Category: CySecurity News – Latest Information Security and Hacking Incidents

  The Maryland Transit Administration (MTA), operator of one of the largest multi-modal transit systems in the United States, is currently investigating a ransomware attack that has disrupted its Mobility paratransit service for disabled travelers.  While the agency’s core transit…

Read more →

  A recent investigation by Google’s security researchers has revealed a cyber operation linked to China that is targeting diplomats in Southeast Asia. The group behind the activity, tracked as UNC6384, has been found hijacking web traffic through deceptive Wi-Fi…

Read more →

  The first half of 2025 witnessed more than 8 million distributed denial-of-service (DDoS) attacks worldwide, according to new figures from Netscout. The EMEA region absorbed over 3.2 million incidents, with peak strikes hitting 3.12 Tbps in speed and 1.5…

Read more →

  Security researchers recently identified a piece of malware named PromptLock that uses a local artificial intelligence model to help create and run harmful code on infected machines. The finding comes from ESET researchers and has been reported by multiple…

Read more →

  Microsoft has issued a warning about Storm-0501, a threat actor that has significantly evolved its tactics, moving away from traditional ransomware encryption on devices to targeting cloud environments for data theft, extortion, and cloud-based encryption. Instead of relying on…

Read more →

A ransomware attack is an organization’s worst nightmare. Not only does it harm the confidentiality of the organizations and their customers, but it also drains money and causes damage to the reputation. Defenders have been trying to address this serious…

Read more →

  A whistleblower has alleged that Social Security information belonging to over 300 million Americans was compromised when Department of Government Efficiency (DOGE) personnel uploaded sensitive data to a cloud storage system lacking adequate security oversight. The potentially exposed information…

Read more →

  A massive healthcare data breach has exposed the sensitive information of more than 624,000 individuals, putting Social Security numbers, financial details, and account credentials at risk. The breach targeted Healthcare Services Group Inc. (HSGI), a Pennsylvania-based company that manages…

Read more →

  A recent cyberattack on Salesforce customers has prompted Workiva to disclose a breach linked to a recent wave of attacks, serving as a reminder of the increasing cybersecurity risks faced by global organisations. Workiva provides financial reporting, compliance, and…

Read more →

  Today, in a world where people are increasingly connected, the home wireless network has become an integral part of daily life. It powers everything from remote working to digital banking to entertainment to smart appliances, personal communication, and smart…

Read more →

  A recent cyber incident has brought to light how one weak link in software integrations can expose sensitive business information. Salesloft, a sales automation platform, confirmed that attackers exploited its Drift chat integration with Salesforce to steal tokens that…

Read more →

Chief information security officers (CISOs) are worried about the dangers of a cyberattack, and there is an anxiety due to the material losses of data that organizations have suffered in the past year. According to a report by Proofpoint, the…

Read more →

  Google is preparing to roll out a new security feature in its Messages app that adds another layer of protection against impersonation scams. The update, now available in beta, introduces a QR code system to verify whether the person…

Read more →

  Spotify has introduced an in-app messaging feature called “Messages,” allowing users to share music, podcasts, and audiobooks directly within the app. This new feature aims to make music sharing easier and more social by keeping conversations about content within…

Read more →

Experts have found a malicious npm package that consists of stealthy features to deploy malicious code into pc apps targeting crypto wallets such as Exodus and Atomic.  About the package Termed as “nodejs-smtp,” the package imitates the genuine email library…

Read more →

  In a major cybersecurity incident which has caused major disruption to the operations of Jaguar Land Rover, it highlights the growing vulnerability of automakers across the world to cyberattacks, underlining the increasing need to maintain communication channels between automakers…

Read more →

  Google announced a new step to make Android apps safer: starting next year, developers who distribute apps to certified Android phones and tablets, even outside Google Play, will need to verify their legal identity. The change ties every app…

Read more →

  Data I/O, a leading manufacturer specializing in device programming and security provisioning solutions, experienced a major ransomware attack in August 2025 that crippled core operations and raised industry-wide concerns about supply chain vulnerabilities in the technology sector. The attack,…

Read more →

  Researchers have uncovered a malicious Go package disguised as an SSH brute-force tool that secretly collects and transmits stolen credentials to an attacker-controlled Telegram bot. The package, named golang-random-ip-ssh-bruteforce, first appeared on June 24, 2022, and was linked to…

Read more →

  Zscaler has confirmed that it is among the latest organizations to be impacted by a major supply chain attack exploiting the Salesloft Drift application, which integrates with Salesforce.  According to the company, attackers managed to steal OAuth tokens tied…

Read more →