Category: CySecurity News – Latest Information Security and Hacking Incidents

30 malicious Chrome extensions used by over 300,000 users are pretending to be AI assistants to steal credentials, browsing information, and email content. Few extensions are still active in the Chrome Web Store and have been downloaded by tens of…

Read more →

  Tesla is cutting several car models and scaling back its electric vehicle ambitions as it shifts focus towards robotics and artificial intelligence, marking a major strategic turning point for the company. The move comes after Tesla reported its first…

Read more →

  A surge of traffic unprecedented to the public internet occurred in November 2025 for thirty five seconds. The acceleration was immediate and absolute, peaking at 31.4 terabits per second before dissipating nearly as quickly as it formed. As the…

Read more →

  Cybersecurity investigators at Google have confirmed that state-sponsored hacking groups are actively relying on generative artificial intelligence to improve how they research targets, prepare cyber campaigns, and develop malicious tools. According to the company’s threat intelligence teams, North Korea–linked…

Read more →

  Panera Bread has allegedly fallen victim to a cyberattack carried out by the notorious hacking collective ShinyHunters, with millions of customer records said to have been stolen. The threat group recently listed Panera Bread, along with CarMax and Edmunds,…

Read more →

  Over six thousand SmarterMail systems sit reachable online, possibly at risk due to a serious login vulnerability, found by the nonprofit cybersecurity group Shadowserver. Attention grows as hackers increasingly aim for outdated corporate mail setups left unprotected.   On…

Read more →

  A legal conflict between online creators and companies dedicated to artificial intelligence has entered an increasingly personal and sharper stage. In recent weeks, well-known YouTubers have filed suits in federal court against Snap alleging that the company built its…

Read more →

Palo Alto Network pulls back According to two people familiar with the situation, Palo Alto Networks (PANW.O), which opens a new tab, decided against linking China to a global cyberespionage effort that the company revealed last week out of fear…

Read more →

  The HoneyMyte threat group, also known as Mustang Panda or Bronze President, has escalated its cyber espionage efforts by significantly upgrading its CoolClient backdoor malware. This China-linked advanced persistent threat (APT) actor, active since at least 2012, primarily targets…

Read more →

  Cybersecurity researchers have identified multiple coordinated cyber espionage campaigns targeting organizations connected to India’s defense sector and government ecosystem. These operations are designed to infiltrate both Windows and Linux systems using remote access trojans that allow attackers to steal…

Read more →

  The Model Context Protocol (MCP) continues to face mounting security concerns that show no signs of fading. When vulnerabilities were first highlighted last October, early research already pointed to serious risks. Findings from Pynt indicated that installing just 10…

Read more →

Purposely flawed training apps are largely used for security education, product demonstrations, and internal testing. Tools like bWAPP, OWASP Juice Shop, and DVWA are built to be unsafe by default, making them useful to learn how common attack tactics work…

Read more →

  A breach transformed the AgreeTo plug-in for Microsoft Outlook – once meant for organizing meetings – into a weapon that harvested over four thousand login details. Though built by a third-party developer and offered through the official Office Add-in…

Read more →

In the shadows of geopolitics, KONNI has been operating quietly for more than a decade, building on its playbook of carefully staged spear-phishing campaigns and political lures targeted at South Korean institutions. In the past, KONNI’s operations followed the fault…

Read more →

  Researchers at Varonis have discovered a new malware-as-a-service (MaaS) offering, dubbed “Stanley,” which allows malicious Chrome extensions to evade Google’s review process and be listed on the official Chrome Web Store. Dubbed after the alias of the seller, Stanley…

Read more →

  Security monitoring teams are tracking a new ransomware strain called Reynolds that merges system sabotage and file encryption into a single delivery package. Instead of relying on separate utilities to weaken defenses, the malware installs a flawed system driver…

Read more →

The IT workers related to the Democratic People’s Republic of Korea (DPRK) are now applying for remote jobs using LinkedIn accounts of other individuals. This attack tactic is unique.  According to the Security Alliance (SEAL) post on X, “These profiles…

Read more →

  Fixed income manager FIIG Securities has been ordered by the Federal Court to pay $2.5 million in penalties over serious cybersecurity shortcomings. The ruling follows findings that the firm failed to adequately safeguard client data over a four-year period,…

Read more →

  Air gaps, long hailed as the ultimate defense for sensitive data, are under siege according to Black Hat researcher Mordechai Guri. In a compelling presentation, Guri demonstrated multiple innovative methods to exfiltrate information from supposedly isolated computers, shattering the…

Read more →

  As Safer Internet Day 2026 approaches, expanding AI capabilities and a rise in network-based attacks are reshaping digital risk. Automated systems now drive both legitimate platforms and criminal activity, prompting leaders at Ping Identity, Cloudflare, KnowBe4, and WatchGuard to…

Read more →