Category: CySecurity News – Latest Information Security and Hacking Incidents

In an unsettling development in the ongoing cyber conflict linked to the Russia-Ukraine war, Ukrainian-aligned hacking groups have claimed responsibility for a large-scale cyberattack targeting a major Russian drone manufacturing company. The targeted firm, identified as Gaskar Group, is believed…

Read more →

  Cybercriminals are increasingly leveraging an unexpected and largely unmonitored part of the internet’s infrastructure—the Domain Name System (DNS)—to hide malicious code and exploit security weaknesses. Security researchers at DomainTools have uncovered a campaign in which attackers embedded malware directly…

Read more →

  With healthcare facilities scrambling to pinpoint and address their top cyber threats, Fortified’s report provides some guidance on where to begin. The report identifies five major security gaps in healthcare organisations: inadequate asset inventories, a lack of unified risk…

Read more →

  Despite being organized and waged on a global scale, phishing-based tax fraud schemes that target the United Kingdom have emerged in recent years as a significant development in the fight against transnational cyber-enabled financial crime. An operation coordinated by…

Read more →

  A Russian blockchain engineer lost over $500,000 worth of cryptocurrencies in a sophisticated cyberattack, highlighting the persisting and increasing threats posed by hostile open-source packages. Even seasoned users can be duped into installing malicious software by attackers using public…

Read more →

According to security researchers, a critical set of vulnerabilities has been identified in UEFI firmware for a number of motherboards manufactured by Gigabyte, causing serious concerns about device integrity and long-term system security, as well as serious concerns regarding device…

Read more →

  A recently enhanced version of the Interlock remote access Trojan (RAT) is being deployed in an ongoing web-inject campaign linked to the ransomware group behind it. Known for its double-extortion tactics, Interlock has now shifted its technical approach with…

Read more →

  Cybersecurity researchers have identified a dangerous new twist to the notorious ClickFix malware tactic. The evolved variant—called FileFix—is now being weaponized in active ransomware campaigns, further advancing the threat landscape. ClickFix typically lures users by showing them a bogus…

Read more →

  Ransomware threats are rising fast in 2025, with the first half of the year already showing a sharp increase in attacks. New research shows that U.S.-based companies, small and medium-sized businesses, and firms in the manufacturing sector are currently…

Read more →

Despite the fact that operating systems like Windows and macOS continue to dominate the global market, Linux has gained a steady following among users who value privacy and security as well as cybersecurity professionals, thanks to its foundational principles: transparency,…

Read more →

  Episource, the medical billing behemoth, has warned millions of Americans that a hack earlier this year resulted in the theft of their private and medical data. According to a listing with the United States Department of Health and Human…

Read more →

  In early 2025, a cyberattack targeting healthcare technology provider Episource compromised the personal and medical data of over 5.4 million individuals in the United States. Though not widely known to the public, Episource plays a critical role in the…

Read more →

An alarming cyber threat has come to light involving common browser extensions used by millions across the world. According to a recent investigation by cybersecurity firm Koi Security, at least 18 browser add-ons, once considered safe were secretly turned into…

Read more →

  Southeast Asia has emerged as a global hotspot for cybercrimes, where human trafficking and high-tech fraud collide. Criminal syndicates operate large-scale “pig butchering” operations in nations like Cambodia and Myanmar, which are scam centres manned by trafficked individuals compelled…

Read more →

  In recent weeks, three major companies—Ingram Micro, United Natural Foods Inc. (UNFI), and McDonald’s—faced disruptive cybersecurity incidents. Despite operating in vastly different sectors—technology distribution, food logistics, and fast food retail—all three breaches stemmed from poor security fundamentals, not advanced…

Read more →

  An AI-powered automation system in professional environments, such as Google Gemini for Workspace, is vulnerable to a new security flaw. Using Google’s advanced large language model (LLM) integration within its ecosystem, Gemini enables the use of artificial intelligence (AI)…

Read more →

  In a surprising discovery, officials in Russia uncovered a secret cryptocurrency mining setup hidden inside a Kamaz truck parked near a village in the Buryatia region. The vehicle wasn’t just a regular truck, it was loaded with 95 mining…

Read more →

  The next front in the silent war, which is being waged with keystrokes and algorithms rather than missiles, is the digital infrastructure of a prominent legal firm in Washington, DC.  Wiley Rein, a company known for negotiating the complex…

Read more →

  A serious cyberattack recently targeted Gravity Forms, a widely used plugin for WordPress websites. This incident, believed to be part of a supply chain compromise, resulted in infected versions of the plugin being distributed through manual installation methods. What…

Read more →

  OpenAI is reportedly developing its own web browser, integrating artificial intelligence to offer users a new way to explore the internet. According to sources cited by Reuters, the tool is expected to be unveiled in the coming weeks, although…

Read more →

  It has been announced that researchers at Shanghai University have achieved a breakthrough in quantum computing that could have a profound impact on modern cryptographic systems. They achieved a significant leap in quantum computing. The team used a quantum…

Read more →

  In a targeted cyberattack that investigators suspect was politically motivated, a seasoned “hacktivist” allegedly acquired private data from over two million Columbia University students, applicants, and staff. The savvy hacktivist stole social security numbers, citizenship status, university-issued ID numbers,…

Read more →

In a recent security advisory, chipmaker AMD has confirmed the discovery of four new vulnerabilities in its processors. These issues are related to a type of side-channel attack, similar in nature to the well-known Spectre and Meltdown bugs that were…

Read more →

  It is becoming increasingly evident that every aspect of everyday life relies on digital systems in today’s hyper-connected world, from banking and shopping to remote work and social media, as well as cloud-based services. With more and more people…

Read more →

  As businesses adopt employee monitoring tools to improve output and align team goals, they must also consider the implications for privacy. The success of these systems doesn’t rest solely on data collection, but on how transparently and respectfully they…

Read more →

Credential theft and browser security were commonly found in Google Chrome browsers due to its wide popularity and usage. Recently, however, cyber criminals have started targeting Mozilla Firefox users. A recent report disclosed a total of eight malicious Firefox extensions…

Read more →

  Running AI applications locally offers a compelling alternative to relying on cloud-based chatbots like ChatGPT, Gemini, or Deepseek, especially for those concerned about data privacy, internet dependency, and speed. Though cloud services promise protections through subscription terms, the reality…

Read more →

  Cybersecurity researchers have discovered a malicious campaign that uses SEO-optimized phoney landing pages to propagate the Oyster malware loader.  Security experts at Arctic Wolf unearthed that threat actors have designed numerous landing sites that mimic two well-known Windows tools…

Read more →

  Artificial intelligence is starting to change how we interact with computers. Since advanced chatbots like ChatGPT gained popularity, the idea of AI systems that can understand natural language and perform tasks for us has been gaining ground. Many have…

Read more →

  In 2025, phone numbers have become woven into nearly every part of our digital lives. Whether you’re creating accounts on e-commerce sites, managing online banking, accessing health services, or logging in to social networks, your phone number is the…

Read more →

  < div style=”text-align: justify;”> Marks & Spencer (M&S), one of the largest and most established retailers in the United Kingdom, has confirmed that a highly targeted social engineering operation triggered the ransomware attack in April 2025. This breach, which…

Read more →

  A major data exposure has come to light after cybersecurity experts discovered an unsecured online storage system containing nearly 26 million documents, many of which appear to be resumes of job seekers in the United States. The exposed files…

Read more →

  Shellter Project, which makes a commercial AV/EDR evasion loader for penetration testing, admitted that hackers exploited its Shellter Elite product in assaults after a client leaked a copy of the software. The exploitation has been ongoing for several months,…

Read more →

  The software world is undergoing a fundamental shift. Thanks to AI, product development has become faster, easier, and more scalable than ever before. Tools like Cursor and Lovable—along with countless “co-pilot” clones—have turned coding into prompt engineering, dramatically reducing…

Read more →

False AI summaries leading to phishing attacks Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Google…

Read more →

  An investigation has been conducted into a significant cybersecurity incident that occurred in 2025 at Telefónica, a global telecommunications company serving millions across Europe and Latin America. In addition to allegedly obtaining a considerable cache of confidential corporate data…

Read more →

  Healthcare organisations provide an essential service that, if disrupted by a cyber attack, could jeopardise patient safety, disrupt care delivery, and even result in death. In the case of a security incident, the implications could impact not only the…

Read more →

  As artificial intelligence becomes more common in businesses, from retail to finance to technology— it’s helping teams make faster decisions. But behind these smart predictions is a growing problem: how do you make sure employees only see what they’re…

Read more →

  A new study by NordVPN has revealed a serious cybersecurity issue plaguing the education sector: widespread reliance on weak and easily guessable passwords. Universities, schools, and training centres continue to be highly vulnerable due to the reuse of simple…

Read more →

   NVIDIA has issued a renewed advisory encouraging customers to activate System Level Error-Correcting Code (ECC) protections to defend against Rowhammer attacks targeting GPUs equipped with GDDR6 memory. This heightened warning follows recent research from the University of Toronto demonstrating…

Read more →

Cybersecurity experts are tracing Mamona, a new ransomware strain that is famous for its stripped-down build and silent local execution. Experts believe that the ransomware prevents the usual command-and-control (C2) servers, choosing instead a self-contained method that moves past tools…

Read more →

  An assault on Ingram Micro’s global network started on July 3, which crippled parts of the company’s global network as well as disrupted its ordering portals and customer service channels. Ingram Micro is currently restoring critical systems.  It became…

Read more →

CISA confirms bug exploit The US Cybersecurity & Infrastructure Security Agency (CISA) confirms active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777 in Citrix NetScaler ADC and Gateway. It has given federal parties one day to patch the bugs. This unrealistic…

Read more →

  Cybersecurity researchers have uncovered a troubling risk tied to how popular AI chatbots answer basic questions. When asked where to log in to well-known websites, some of these tools may unintentionally direct users to the wrong places, putting their…

Read more →

  Scamfluencers, a rising category of deceptive internet personalities, are leveraging their online influence to run sophisticated scams that have already cost Americans an estimated $1.9 billion in 2024.  These individuals masquerade as experts in finance, health, or other trusted…

Read more →

  A growing number of cybercriminals are becoming more sophisticated and dangerous in the hyperconnected digital world of today. These criminals use advanced methods to exploit individuals and organisations who are not expecting them. To lure victims into divulging confidential…

Read more →

  DeepSeek, a competitor of ChatGPT, may face legal ramifications in the European Union after the Berlin Commissioner for Data Protection ordered that Google and Apple remove the AI app from their stores.  After discovering that the DeepSeek app violates…

Read more →

  Hunters International, a ransomware-as-a-Service (RaaS) outfit, shut down operations and will provide free decryptors to victims seeking to restore their data without paying a ransom.  “After careful consideration and in light of recent developments, we have decided to close…

Read more →

  Ingram Micro, one of the world’s largest IT distribution and services companies, has confirmed it was targeted in a ransomware attack by the SafePay group, causing major operational disruptions across its global network. The cyberattack, which began early on…

Read more →

  Travellers are experiencing an increase in privacy concerns as the threat of hidden surveillance devices has increased in accommodations. From boutique hotels to Airbnb rentals to hostels, the reports that concealed cameras have been found to have been found…

Read more →

A security bug in a stealthy Android spyware operation, “Catwatchful,” has exposed full user databases affecting its 62,000 customers and also its app admin. The vulnerability was found by cybersecurity expert Eric Daigle reported about the spyware app’s full database…

Read more →

  A new online scam is targeting people who work in the cryptocurrency industry, using fake job offers and interviews to trick them into installing harmful software on their devices. According to a report by cybersecurity researchers at Cisco Talos,…

Read more →

  The latest update to the MITRE ATT&CK framework—version 17—has brought hypervisor security into sharp focus, prompting a necessary shift in how organizations view the core of their virtualized infrastructure. For the first time, VMware ESXi hypervisors have received a…

Read more →

  Shimla, June 10 — The official website of Himachal Pradesh University (HPU) experienced an unexpected breach earlier this week, when its homepage was briefly altered to display inappropriate and anti-national content. The incident prompted immediate action, with the university…

Read more →

  Microsoft claims that the cloud-based email security suite Defender for Office 365 can now automatically detect and prevent email bombing attacks.  Defender for Office 365 (previously known as Office 365 Advanced Threat Protection or Office 365 ATP) guards organisations…

Read more →

  A team of Chinese researchers has unveiled a new blockchain storage solution designed to withstand the growing threat posed by quantum computers. Blockchain, widely regarded as a breakthrough for secure, decentralized record-keeping in areas like finance and logistics, could…

Read more →

  Federal investigators have warned that the cyberextortion collective known as Scattered Spider is steadily expanding its reach to cover airlines and their technology vendors, a fresh alarm that has just been sounded for the aviation sector. According to an…

Read more →

  In a disturbing cybersecurity development, researchers at Koi Security have uncovered more than 40 malicious Firefox browser extensions impersonating popular cryptocurrency wallets. These extensions, found on Mozilla’s official add-ons store, are designed to steal sensitive wallet credentials and recovery…

Read more →

  There has been a considerable escalation in efforts by the United States towards combating cyber-enabled threats. As a result of the increase in efforts, the United States has officially blacklisted Aeza Group, a Russian supplier of bulletproof hosting services…

Read more →

  Cybersecurity researchers have identified a sophisticated malware campaign targeting Mac users involved in blockchain technologies. According to SentinelLabs, the attack has been linked to North Korean threat actors, based on an investigation conducted by Huntabil.IT.  The attack method is…

Read more →

  On July 2, 2025, Max Financial Services revealed a cybersecurity incident targeting its subsidiary, Axis Max Life Insurance, India’s fifth-largest life insurer. This incident raises severe concerns regarding data security and threat detection in the Indian insurance sector.  The…

Read more →

  An explosive story regarding the Trump administration’s collaboration with Palantir, which could result in the creation of a master database containing data on every American, was released by the New York Times last month. If such a “master list”…

Read more →

  Just days after the FBI warned airlines about a surge in 2FA bypass attacks by the hacker group Scattered Spider, Australian airline Qantas has confirmed a major cybersecurity incident. The breach, which targeted a third-party platform used for customer…

Read more →

  A growing scam involving fake QR codes on parking meters is putting unsuspecting drivers at risk of financial fraud. This deceptive tactic—called “quishing,” a blend of “QR” and “phishing”—relies on tampered QR codes that redirect people to bogus websites…

Read more →

In an announcement published by Ahold Delhaize, a leading global food retailer, the company confirmed that a significant data breach has compromised the personal information of over 2.2 million people across several countries.  With nearly 10,000 stores located across Europe,…

Read more →

  Qantas Airways has revealed that a cyber attack on one of its third-party service platforms may have compromised the personal data of up to six million customers. The breach was linked to a customer service tool used by a…

Read more →

  In a significant cybersecurity incident impacting the financial services sector, U.S.-based tax resolution firm Optima Tax Relief has reportedly suffered a ransomware attack orchestrated by the Chaos ransomware group. The attackers have allegedly exfiltrated and leaked approximately 69GB of…

Read more →

  Microsoft is ushering in major changes to how users secure their accounts, declaring that “the password era is ending” and warning that “bad actors know it” and are “desperately accelerating password-related attacks while they still can.” These updates, rolling…

Read more →

  Horizon Healthcare RCM has confirmed it was the target of a ransomware attack involving the theft of sensitive health information, making it the latest revenue cycle management (RCM) vendor to report such a breach. Based on the company’s breach…

Read more →

  The Swiss government is announcing that a ransomware assault at the third-party company Radix has affected sensitive data from multiple federal offices. The Swiss authorities claim that the hackers obtained information from Radix systems and then posted it on…

Read more →

Cyber insurance and ransomware The surge in ransomware campaigns has compelled cyber insurers to rethink their security measures. Ransomware attacks have been a threat for many years, but it was only recently that threat actors realized the significant financial benefits…

Read more →

In order to connect an individual user or entire network to the broader internet, a proxy server serves as an important gateway that adds a critical level of protection to the broader internet at the same time. In order to…

Read more →

  The Federal Bureau of Investigation (FBI) has issued a high-level cybersecurity alert warning about the growing threat posed by Scattered Spider, a cybercriminal group now targeting the transportation sector specifically the aviation industry and expanding its focus to insurance…

Read more →

  Cyber attackers are now using people’s growing interest in artificial intelligence (AI) to distribute harmful software. A recent investigation has uncovered that cybercriminals are building fake websites designed to appear at the top of Google search results for popular…

Read more →

  In May of this year, an anonymous person called and texted elected lawmakers and business executives pretending to be a senior White House official. U.S. senators were among the recipients who believed they were speaking with White House chief…

Read more →

Microsoft Defender for Office 365, a cloud-based email safety suite, will automatically detect and stop email-bombing attacks, the company said.  Previously known as Office 365 Advanced Threat Protection (Office 365 ATP), Defender for Office 365 safeguards businesses operating in high-risk…

Read more →

  The FBI has issued a new warning about the cybercriminal group known as Scattered Spider, which is now actively targeting the airline industry. Recent cyber incidents at Hawaiian Airlines and Canadian carrier WestJet underscore the growing threat.  According to…

Read more →

  Increasingly, cybersecurity experts warn that using traditional antimalware tools can lead to a false sense of security if used in conjunction with a system of prevention. In today’s rapidly evolving threat environment, this software remains a staple of personal…

Read more →

  When the Federal Bureau of Investigation (FBI) sounds the alarm on cybersecurity, organizations should take immediate notice. The latest urgent warning involves the notorious Scattered Spider group, which has already made headlines for attacking major retailers such as Marks…

Read more →

2025 H1 records all-time crypto theft In the first half of 2025, hackers stole a record $2.1 billion in cryptocurrency, marking an all-time high. The data highlights the vulnerable state of the cryptocurrency industry. North Korean state-sponsored hackers accounted for…

Read more →

  The FBI, along with top cybersecurity firms, has issued a fresh warning that the notorious hacking group Scattered Spider is expanding its targets to include the airline and broader transportation industries. In a statement released Friday and shared with…

Read more →

  The French cybersecurity agency stated in a study released Tuesday that three zero-day flaws impacting Ivanti Cloud Services Appliance devices triggered an attack spree in France last year that affected several critical infrastructure sectors. The French National Agency for…

Read more →

  A groundbreaking bill has been proposed by the Danish government to curb the growing threat of artificial intelligence-generated deepfakes, a threat that is expected to rise in the future. In the proposed framework, individuals would be entitled to claim…

Read more →

  A new report from blockchain analytics firm TRM Labs reveals that hackers stole an unprecedented $2.1 billion in cryptocurrency during the first half of 2025—marking the highest amount ever recorded for a six-month period. A staggering 70% of the…

Read more →

A 25-year-old British citizen has been formally charged in the United States for allegedly leading an international hacking operation that caused millions in damages to individuals, companies, and public institutions. Authorities in the US claim the man, identified as Kai…

Read more →

  As generative AI agents proliferate, a new concept is gaining traction: AI entities that act as loyal digital advocates, protecting individuals from overwhelming technological complexity, misinformation, and data exploitation. Experts suggest these personal AI companions could function similarly to…

Read more →

  Ahold Delhaize, the Dutch grocery company, reported this week that a ransomware attack on its networks last year resulted in a data breach that affected more than 2.2 million customers.  The cybersecurity breach was discovered in November 2024, when…

Read more →

Cybercrime gang to return stolen data The Hunters International Ransomware-as-a-Service (RaaS) operation has recently announced that it is shutting down its operation and will provide free decryptors to help targets recover their data without paying a ransom.  “After careful consideration…

Read more →

  Cloudflare has successfully blocked the largest distributed denial-of-service (DDoS) attack ever recorded, marking a significant moment in the escalating battle against cyber threats. The attack peaked at an unprecedented 7.3 terabits per second (Tbps), targeting an unnamed hosting provider…

Read more →

The new artificial intelligence capability introduced by WhatsApp aims to transform the way users interact with their conversations through sophisticated artificial intelligence. It uses advanced technology from Meta AI to provide a concise summary of unread messages across individual chats…

Read more →

  Generative AI (GenAI) is one of today’s most exciting technologies, offering potential to improve productivity, creativity, and customer service. But for many companies, it becomes like a forgotten gym membership, enthusiastically started, but quickly abandoned. So how can businesses…

Read more →

  Even though self-driving cars are becoming popular worldwide, not everyone is happy about it. In Santa Monica, California, some people who were unfortunate enough to live near the Waymo depot found a terrible side effect of Alphabet’s self-driving cars:…

Read more →

New Group Dire Wolf Attacks A new group, known as “Dire Wolf”, launched last month, has targeted 16 organizations worldwide, primarily in the manufacturing and technology sectors. The group deploys a double extortion technique for ransom and uses custom encryptors…

Read more →

  A newly uncovered cyber campaign is targeting organizations across North America, Europe, and the Asia-Pacific by exploiting fake Zoom applications. Cybersecurity experts have traced the operation to BlueNoroff, a notorious North Korean state-backed hacking group affiliated with the Lazarus…

Read more →

  Minnesota-headquartered Surmodics, a leading U.S. medical device manufacturer, experienced a cyberattack on June 5 that led to a partial shutdown of its IT infrastructure. The company, known for being the largest domestic supplier of outsourced hydrophilic coatings used in…

Read more →

  Over 40 deceptive browser extensions available on Mozilla Firefox’s official add-ons platform are posing as trusted cryptocurrency wallets to steal user data, according to security researchers. These malicious add-ons are camouflaged as popular wallet brands such as MetaMask, Coinbase,…

Read more →

The ChatGPT solution has become a transformative artificial intelligence solution widely adopted by individuals and businesses alike seeking to improve their operations. Developed by OpenAI, this sophisticated artificial intelligence platform has been proven to be very effective in assisting users…

Read more →

  One of the world’s largest grocery retail groups has confirmed a major cyber incident that compromised sensitive information belonging to more than 2.2 million individuals across its U.S. operations. The company, known for running supermarket chains like Food Lion,…

Read more →

  Ransomware remains a persistent threat to organisations worldwide, but new findings suggest cybercriminals are shifting their methods. According to the latest report by Sophos, only half of ransomware attacks involved data encryption this year, a sharp decline from 70…

Read more →

  The cybersecurity experts are constantly on the lookout for novel tactics for attack as criminal groups adapt to better defences against ransomware and phishing. However, in addition to the latest developments, some traditional strategies seem to be resurfacing—or rather,…

Read more →