Category: CySecurity News – Latest Information Security and Hacking Incidents

  As the festive season rolls in with cozy drinks, twinkling lights and gift exchanges, it also brings a sharp spike in online scams. Cybercriminals are working overtime during the holidays, using increasingly advanced tactics to trick people into clicking…

Read more →

The surveillance industry banned a stalkerware maker after a data breach leaked information of its customers and the people they were spying on. Consumer spyware company Support King can’t sell the surveillance software now, the US Federal Trade Commission (FTC)…

Read more →

  CyberVolk, a pro-Russian hacktivist collective, has intensified its campaign of ransomware-driven intimidation against entities perceived as hostile to Moscow in the past year, marking a notable change in both scale and presentation, marking a notable shift in its operations. …

Read more →

  Analyst company Gartner has issued a recommendation to block AI-powered browsers to help organizations protect business data and cybersecurity. The company says most of these agentic browsers—browsers using autonomous AI models for interacting with web content and automating tasks…

Read more →

  Home renovations are often regarded as investments; however, not every upgrade enhances a home’s function, character, or resale value. Designers specializing in working with properties that are older generally emphasize that intelligent, budget-savvy decisions bear greater importance than drastic…

Read more →

Using AI agents for data exfiltrating and RCE A six-month research into AI-based development tools has disclosed over thirty security bugs that allow remote code execution (RCE) and data exfiltration. The findings by IDEsaster research revealed how AI agents deployed…

Read more →

  Attackers are using GitHub as part of a campaign to spread a novel JavaScript-based RAT called PyStoreRAT, masquerading as widely used OSINT, GPT, and security utilities targeting developers and analysts. The malware campaign leverages small pieces of Python or…

Read more →

  A new wave of competition is stirring in the browser market as companies like OpenAI, Perplexity, and The Browser Company aggressively push to redefine how humans interact with the web. Rather than merely displaying pages, these AI browsers will…

Read more →

Following confirmation that two previously unknown security flaws had been actively exploited in the wild on Friday, Apple rolled out a series of security updates across its entire software ecosystem to address this issue, further demonstrating the continued use of…

Read more →

  Just a few years after its launch, ChatGPT has evolved into a go-to digital assistant for tasks ranging from quick searches to event planning. While it undeniably offers convenience, treating it as an all-knowing authority can be risky. ChatGPT…

Read more →

Government faces backlash over location-tracking proposal The Indian government is pushing a telecom industry proposal that will compel smartphone companies to allow satellite location tracking that will be activated 24×7 for surveillance.  Tech giants Samsung, Google, and Apple have opposed…

Read more →

  Brave has started testing a new feature that allows its built-in assistant, Leo, to carry out browsing activities on behalf of the user. The capability is still experimental and is available only in the Nightly edition of the browser,…

Read more →

  Asus has confirmed a security breach via one of its third-party suppliers after the Everest ransomware group claimed it had accessed internal materials belonging to the company. In its statement, Asus confirmed that a supply chain vendor “was hacked,”…

Read more →

  Intellexa is one of the most controversial and persistent players in the shadowy world of commercial cyber-espionage, even though mounting scrutiny, international sanctions, and ongoing investigations have led to increased scrutiny and investigation.  Although it is best known for…

Read more →

  A new record-breaking 29.7 Tbps distributed denial-of-service (DDoS) attack launched via the Aisuru botnet has set a new standard for internet disruption and reinforced that multi-terabit attacks are on track to soon be an everyday event for DDoS defenders.…

Read more →

  The Federal Bureau of Investigation has issued a new advisory warning people about a growing extortion tactic in which criminals take photos posted online, manipulate them, and present the edited images as supposed evidence during fake kidnapping attempts. The…

Read more →

Hackers actively exploit zero-day bug Threat actors are abusing a zero-day bug in Gogs- a famous self-hosted Git service. The open source project hasn’t fixed it yet. About the attack  Over 700 incidents have been impacted in these attacks. Wiz…

Read more →

  Pet wellness brand Petco has temporarily taken parts of its Vetco Clinics website offline after a security failure left large amounts of customer information publicly accessible. TechCrunch notified the company about the exposed Vetco customer and pet data, after…

Read more →

  Ivanti is urging customers to quickly patch a critical vulnerability in its Endpoint Manager (EPM) product that could let remote attackers execute arbitrary JavaScript in administrator sessions through low-complexity cross-site scripting (XSS) attacks.The issue, tracked as CVE-2025-10573, affects the…

Read more →

  While December’s Patch Tuesday gave us a lighter release than normal, it arrived with several urgent vulnerabilities that need attention immediately. In all, Microsoft released 57 CVE patches to finish out 2025, including one flaw already under active exploitation…

Read more →