Category: CySecurity News – Latest Information Security and Hacking Incidents

  A newly released report from managed detection and response firm Expel Inc. reveals an advanced variant of the Shai Hulud malware, highlighting how software supply chain attacks are moving beyond isolated malicious packages to large-scale, self-spreading campaigns that exploit…

Read more →

  Romania’s national water management authority, Administrația Națională Apele Române (Romanian Waters), was targeted in a sophisticated ransomware attack on December 20, 2025, compromising approximately 1,000 IT systems across the organization. The cyberattack affected 10 of the country’s 11 regional…

Read more →

IT helps desks be ready for an evolving threat that sounds like a Hollywood movie title. In December 2025, Okta Threat Intelligent published a report that explained how hackers can gain unauthorized access to payroll software. These threats are infamous…

Read more →

  The WebRAT malware is being distributed through GitHub repositories that falsely claim to host proof-of-concept exploits for recently disclosed security vulnerabilities. This marks a shift in the malware’s delivery strategy, as earlier campaigns relied on pirated software and cheats…

Read more →

  Hackers stole more than $2.7 billion in cryptocurrency in 2025, setting a new annual record for crypto-related thefts, according to data from multiple blockchain monitoring firms.  The losses were driven by dozens of attacks on cryptocurrency exchanges and decentralized…

Read more →

During the years 2026, Japan positioned economic strategy and security readiness as deeply intertwined priorities, emphasizing national resilience as a core priority. This package of comprehensive economic measures was approved by the Japanese government in November 2025 for a cost…

Read more →

  Shinhan Card, South Korea’s largest credit card issuer, said on December 23 that personal data linked to about 190,000 merchant representatives was improperly accessed and shared by employees over a three year period, highlighting ongoing concerns around internal data…

Read more →

  At the start of 2026, a significant cybersecurity breach that was disclosed heightened awareness of digital vulnerabilities within the American insurance industry, after Aflac, one of the largest supplemental insurance providers in the country, confirmed that a sophisticated cyberattack,…

Read more →

  Microsoft is updating Windows 11 with hardware-accelerated BitLocker to improve both data security and system performance. The change enhances full-disk encryption by shifting cryptographic work from the CPU to dedicated hardware components within modern processors, helping systems run more…

Read more →

  Google is reportedly preparing to extend a smart assistance feature beyond its Pixel smartphones to the wider Android ecosystem. The functionality, referred to as Contextual Suggestions, closely resembles Magic Cue, a software feature currently limited to Google’s Pixel 10…

Read more →

  A severe security flaw has been identified in the n8n workflow automation platform that could allow attackers to run arbitrary code in specific scenarios. The vulnerability, assigned CVE-2025-68613, has been rated 9.9 on the CVSS scale, highlighting its critical…

Read more →

Google starts emergency location service in India Google recently announced the launch of its Emergency Location Service (ELS) in India for compatible Android smartphones. It means that users who are in an emergency can call or contact emergency service providers…

Read more →

  Cybersecurity researchers have identified a new darknet-based artificial intelligence tool that allows threat actors to automate cyberattacks, generate malicious code and produce illegal content, raising concerns about the growing criminal misuse of AI.  The tool, known as DIG AI,…

Read more →

  Two malicious Chrome extensions named Phantom Shuttle have been discovered to have acted as proxies and network test tools while stealing internet browsing and private information from people’s browsers without their knowledge. According to security researchers from Socket, these…

Read more →

  A large collection of data reportedly taken from Spotify has surfaced online, drawing attention to serious issues around copyright protection, digital security, and large-scale data misuse. The dataset, which is estimated to be close to 300 terabytes in size,…

Read more →

  The Indian government has expressed concern over WhatsApp banning an average of nearly 9.8 million Indian accounts every month until October, amid fears that Indian mobile numbers are being widely misused for scams and cybercrime. Officials familiar with the…

Read more →

  The Bengaluru Central Cyber Crime unit has taken legal steps to investigate allegations that explicit content was being distributed across the mainstream social media platforms in coordinated fashion, showing the ever-evolving challenges in the transformation of police work in…

Read more →

A high-severity security bug impacting Open WebUI has been found by experts. It may expose users to account takeover (ATO) and, in some incidents, cause full server compromise.  Talking about WebUI, Cato researchers said, “When a platform of this size…

Read more →

  Amazon recently uncovered a North Korean IT worker infiltrating its corporate network by tracking a tiny 110ms delay in keystrokes, highlighting a growing threat in remote hiring and cybersecurity. The anomaly, revealed by Amazon’s Chief Security Officer Stephen Schmidt,…

Read more →

  Spotify reported that a third party had scraped parts of its music catalogue after a pirate activist group claimed it had released metadata and audio files linked to hundreds of millions of tracks.  The streaming company said an investigation…

Read more →