Category: CySecurity News – Latest Information Security and Hacking Incidents

  The Co-operative Group in the United Kingdom has revealed the extent of the damage caused by the cyberattack it suffered earlier this year. In its interim financial report for the first half of 2025, the company announced an £80…

Read more →

  Artificial intelligence has undeniably transformed productivity and daily life, but its development has also concentrated power in the hands of a few corporations. Giants such as Google (Gemini), OpenAI (ChatGPT), X (Grok), and Anthropic (Claude) dominate the ecosystem, holding…

Read more →

Is the Gemini browser collecting user data? A new warning for 2 billion Chrome users, Google has announced that its browser will start collecting “sensitive data” on smartphones. “Starting today, we’re rolling out Gemini in Chrome,” Google said, which will…

Read more →

  Karnataka has earned the unfortunate distinction of being the cybercrime capital of India, accounting for more than a quarter of all reported cases in the country. According to the latest data released by the National Crime Records Bureau (NCRB),…

Read more →

  People’s dependence on digital systems is deeper than ever, leaving individuals and businesses more exposed to cyber risks and data breaches. From the infamous 2017 Equifax incident to the recent cyberattack on Marks & Spencer, online operations remain highly…

Read more →

  It is becoming increasingly evident that as digital technologies are woven deeper into our everyday lives, questions about how personal data is collected, used, and protected are increasingly at the forefront of public discussion.  There is no greater symbol…

Read more →

  Google Project Zero has uncovered a sophisticated technique for bypassing Address Space Layout Randomization (ASLR) protections on Apple devices, targeting a fundamental issue in Apple’s serialization framework. Security researcher Jann Horn described how deterministic behaviors in NSKeyedArchiver and NSKeyedUnarchiver…

Read more →

A single line of malicious code hidden in a counterfeit npm package has exposed potentially thousands of sensitive emails every day, raising fresh alarms about software supply-chain security.  The package, uploaded to npm under the name postmark-mcp, impersonated the legitimate…

Read more →

  Canadian police have shut down the cryptocurrency trading platform TradeOgre and seized digital assets valued at more than $40 million USD, marking both the country’s largest cryptocurrency seizure and the first time a crypto exchange has been dismantled by…

Read more →

  A ransomware operation claiming affiliation with the Medusa gang attempted to recruit BBC cybersecurity correspondent Joe Tidy as an insider threat, offering him substantial financial incentives in exchange for access to the broadcaster’s systems.  The threat actor, using the…

Read more →

An incident at the Federal Emergency Management Agency allowed threat actors to steal employee data from the US Customs and Border Protection and the disaster management office. The breach has allegedly triggered the removal of dozens of Federal Emergency Management…

Read more →

  Researchers have uncovered a previously undocumented Android banking trojan, dubbed Datzbro, that is being used in device-takeover campaigns aimed squarely at older adults. ThreatFabric, a Dutch mobile security firm, first tied the activity to a social-engineering network in August…

Read more →

  In today’s digitised world, where artificial intelligence tools are rapidly reshaping the way people work, communicate, and work together, it’s important to be aware that a quiet but pressing risk has emerged-that what individuals choose to share with chatbots…

Read more →

  Cybersecurity researchers at Cyble have revealed 22 vulnerabilities currently being exploited by threat actors, with nine of them missing from the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog. In its latest blog post, Cyble…

Read more →

  Phishing has long been associated with deceptive emails, but attackers are now widening their reach. Malicious links are increasingly being delivered through social media, instant messaging platforms, text messages, and even search engine ads. This shift is reshaping the…

Read more →

  Cloud misconfigurations persist as the foremost driver of cloud breaches in 2025, revealing deep-seated challenges in both technological and operational practices across organizations.  While cloud services promise remarkable agility and scale, the complexity of modern infrastructure and oversight failures…

Read more →

  A malicious npm package called fezbox was recently uncovered using an unusual trick: it pulls a dense QR code image from the attacker’s server and decodes that barcode to deliver a second-stage payload that steals browser cookies and credentials.…

Read more →

It has been reported that American Income Life, one of the world’s largest supplemental insurance providers, is now under close scrutiny following reports of a massive cyberattack that may have compromised the personal and insurance records of hundreds of thousands…

Read more →

  At DEF CON 33, independent security researcher Marek Tóth revealed a new class of attack called DOM-based extension clickjacking that can manipulate browser-based password managers and, in limited scenarios, hijack passkey authentication flows. This is not a failure of…

Read more →

  In recent months, reports of retail data breaches have surfaced with alarming frequency, showing that both luxury and high-street retailers are under relentless attack. During the second quarter of 2025, ransomware incidents publicly disclosed in the global retail sector…

Read more →