keeping them, at least briefly can actually help improve…

Read more →

  Next-generation DNA sequencing (NGS) is under increasing criticism for its cyber risks. While NGS has transformed disciplines ranging from cancer diagnosis to infectious disease tracking, a recent study warns that the platforms that enable these advancements could also be…

Read more →

  Google has officially halted its years-long effort to eliminate third-party cookies from Chrome, marking the end of its once-ambitious Privacy Sandbox project. In a recent announcement, Anthony Chavez, VP of Privacy Sandbox, confirmed that the browser will continue offering…

Read more →

  It has been reported that Elon Musk’s social media platform, X, formerly known as Twitter, was severely disrupted on Monday after a widespread cyberattack that has caused multiple service disruptions. Data from outage monitoring service Downdetector indicates that at…

Read more →

  At a startling rate, cybercriminals are taking over well-known YouTube channels, exposing viewers to malware, frauds, and data theft. With billions of views and millions of followers at risk, a single mistake can have disastrous results.  According to new…

Read more →

  A North Korean threat group known as Slow Pisces has launched a sophisticated cyberattack campaign, focusing on developers in the cryptocurrency industry through LinkedIn. Also referred to as TraderTraitor or Jade Sleet, the group impersonates recruiters offering legitimate job…

Read more →

  In the world of cybercrime, criminals usually fall into two groups. Some target individuals, tricking them for money. Others go after important organizations like hospitals and companies, hoping for bigger payouts. Although attacks on healthcare are less common, they…

Read more →

  SK Telecom, South Korea’s top mobile carrier, has disclosed a security incident involving a malware infection that exposed sensitive information tied to users’ Universal Subscriber Identity Modules (USIMs). The breach was detected on the night of April 19, 2025,…

Read more →

  Recent reports suggest that North Korean threat actors are now employing an alarming evolution in the tactics they employ to launch a sophisticated cybercrime operation known as Elusive Comet, a sophisticated cybercrime operation. This newly uncovered campaign demonstrates a…

Read more →

  Online PDF converters provide efficient conversions of documents from one file format to another, and millions of individuals and businesses use these services to do so. However, this free service also poses significant cybersecurity risks despite its convenience. According…

Read more →

  Crossing into the United States has become riskier since the start of Trump’s second administration. Foreign visitors and US visa holders are increasingly being detained, questioned, or deported. As uncertainty grows, travel demand from Canada and Europe has dropped…

Read more →

  Fog ransomware assaults over the last month have included a new ransom note mentioning the US Department of Government Efficiency (DOGE) and enticing victims to propagate the malware to other PCs, Trend Micro said earlier this week.  Analysis of…

Read more →

  A new report from IBM’s X-Force 2025 Threat Intelligence Index shows that cybercriminals are changing their tactics. Instead of mainly using ransomware to lock systems, more hackers are now trying to quietly steal login information. IBM studied over 150…

Read more →

  Tesla has often made headlines lately, but this new problem is not connected to Elon Musk or his cars. Instead, it involves cybercriminals who are trying to steal people’s private information using a dangerous software called Agent Tesla. Here’s…

Read more →

  In a chat group that included his wife, brother, and personal attorney, U.S. Defence Secretary Pete Hegseth provided specifics of a strike on Yemen’s Iran-aligned Houthis in March, a person familiar with the situation told Reuters earlier this week. …

Read more →

  A 39-year-old director of a Mohammedwadi-based firm, which operates in IT services and dry fruit imports, was duped into transferring ₹6.49 crore following a sophisticated Man-in-the-Middle (MitM) cyberattack on March 27. In a MitM scam, cybercriminals secretly intercept communications…

Read more →

  As far as users are concerned, once a file is removed from their computer, it is forever gone. However, the reality is more complex. The likelihood of recovering a deleted file depends on how it was deleted, as well…

Read more →

ClickFix attacks are rapidly becoming a favored tactic among advanced persistent threat (APT) groups from North Korea, Iran, and Russia, particularly in recent cyber-espionage operations. This technique involves malicious websites posing as legitimate software or document-sharing platforms. Targets are enticed…

Read more →

  A recent report released on April 2 has uncovered a worrying rise in open-source malware aimed at developers. These attacks, described as “smash and grab” operations, are designed to swiftly exfiltrate sensitive data from development environments. Brian Fox, co-founder…

Read more →

  Hong Kong police have detained eight people accused of running a scam ring that overcame bank verification checks to open accounts by replacing images on lost identification cards with deepfakes that included scammers’ facial features.  Senior Superintendent Philip Lui…

Read more →

  Many people today are struggling with digital clutter. This means having too many files, photos, apps, and emails saved on phones or computers. A new survey shows that more than three out of four people have more digital data…

Read more →

  In recent times, there has been considerable concern with regards to some newly uncovered Android-based malware-as-a-service (Maas) platforms, particularly those based on Android and known as SuperCard X. This is because this platform was able to execute these attacks…

Read more →

  Cybersecurity researchers have revealed that the Interlock ransomware gang has adopted a deceptive social engineering technique called ClickFix to infiltrate corporate networks. This method involves tricking users into executing malicious PowerShell commands under the guise of resolving system errors…

Read more →

  A sophisticated custom backdoor malware called Betruger has been discovered in recent ransomware campaigns, with Symantec researchers linking its use to affiliates of the RansomHub ransomware-as-a-service (RaaS) group. The new malware is considered a rare and powerful tool designed…

Read more →

  Over 16,000 internet-connected Fortinet devices have been identified as having a new symlink backdoor that permits read-only access to sensitive data on previously compromised systems.  The Shadowserver Foundation, a threat monitoring platform, has stated that 14,000 machines were exposed.…

Read more →

  It has been a dramatic turn in the cyber world for the globally recognised hacktivist collective Anonymous in the last few days, with the claim that a colossal data breach has been perpetrated against the Russian government and its…

Read more →

  Two separate data breaches in the U.S. have exposed sensitive information of more than 236,000 people. These incidents involve two organizations: Endue Software in New York and Medical Express Ambulance (MedEx) in Illinois. Endue Software creates software used by…

Read more →

  Ransomware has always been an evolving menace, as criminal outfits experiment with new techniques to terrorise their victims and gain maximum leverage while making extortion demands. Weaponized AI is the most recent addition to the armoury, allowing high-level groups…

Read more →

  There has been a significant breach of security at 4chan recently, which has been widely reported. According to several online sources, a hacker may have managed to penetrate the platform’s internal systems after successfully infiltrating the platform’s anonymous and…

Read more →

  The State Bank of India (SBI) has issued an urgent public advisory warning customers and the general public about the rising threat of deepfake scam videos. These videos, circulating widely on social media, falsely claim that SBI has launched…

Read more →

  Landmark Admin, a company based in Texas that works with insurance firms across the country, has shared new details about a cyberattack it suffered last year. According to the latest update, the number of people whose personal data may…

Read more →

  If you’ve been scrolling through social media recently, you’ve probably seen a lot of… dolls. There are dolls all over X and on Facebook feeds. Instagram? Dolls. TikTok? You guessed it: dolls, as well as doll-making techniques. There are…

Read more →

  Several of the largest banks in the United States have curtailed or reassessed how they share sensitive data with the Office of the Comptroller of the Currency (OCC), after a significant cyberattack compromised the regulator’s email system.  According to…

Read more →

  Recently, the United States Postal Service (USPS) issued an advisory in which it advised citizens to be more vigilant in light of an increase in sophisticated mail fraud schemes. In addition to the deceptive activities that have notably increased…

Read more →

  Denver-headquartered DaVita Inc., a leading provider of kidney care and dialysis services with more than 3,100 facilities across the U.S. and 13 countries, has reported a ransomware attack that is currently affecting parts of its network. The incident, disclosed…

Read more →

  Google’s Gmail is now offering two new upgrades, but here’s the catch— they don’t work well together. This means Gmail’s billions of users are being asked to pick a side: better privacy or smarter features. And this decision could…

Read more →

  The cybersecurity sector experienced an extraordinary breach in February 2025 that revealed the inner workings of the well-known ransomware gang Black Basta.  Trustwave SpiderLabs researchers have now taken an in-depth look at the disclosed contents, which explain how the…

Read more →

  A strange tech prank unfolded across Silicon Valley this past weekend after crosswalk buttons in several cities began playing AI-generated voice messages impersonating Elon Musk and Mark Zuckerberg.   Pedestrians reported hearing bizarre and oddly personal phrases coming from…

Read more →

  The growing reliance on satellite-based navigation systems by modern aviation has raised serious concerns among global aviation authorities about the threat to the integrity of these systems that are emerging. As one such threat, GPS spoofing, is rapidly gaining…

Read more →

  Google is preparing a major upgrade to its Messages app that will make texting between Android and iPhone users much smoother and more secure. For a long time, Android and Apple phones haven’t worked well together when it comes…

Read more →

  Texting through SMS is pretty much a thing of the past. Most people today rely on apps like WhatsApp and Signal to share messages, make encrypted calls, or send photos—all under the assumption that our conversations are private. But…

Read more →

  A major data breach involving Bangchak Corporation Public Company Limited is being swiftly investigated by Thailand’s Personal Data Protection Committee (PDPC). The company stated that unauthorised access to its customer feedback system had affected roughly 6.5 million records.  A…

Read more →

  The presentation of a TP-Link Wi-Fi router by Representative Raja Krishnamoorthi of Illinois to Congress was one of the rare displays that highlighted increasing national security concerns on March 5. As a result of the congressman’s stark warning —…

Read more →

  A new kind of digital scam is spreading across the UK, where criminals trick people using fake QR codes. This type of scam is called “quishing,” and it has been growing quickly. In 2023, there were over 1,300 reports…

Read more →

  Gamaredon, a Russia-backed threat group renowned for distributing malware via phishing emails, recently appears to have utilised an infected portable drive to target a Ukrainian-based military mission of an undisclosed Western country. The malware was an updated version of…

Read more →

  Encrypted messaging apps have become essential tools in the age of cyber threats and surveillance. With rising concerns over data privacy, especially after recent high-profile incidents, users are turning to platforms that offer more secure communication. Among the top…

Read more →

  Among the latest findings from cybersecurity insurance provider At-Bay, ransomware incidents witnessed a significant resurgence in 2024, with both the frequency and the severity of these attacks escalating significantly. Based on the firm’s 2025 InsurSec Report, ransomware activity rose…

Read more →

  Microsoft has revealed that nearly 80% of human-operated cyberattacks involve compromised domain controllers, according to a recent blog post published on Wednesday. Alarmingly, in over 30% of these incidents, attackers use the domain controller—a central system in corporate IT…

Read more →

  A cybersecurity breach has exposed the confidential health data of more than 1.6 million individuals—including minors—who received care at Planned Parenthood centers across over 30 U.S. states. The breach stems from Laboratory Services Cooperative (LSC), a company providing lab…

Read more →

  The notorious SpyNote malware is making a comeback thanks to a novel campaign. This remote access trojan has many malicious features and is also quite challenging to remove from an infected Android smartphone. According to security researchers, this time…

Read more →

  Fourlis Group, the retail operator responsible for IKEA stores across Greece, Cyprus, Romania, and Bulgaria, has revealed that a ransomware attack targeting its systems in late November 2024 led to significant financial losses. The cyber incident, which coincided with…

Read more →

  A newly found security issue in a widely used WordPress tool called OttoKit (previously called SureTriggers) has opened the door for cybercriminals to take over websites. Within just a few hours of the problem being shared publicly, hackers began…

Read more →

The threat actor “ToddyCat,” a Chinese-linked threat actor, is being observed exploiting a vulnerability in ESET security software to spread a newly discovered malware strain known as TCESB, a new strain that has recently been discovered. In a recent study…

Read more →

  A major security problem has been found in a widely used file-sharing platform, and hackers have already started taking advantage of it. This tool, called CentreStack, is often used by IT service providers to help businesses manage and share…

Read more →

  As the trade battle between the United States and China heats up, some cybersecurity and policy experts fear Beijing could retaliate in cyberspace. Shortly after the US raised its tax on imported Chinese goods to 104 percent on Wednesday…

Read more →

  Almost all leading TV models in recent years have been equipped with Automatic Content Recognition (ACR), a form of advanced tracking technology designed to analyse and monitor viewing habits that is a key component of most television sets. As…

Read more →

Ransomware attacks have seen a dramatic rise in the first quarter of 2025, with new research from Object First revealing an 84% increase compared to the same period in 2024. This alarming trend highlights the growing sophistication and frequency of…

Read more →

  As cyberattacks grow more advanced, targeting the essential systems of modern life—from energy pipelines and manufacturing plants to airports and telecom networks—governments are increasing pressure on industries to fortify their digital and physical defenses. A series of high-profile breaches,…

Read more →

  Oracle has informed its users that a recent cyberattack only affected two outdated servers that are no longer in use. These systems were separate from Oracle’s main cloud services, and the company says that no active customer data or…

Read more →

  Ransomware attackers abused a zero-day flaw in a widely used Windows logging system for managing transactional information to launch attacks against organisations in the US real estate sector, Microsoft revealed Tuesday.  In a blog post, the tech giant stated…

Read more →

  It has been reported that law enforcement agencies across Europe and North America have made additional arrests to dismantle the illicit ecosystem supporting malware distribution and deployment as part of a wider global effort. As part of Operation Endgame,…

Read more →

  A newly disclosed Windows zero-day vulnerability, tracked as CVE-2025-29824, is being actively exploited in cyberattacks to deliver ransomware, Microsoft has warned. This flaw affects the Windows Common Log File System (CLFS) driver and enables local privilege escalation—a method often…

Read more →

  As artificial intelligence becomes more common in business settings, experts are warning that these tools could be the next major target for online criminals. Some of the biggest software companies, like Microsoft and SAP, have recently started using AI…

Read more →

  The attackers are leveraging SourceForge to distribute fraudulent Microsoft add-ins that install malware on victims’ PCs to mine and siphon crypto. SourceForge.net is a legitimate software hosting and distribution platform that also offers version control, issue tracking, and dedicated…

Read more →

  In recent years, artificial intelligence and machine learning have been in high demand across a broad range of industries. As a consequence, the cost and complexity of constructing and maintaining these models have increased significantly. Artificial intelligence and machine…

Read more →

  Meta has issued a high-priority warning about a critical vulnerability in the Windows version of WhatsApp, tracked as CVE-2025-30401, which could be exploited to deliver malware under the guise of image files. This flaw affects WhatsApp versions prior to…

Read more →

  A new type of digital threat is quietly spreading online, and it’s mainly affecting people who use Windows computers. This threat, called Neptune RAT, is a kind of harmful software that allows hackers to take over someone’s system from…

Read more →

  The US Office of the Comptroller of the Currency (OCC), a key banking regulator, officially classified a significant breach of its email system as a “major information security incident” after learning that malicious actors accessed highly sensitive bank supervisory…

Read more →

  With the April 15 U.S. tax deadline looming, millions of users are logging in to manage their finances online—unfortunately, cybercriminals are watching too. Leveraging this surge in digital activity, attackers are exploiting trusted platforms like Google to deceive users…

Read more →

  In a bold and controversial move, the FBI operated a money laundering platform on the dark web under the alias “ElonmuskWHM,” aiming to infiltrate the criminal ecosystem it served. According to an investigation by 404 Media, the FBI’s undercover…

Read more →

  The motorsports industry has recently been faced with troubling news that NASCAR may have become the latest high-profile target for a ransomware attack as a result of the recent hackread.com report. According to the organization’s internal systems being breached…

Read more →

  A newly uncovered malicious Python package on PyPi, named ‘disgrasya’, has raised serious concerns after it was discovered exploiting WooCommerce-powered e-commerce sites to validate stolen credit card information. Before its removal, the package had been downloaded more than 34,000…

Read more →

  For security analysts Akshay and Viral, a casual check of a healthcare system’s security quickly turned into a huge finding. The duo discovered a major data leak at Apollo Hospitals, one of India’s leading hospital networks.  The breach first…

Read more →

  A criminal group known for using ransomware was recently caught off guard when its own website was tampered with. The website, which the gang normally uses to publish stolen data from their victims, was replaced with a short message…

Read more →

  A cybersecurity breach allegedly targeting Europcar has brought attention to vulnerabilities in corporate development platforms. A threat actor operating under the alias “Europcar” recently claimed on an underground forum that they had gained unauthorized access to the car rental…

Read more →

  A cutting-edge artificial intelligence model developed by Google called Sec-Gemini v1, a version of Sec-Gemini that integrates advanced language processing, real-time threat intelligence, and enhanced cybersecurity operations, has just been released. With the help of Google’s proprietary Gemini large…

Read more →

  Karnataka has taken a big step to fight the rising number of online crimes. It has launched the country’s first Cyber Command Centre. This new centre will handle all matters related to cyber safety and crime under one roof.…

Read more →

  Digital services are now as important as other public utilities such as electricity and water in today’s interconnected world. It is very important for society to expect a similar level of consistency and quality when it comes to these…

Read more →

  A disturbing trend is emerging in India’s digital landscape as generative AI tools are increasingly misused to forge identities and spread misinformation. One user, Piku, revealed that an AI platform generated a convincing Aadhaar card using only a name,…

Read more →

  A security flaw in the WinRAR file archiver solution might be used to circumvent the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows computer. The vulnerability is known as CVE-2025-31334 and impacts all…

Read more →

  Ethical hacking may sound paradoxical, but it’s one of the most vital tools in modern cyber defence. Known as white hat hackers, these professionals are hired by companies to simulate cyberattacks, uncover vulnerabilities, and help fix them before malicious…

Read more →

  Meta has introduced a fresh set of artificial intelligence models under the name Llama 4. This release includes three new versions: Scout, Maverick, and Behemoth. Each one has been designed to better understand and respond to a mix of…

Read more →

  In Western society, the likelihood of cyberattacks is arguably higher now than it has ever been. The National Cyber Security Centre (NCSC) advised UK organisations to strengthen their cyber security when Russia launched its attack on Ukraine in early…

Read more →

  Generative AI (GenAI) is redefining how HR leaders interact with data, removing the steep learning curve traditionally associated with people analytics tools. When faced with a spike in hourly employee turnover, Sameer Raut, Vice President of HRIS at Sunstate…

Read more →

  A cybercriminal group known for ransomware attacks has decided to stop using those methods and instead focus only on stealing information and demanding money in return. The group, called Hunters International, has rebranded and is now running a new…

Read more →

  As part of WhatsApp’s ongoing efforts to ensure the safety of its users, a new feature will strengthen the confidential nature of chat histories. The enhancement is part of the platform’s overall initiative aimed at increasing privacy safeguards and…

Read more →

  The FBI, the Cybersecurity and Infrastructure Security Agency, and a group of international partners have warned that cyber threat groups are utilising a technique known as “fast flux” to conceal the whereabouts of malicious servers, which poses a substantial…

Read more →

  A newly discovered cyberattack campaign targeting Ivanti VPN devices is suspected to be linked to a Chinese cyberespionage group. Security researchers believe the attackers exploited a critical vulnerability in Ivanti Connect Secure, which was patched by the Utah-based company…

Read more →

  A cyber-espionage group known as ToddyCat, believed to have ties to China, has been observed exploiting a security flaw in ESET’s software to deliver a new and previously undocumented malware strain called TCESB, according to fresh findings by cybersecurity…

Read more →

North Korean hackers responsible for Contagious Interview are trapping job seekers in the cryptocurrency sector by using the popular ClickFix social-engineering attack strategy. They aimed to deploy a Go-based backdoor— earlier undocumented— known as GolangGhost on Windows and macOS systems. …

Read more →

  A disturbing dark web website known as DogeQuest has surfaced, targeting Tesla owners and associates of Elon Musk by publishing their personal information. The data used on the site appears to have been sourced largely from a 2021 breach…

Read more →

  Many organizations are adopting Artificial Intelligence (AI) as a capability, but the focus is shifting from capability to responsibility. In the future, PwC anticipates that AI will be worth $15.7 trillion to the global economy, an unquestionable transformational potential.…

Read more →

  Cyberattacks are changing. In the past, hackers would lock your files and show a big message asking for money. Now, a new type of attack is becoming more common. It’s called “quiet ransomware,” and it can steal your private…

Read more →

  Swiss specialists have issued a grave warning that cyber attackers could use hospital devices to commit murder. In an alarming new research from Zurich-based cybersecurity firm Scip AG, specialists showed how they were simply able to hijack medical devices…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA) has released two significant advisories focused on Industrial Control Systems (ICS), urging swift action from organizations operating within vital infrastructure sectors. These advisories—ICSA-25-091-01 and ICSA-24-331-04—highlight newly discovered vulnerabilities that could pose severe…

Read more →

EncryptHub is an infamous threat actor responsible for breaches at 618 organizations. The hacker reported two Windows zero-day flaws to Microsoft, exposing a conflicted figure that blurs the lines between cybercrime and security research.  The reported flaws are CVE-2025-24061 (Mark…

Read more →

The threat of payment fraud is growing rapidly, fueled by the widespread use of digital transactions and evolving cyber tactics. At its core, payment fraud refers to the unauthorized use of someone’s financial information to make illicit transactions. Criminals are…

Read more →