Category: CySecurity News – Latest Information Security and Hacking Incidents

  The recent Nx “s1ngularity” NPM supply chain attack has led to a massive security fallout, exposing thousands of account tokens and repository secrets, according to Wiz researchers. A post-incident analysis revealed that the breach compromised 2,180 accounts and 7,200…

Read more →

  It has been reported that on September 11, 2025, nearly 600 gigabytes of classified materials linked to the Great Firewall of China have emerged online in a breach of China’s closely guarded internet censorship machinery, which is a breach…

Read more →

  Smart electricity meters, once simple devices for recording household consumption, are now central to modern energy systems. They track usage patterns, support grid balancing, and enable predictive maintenance. But as their role has expanded, so has the volume of…

Read more →

  VirusTotal has uncovered a sophisticated phishing campaign that leverages SVG (Scalable Vector Graphics) files to bypass traditional antivirus detection while impersonating Colombia’s judicial system. The campaign was discovered after VirusTotal added SVG support to its AI Code Insight platform,…

Read more →

  Czechia’s National Cyber and Information Security Agency (NÚKIB) has issued a stark warning about rising cyber espionage campaigns linked to China and Russia, urging both government institutions and private companies to strengthen their security measures. The agency classified the…

Read more →

Hackers stole government data from organizations in Panama and Vietnam in multiple cyber attacks that surfaced recently. About the incident According to Vietnam’s state news outlet, the Cyber Emergency Response Team (VNCERT) confirmed reports of a breach targeting the National…

Read more →

  More than a year after SonicWall released a patch for CVE-2024-40766, a critical vulnerability affecting its next-generation firewalls, attackers linked to the Akira ransomware-as-a-service operation continue to exploit the flaw to breach organizations. Similar to incidents in September 2024…

Read more →

In a world where almost every service depends on digital connections, one type of information underpins much of our daily lives: spatial data. This data links activities to a place and time, revealing not just “where” something happens, but also…

Read more →

  The Indian Cybercrime Coordination Centre (I4C), operating under the Ministry of Home Affairs, has issued a warning about a new and highly sophisticated digital scam that leverages fake eSIM activation to commit financial fraud. Unlike traditional methods of cybercrime…

Read more →

  Researchers in the field of cybersecurity are warning that a sophisticated phishing-as-a-service (PhaaS) platform known as VoidProxy is being used by criminal groups for the purpose of evading widespread security controls and is demonstrating just how far this technology…

Read more →

  U.S. district schools are facing a surge in sophisticated cyberattacks, but districts are pushing back by combining strong fundamentals, people-centered training, state partnerships, and community resilience planning to build cyber safety into everyday culture .  Rising threat landscape  An…

Read more →

Sitecore bug abused Threat actors exploited a zero-day bug in legacy Sitecore deployments to install WeepSteel spying malware.  The bug, tracked as CVE-2025-53690, is a ViewState deserialization flaw caused by the addition of a sample ASP.NET machine key in pre-2017…

Read more →

  Cybercriminals behind ransomware attacks are adopting new intimidation methods to push victims into paying up. In a recent case, the LunaLock ransomware gang has escalated tactics by threatening to sell stolen artwork for AI training datasets. The popular platform…

Read more →

Around a quarter of a billion identity records were left publicly accessible, exposing people located in seven countries- Saudi Arabia, the United Arab Emirates, Canada, Mexico, South Africa, Egypt, and Turkey.  According to experts from Cybernews, three misconfigured servers, registered…

Read more →

  As a striking example of how emerging technologies are used as weapons for deception, a Bengaluru-based woman of 57 was deceived out of Rs 3.75 crore by an AI-generated deepfake video supposedly showing the spiritual leader Sadhguru. The video…

Read more →

  Bridgestone Americas has confirmed it is investigating a cyber incident that disrupted operations at several of its tire manufacturing plants in North America. The company emphasized that its response team contained the issue quickly, limiting the scope of the…

Read more →

  In 2025, the browser has become one of the primary battlefields for cybercriminals. Once considered a simple access point to the internet, it now serves as the main gateway for employees into critical business applications and sensitive data. This…

Read more →

  A 54-year-old resident of Shipra Suncity, Indirapuram, Ghaziabad, fell victim to a sophisticated eSIM fraud that resulted in the loss of ₹18.48 lakh from her bank accounts. Arti Kaul was targeted by cybercriminals who posed as Airtel customer service…

Read more →

  Researchers from UC Davis, Maastricht University, and other institutions have uncovered widespread silent keystroke interception across websites, revealing that many sites collect user typing data before forms are ever submitted. The study examined how third-party scripts capture and share…

Read more →

  Disney has agreed to pay millions of dollars in penalties to resolve allegations brought by the Federal Trade Commission (FTC) that it unlawfully collected personal data from young viewers on YouTube without securing parental consent. Federal law under the…

Read more →