Category: CySecurity News – Latest Information Security and Hacking Incidents

  A configuration utility designed for an Endgame Gear gaming mouse was recently found to have been compromised with malware, raising concerns among users and prompting a swift response from the company. Endgame Gear issued a public alert on Wednesday…

Read more →

  A contemporary cyber incident involving Amazon’s AI-powered coding assistant, Amazon Q, has raised serious concerns about the safety of developer tools and the risks of software supply chain attacks. The issue came to light after a hacker managed to…

Read more →

  The British government’s proposals to amend its ransomware strategy marked a minor milestone on Tuesday, when the Home Office issued its formal answer to a survey on modifying the law, but questions remain regarding the effectiveness of the measures. …

Read more →

An alarming development that underscores how financial cybercrime is evolving is a Windows-based banking trojan dubbed Coyote. It has been observed for the first time that a malware strain leveraging the Microsoft UI Automation (UIA) framework for stealthy extraction of…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert about two high-risk vulnerabilities in SysAid’s IT service management (ITSM) platform that are being actively exploited by attackers. These security flaws, identified as CVE-2025-2775 and CVE-2025-2776, can…

Read more →

  In a major cybersecurity incident this April, the Indian Council of Agricultural Research (ICAR) — the apex body managing agricultural education and research nationwide — fell victim to a serious data breach. The cyberattack targeted ICAR’s central website, its…

Read more →

  Hong Kong, China — A recent cyberattack on Hongkong Post’s online mailing system has resulted in a major data breach affecting tens of thousands of users. According to officials, the hacker managed to access sensitive contact information from the EC-Ship…

Read more →

  Australian fashion retailer SABO recently faced a significant data breach that exposed sensitive personal information of millions of customers. The incident came to light when cybersecurity researcher Jeremiah Fowler discovered an unsecured database containing over 3.5 million PDF documents,…

Read more →

  China’s national online ID service went into effect earlier this month with the promise of improving user privacy by limiting the amount of data collected by private-sector companies. However, the measures have been criticised by privacy and digital rights…

Read more →

  As the cornerstone of enterprise IT ecosystems for identity and access management, Active Directory (AD) continues to serve as its pillar of support. It has been trusted to handle centralised authentication and authorisation processes for decades, enabling organisations to…

Read more →

  A recently observed version of the banking malware known as Coyote has begun using a lesser-known Windows feature, originally designed to help users with disabilities, to gather sensitive information from infected systems. This marks the first confirmed use of…

Read more →

  Dell Technologies has acknowledged a serious security compromise affecting its Customer Solution Centers platform, the latest high-profile intrusion by the World Leaks extortion outfit.  The breach occurred earlier this month and targeted Dell’s isolated demonstration environment, which is designed…

Read more →

  A new controversy is brewing over a U.S.-based startup accused of making stolen personal data widely accessible—for as little as $50. Farnsworth Intelligence, founded by 23-year-old Aidan Raney, is openly marketing a product called “Infostealers,” which allows customers to…

Read more →

  In light of the rapid evolution of quantum computing, it has become much more than just a subject for academic curiosity—it has begun to pose a serious threat to the cryptographic systems that secure digital currencies such as Bitcoin,…

Read more →

  Your Wi-Fi router might be doing more than just providing internet access. New technology is allowing these everyday devices to detect movement inside your home without using cameras or microphones. While this might sound futuristic, it’s already being tested…

Read more →

  Cybersecurity researchers have discovered a new and alarming trend in the world of online threats: “LameHug”. This malicious program distinguishes out because it uses artificial intelligence, notably large language models (LLMs) built by companies such as Alibaba.  LameHug, unlike…

Read more →

  The British Army has initiated an urgent investigation following the public exposure of sensitive information identifying members of the UK Special Forces. General Sir Roly Walker, Chief of the General Staff, has directed a comprehensive review into how classified…

Read more →

  A global cybersecurity crisis has been triggered by a newly discovered and unpatched vulnerability in Microsoft SharePoint Server, prompting the Governments of the United States, Canada, and Australia to conduct urgent investigations. In what experts are calling a coordinated…

Read more →

  Artificial intelligence is now part of almost everything we use — from the apps on your phone to voice assistants and even touchscreen menus at restaurants. What once felt futuristic is quickly becoming everyday reality. But as AI gets…

Read more →

  A significant data breach impacting as many as 800,000 users from two leading online betting platforms has heightened fears over sophisticated phishing risks and the growing role of artificial intelligence in exploiting compromised personal data. The breach, confirmed by…

Read more →

  A little more than a year ago, nearly 8.5 million Windows-based IT systems went down due to a simple error made during a routine software update. Computers were unable to reboot for several hours due to a bug from…

Read more →

It has been discovered that a malicious program has been launched, posing a serious threat to thousands of online retailers worldwide, as it exploits vulnerabilities in widely used content management systems. According to security researchers, the attack primarily targets platforms…

Read more →

  An elite Chinese cyber-espionage group known as Salt Typhoon infiltrated a U.S. state’s Army National Guard network for nearly nine months, according to a classified Pentagon report revealed in a June Department of Homeland Security (DHS) memo. The memo,…

Read more →

  In this modern-day digital world, companies are under constant pressure to keep their networks secure. Traditionally, encryption systems were deeply built into applications and devices, making them hard to change or update. When a flaw was found, either in…

Read more →

  A 44-year-old Romanian national has been arrested as part of a coordinated international law enforcement effort to take down the cybercriminal group behind the Diskstation ransomware campaign. This group is known for targeting Synology Network-Attached Storage (NAS) devices, which…

Read more →

  LameHug, a novel malware family, generates commands for execution on compromised Windows systems using a large language model (LLM).  Russia-backed threat group APT28 (also known as Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, and Forest Blizzard) was…

Read more →

  A series of sophisticated cyber espionage activities has been officially attributed to Russia’s military intelligence agency, the GRU, in an important development that aims to strengthen the cybersecurity of both the United Kingdom and its allied countries. On 18…

Read more →

  A large scale data exposure incident has come to light involving the Gladney Center for Adoption, a U.S.-based non-profit that helps connect children with adoptive families. According to a cybersecurity researcher, an unsecured database containing over a million sensitive…

Read more →

  Small and medium-sized businesses (SMBs) are entering 2025 grappling with familiar hurdles: tight budgets, economic uncertainty, talent shortages, and limited cybersecurity resources. A survey of 300 decision-makers highlights how these challenges are pushing SMBs to seek smarter, more affordable…

Read more →

  The technology that facilitates your daily life, from the smartphone in your hand to the car in your garage, may simultaneously be detrimental to you. Once the stuff of spy thrillers, consumer electronics can today be used as tools…

Read more →

  Public WiFi safety continues to be a contentious topic among cybersecurity professionals, often drawing sarcastic backlash on social media when warnings are issued. However, cybersecurity firm Zimperium has recently cautioned travelers about legitimate risks associated with free WiFi networks,…

Read more →

  The concept of randomness is often regarded as a cornerstone of fairness, security, and predictability in both physical and digital environments. Randomness must be used to ensure impartiality, protect sensitive information, and ensure integrity, whether it is determining which…

Read more →

  The ongoing debate around Meta’s use of European data to train its artificial intelligence (AI) systems is far from over. While Meta has started training its large language models (LLMs) using public content from Facebook and Instagram, privacy regulators…

Read more →

  The Justice Department said Wednesday last week that an Armenian national is in federal custody on charges related to their alleged involvement in a wave of Ryuk ransomware attacks in 2019 and 2020. On June 18, Karen Serobovich Vardanyan,…

Read more →

  Dell Technologies has confirmed that one of its internal platforms used for showcasing products was recently accessed by a hacker. The company assured that no sensitive or customer-related data was exposed during the incident. In an official statement to…

Read more →

  The department store chain Belk recently became the target of a ransomware attack, with the hacking group DragonForce taking responsibility for the breach. The cybercriminals claim to have stolen 156 GB of sensitive data from the company’s systems in…

Read more →

  Known by aliases such as UNC3944, Scatter Swine, and Muddled Libra, Scatter Spider is an extremely persistent and adaptable cybercriminal group focused on financial gain. In the current cyber threat environment, the Scatter Spider group stands out as one…

Read more →

  A concerning security mistake involving a U.S. government employee has raised alarms over how powerful artificial intelligence tools are being handled. A developer working for the federal Department of Government Efficiency (DOGE) reportedly made a critical error by accidentally…

Read more →

  Within the underground economy, dark web travel agencies have become one of the more sophisticated and profitable businesses.  According to the Wall Street Journal’s report on Trustwave’s findings, these shady companies use credit card fraud, compromised loyalty program accounts,…

Read more →

  There has been a significant concern raised regarding digital privacy and the practices of state surveillance as a result of an investigation conducted by mobile security firm Lookout. Police departments across China are using a sophisticated surveillance system, raising…

Read more →

  Cybersecurity experts from Google’s Threat Intelligence Group (GTIG) have uncovered a series of attacks targeting outdated SonicWall Secure Mobile Access (SMA) devices, which are widely used to manage secure remote access in enterprise environments.  These appliances, although no longer…

Read more →

In an unsettling development in the ongoing cyber conflict linked to the Russia-Ukraine war, Ukrainian-aligned hacking groups have claimed responsibility for a large-scale cyberattack targeting a major Russian drone manufacturing company. The targeted firm, identified as Gaskar Group, is believed…

Read more →

  Cybercriminals are increasingly leveraging an unexpected and largely unmonitored part of the internet’s infrastructure—the Domain Name System (DNS)—to hide malicious code and exploit security weaknesses. Security researchers at DomainTools have uncovered a campaign in which attackers embedded malware directly…

Read more →

  With healthcare facilities scrambling to pinpoint and address their top cyber threats, Fortified’s report provides some guidance on where to begin. The report identifies five major security gaps in healthcare organisations: inadequate asset inventories, a lack of unified risk…

Read more →

  Despite being organized and waged on a global scale, phishing-based tax fraud schemes that target the United Kingdom have emerged in recent years as a significant development in the fight against transnational cyber-enabled financial crime. An operation coordinated by…

Read more →

  A Russian blockchain engineer lost over $500,000 worth of cryptocurrencies in a sophisticated cyberattack, highlighting the persisting and increasing threats posed by hostile open-source packages. Even seasoned users can be duped into installing malicious software by attackers using public…

Read more →

According to security researchers, a critical set of vulnerabilities has been identified in UEFI firmware for a number of motherboards manufactured by Gigabyte, causing serious concerns about device integrity and long-term system security, as well as serious concerns regarding device…

Read more →

  A recently enhanced version of the Interlock remote access Trojan (RAT) is being deployed in an ongoing web-inject campaign linked to the ransomware group behind it. Known for its double-extortion tactics, Interlock has now shifted its technical approach with…

Read more →

  Cybersecurity researchers have identified a dangerous new twist to the notorious ClickFix malware tactic. The evolved variant—called FileFix—is now being weaponized in active ransomware campaigns, further advancing the threat landscape. ClickFix typically lures users by showing them a bogus…

Read more →

  Ransomware threats are rising fast in 2025, with the first half of the year already showing a sharp increase in attacks. New research shows that U.S.-based companies, small and medium-sized businesses, and firms in the manufacturing sector are currently…

Read more →

Despite the fact that operating systems like Windows and macOS continue to dominate the global market, Linux has gained a steady following among users who value privacy and security as well as cybersecurity professionals, thanks to its foundational principles: transparency,…

Read more →

  Episource, the medical billing behemoth, has warned millions of Americans that a hack earlier this year resulted in the theft of their private and medical data. According to a listing with the United States Department of Health and Human…

Read more →

  In early 2025, a cyberattack targeting healthcare technology provider Episource compromised the personal and medical data of over 5.4 million individuals in the United States. Though not widely known to the public, Episource plays a critical role in the…

Read more →

An alarming cyber threat has come to light involving common browser extensions used by millions across the world. According to a recent investigation by cybersecurity firm Koi Security, at least 18 browser add-ons, once considered safe were secretly turned into…

Read more →

  Southeast Asia has emerged as a global hotspot for cybercrimes, where human trafficking and high-tech fraud collide. Criminal syndicates operate large-scale “pig butchering” operations in nations like Cambodia and Myanmar, which are scam centres manned by trafficked individuals compelled…

Read more →

  In recent weeks, three major companies—Ingram Micro, United Natural Foods Inc. (UNFI), and McDonald’s—faced disruptive cybersecurity incidents. Despite operating in vastly different sectors—technology distribution, food logistics, and fast food retail—all three breaches stemmed from poor security fundamentals, not advanced…

Read more →

  An AI-powered automation system in professional environments, such as Google Gemini for Workspace, is vulnerable to a new security flaw. Using Google’s advanced large language model (LLM) integration within its ecosystem, Gemini enables the use of artificial intelligence (AI)…

Read more →

  In a surprising discovery, officials in Russia uncovered a secret cryptocurrency mining setup hidden inside a Kamaz truck parked near a village in the Buryatia region. The vehicle wasn’t just a regular truck, it was loaded with 95 mining…

Read more →

  The next front in the silent war, which is being waged with keystrokes and algorithms rather than missiles, is the digital infrastructure of a prominent legal firm in Washington, DC.  Wiley Rein, a company known for negotiating the complex…

Read more →

  A serious cyberattack recently targeted Gravity Forms, a widely used plugin for WordPress websites. This incident, believed to be part of a supply chain compromise, resulted in infected versions of the plugin being distributed through manual installation methods. What…

Read more →

  OpenAI is reportedly developing its own web browser, integrating artificial intelligence to offer users a new way to explore the internet. According to sources cited by Reuters, the tool is expected to be unveiled in the coming weeks, although…

Read more →

  It has been announced that researchers at Shanghai University have achieved a breakthrough in quantum computing that could have a profound impact on modern cryptographic systems. They achieved a significant leap in quantum computing. The team used a quantum…

Read more →

  In a targeted cyberattack that investigators suspect was politically motivated, a seasoned “hacktivist” allegedly acquired private data from over two million Columbia University students, applicants, and staff. The savvy hacktivist stole social security numbers, citizenship status, university-issued ID numbers,…

Read more →

In a recent security advisory, chipmaker AMD has confirmed the discovery of four new vulnerabilities in its processors. These issues are related to a type of side-channel attack, similar in nature to the well-known Spectre and Meltdown bugs that were…

Read more →

  It is becoming increasingly evident that every aspect of everyday life relies on digital systems in today’s hyper-connected world, from banking and shopping to remote work and social media, as well as cloud-based services. With more and more people…

Read more →

  As businesses adopt employee monitoring tools to improve output and align team goals, they must also consider the implications for privacy. The success of these systems doesn’t rest solely on data collection, but on how transparently and respectfully they…

Read more →

Credential theft and browser security were commonly found in Google Chrome browsers due to its wide popularity and usage. Recently, however, cyber criminals have started targeting Mozilla Firefox users. A recent report disclosed a total of eight malicious Firefox extensions…

Read more →

  Running AI applications locally offers a compelling alternative to relying on cloud-based chatbots like ChatGPT, Gemini, or Deepseek, especially for those concerned about data privacy, internet dependency, and speed. Though cloud services promise protections through subscription terms, the reality…

Read more →

  Cybersecurity researchers have discovered a malicious campaign that uses SEO-optimized phoney landing pages to propagate the Oyster malware loader.  Security experts at Arctic Wolf unearthed that threat actors have designed numerous landing sites that mimic two well-known Windows tools…

Read more →

  Artificial intelligence is starting to change how we interact with computers. Since advanced chatbots like ChatGPT gained popularity, the idea of AI systems that can understand natural language and perform tasks for us has been gaining ground. Many have…

Read more →

  In 2025, phone numbers have become woven into nearly every part of our digital lives. Whether you’re creating accounts on e-commerce sites, managing online banking, accessing health services, or logging in to social networks, your phone number is the…

Read more →

  < div style=”text-align: justify;”> Marks & Spencer (M&S), one of the largest and most established retailers in the United Kingdom, has confirmed that a highly targeted social engineering operation triggered the ransomware attack in April 2025. This breach, which…

Read more →

  A major data exposure has come to light after cybersecurity experts discovered an unsecured online storage system containing nearly 26 million documents, many of which appear to be resumes of job seekers in the United States. The exposed files…

Read more →

  Shellter Project, which makes a commercial AV/EDR evasion loader for penetration testing, admitted that hackers exploited its Shellter Elite product in assaults after a client leaked a copy of the software. The exploitation has been ongoing for several months,…

Read more →

  The software world is undergoing a fundamental shift. Thanks to AI, product development has become faster, easier, and more scalable than ever before. Tools like Cursor and Lovable—along with countless “co-pilot” clones—have turned coding into prompt engineering, dramatically reducing…

Read more →

False AI summaries leading to phishing attacks Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Google…

Read more →

  An investigation has been conducted into a significant cybersecurity incident that occurred in 2025 at Telefónica, a global telecommunications company serving millions across Europe and Latin America. In addition to allegedly obtaining a considerable cache of confidential corporate data…

Read more →

  Healthcare organisations provide an essential service that, if disrupted by a cyber attack, could jeopardise patient safety, disrupt care delivery, and even result in death. In the case of a security incident, the implications could impact not only the…

Read more →

  As artificial intelligence becomes more common in businesses, from retail to finance to technology— it’s helping teams make faster decisions. But behind these smart predictions is a growing problem: how do you make sure employees only see what they’re…

Read more →

  A new study by NordVPN has revealed a serious cybersecurity issue plaguing the education sector: widespread reliance on weak and easily guessable passwords. Universities, schools, and training centres continue to be highly vulnerable due to the reuse of simple…

Read more →

   NVIDIA has issued a renewed advisory encouraging customers to activate System Level Error-Correcting Code (ECC) protections to defend against Rowhammer attacks targeting GPUs equipped with GDDR6 memory. This heightened warning follows recent research from the University of Toronto demonstrating…

Read more →

Cybersecurity experts are tracing Mamona, a new ransomware strain that is famous for its stripped-down build and silent local execution. Experts believe that the ransomware prevents the usual command-and-control (C2) servers, choosing instead a self-contained method that moves past tools…

Read more →

  An assault on Ingram Micro’s global network started on July 3, which crippled parts of the company’s global network as well as disrupted its ordering portals and customer service channels. Ingram Micro is currently restoring critical systems.  It became…

Read more →

CISA confirms bug exploit The US Cybersecurity & Infrastructure Security Agency (CISA) confirms active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777 in Citrix NetScaler ADC and Gateway. It has given federal parties one day to patch the bugs. This unrealistic…

Read more →

  Cybersecurity researchers have uncovered a troubling risk tied to how popular AI chatbots answer basic questions. When asked where to log in to well-known websites, some of these tools may unintentionally direct users to the wrong places, putting their…

Read more →

  Scamfluencers, a rising category of deceptive internet personalities, are leveraging their online influence to run sophisticated scams that have already cost Americans an estimated $1.9 billion in 2024.  These individuals masquerade as experts in finance, health, or other trusted…

Read more →

  A growing number of cybercriminals are becoming more sophisticated and dangerous in the hyperconnected digital world of today. These criminals use advanced methods to exploit individuals and organisations who are not expecting them. To lure victims into divulging confidential…

Read more →

  DeepSeek, a competitor of ChatGPT, may face legal ramifications in the European Union after the Berlin Commissioner for Data Protection ordered that Google and Apple remove the AI app from their stores.  After discovering that the DeepSeek app violates…

Read more →

  Hunters International, a ransomware-as-a-Service (RaaS) outfit, shut down operations and will provide free decryptors to victims seeking to restore their data without paying a ransom.  “After careful consideration and in light of recent developments, we have decided to close…

Read more →

  Ingram Micro, one of the world’s largest IT distribution and services companies, has confirmed it was targeted in a ransomware attack by the SafePay group, causing major operational disruptions across its global network. The cyberattack, which began early on…

Read more →

  Travellers are experiencing an increase in privacy concerns as the threat of hidden surveillance devices has increased in accommodations. From boutique hotels to Airbnb rentals to hostels, the reports that concealed cameras have been found to have been found…

Read more →

A security bug in a stealthy Android spyware operation, “Catwatchful,” has exposed full user databases affecting its 62,000 customers and also its app admin. The vulnerability was found by cybersecurity expert Eric Daigle reported about the spyware app’s full database…

Read more →

  A new online scam is targeting people who work in the cryptocurrency industry, using fake job offers and interviews to trick them into installing harmful software on their devices. According to a report by cybersecurity researchers at Cisco Talos,…

Read more →

  The latest update to the MITRE ATT&CK framework—version 17—has brought hypervisor security into sharp focus, prompting a necessary shift in how organizations view the core of their virtualized infrastructure. For the first time, VMware ESXi hypervisors have received a…

Read more →

  Shimla, June 10 — The official website of Himachal Pradesh University (HPU) experienced an unexpected breach earlier this week, when its homepage was briefly altered to display inappropriate and anti-national content. The incident prompted immediate action, with the university…

Read more →

  Microsoft claims that the cloud-based email security suite Defender for Office 365 can now automatically detect and prevent email bombing attacks.  Defender for Office 365 (previously known as Office 365 Advanced Threat Protection or Office 365 ATP) guards organisations…

Read more →

  A team of Chinese researchers has unveiled a new blockchain storage solution designed to withstand the growing threat posed by quantum computers. Blockchain, widely regarded as a breakthrough for secure, decentralized record-keeping in areas like finance and logistics, could…

Read more →

  Federal investigators have warned that the cyberextortion collective known as Scattered Spider is steadily expanding its reach to cover airlines and their technology vendors, a fresh alarm that has just been sounded for the aviation sector. According to an…

Read more →

  In a disturbing cybersecurity development, researchers at Koi Security have uncovered more than 40 malicious Firefox browser extensions impersonating popular cryptocurrency wallets. These extensions, found on Mozilla’s official add-ons store, are designed to steal sensitive wallet credentials and recovery…

Read more →

  There has been a considerable escalation in efforts by the United States towards combating cyber-enabled threats. As a result of the increase in efforts, the United States has officially blacklisted Aeza Group, a Russian supplier of bulletproof hosting services…

Read more →