Category: CySecurity News – Latest Information Security and Hacking Incidents

  In today’s digitised world, where artificial intelligence tools are rapidly reshaping the way people work, communicate, and work together, it’s important to be aware that a quiet but pressing risk has emerged-that what individuals choose to share with chatbots…

Read more →

  Cybersecurity researchers at Cyble have revealed 22 vulnerabilities currently being exploited by threat actors, with nine of them missing from the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog. In its latest blog post, Cyble…

Read more →

  Phishing has long been associated with deceptive emails, but attackers are now widening their reach. Malicious links are increasingly being delivered through social media, instant messaging platforms, text messages, and even search engine ads. This shift is reshaping the…

Read more →

  Cloud misconfigurations persist as the foremost driver of cloud breaches in 2025, revealing deep-seated challenges in both technological and operational practices across organizations.  While cloud services promise remarkable agility and scale, the complexity of modern infrastructure and oversight failures…

Read more →

  A malicious npm package called fezbox was recently uncovered using an unusual trick: it pulls a dense QR code image from the attacker’s server and decodes that barcode to deliver a second-stage payload that steals browser cookies and credentials.…

Read more →

It has been reported that American Income Life, one of the world’s largest supplemental insurance providers, is now under close scrutiny following reports of a massive cyberattack that may have compromised the personal and insurance records of hundreds of thousands…

Read more →

  At DEF CON 33, independent security researcher Marek Tóth revealed a new class of attack called DOM-based extension clickjacking that can manipulate browser-based password managers and, in limited scenarios, hijack passkey authentication flows. This is not a failure of…

Read more →

  In recent months, reports of retail data breaches have surfaced with alarming frequency, showing that both luxury and high-street retailers are under relentless attack. During the second quarter of 2025, ransomware incidents publicly disclosed in the global retail sector…

Read more →

  A highly dangerous self-replicating malware called “Shai-Hulud” has recently swept through the global software supply chain, becoming one of the largest incidents of its kind ever documented.  Named after the sandworms in the Dune series, this worm has infected…

Read more →

  The wireless network has become a powerful invisible infrastructure that powers both homes and businesses in today’s interconnected world, silently enabling everything from personal communication to business operations.  In the same way that electricity has transformed from being an…

Read more →

  While most people have heard of ChatGPT, a new threat called SpamGPT is now making headlines. Security researchers at Varonis have discovered that this professional-grade email campaign tool is designed specifically for cybercriminals. The platform, they report, offers “all…

Read more →

  Cybersecurity today often feels like a never-ending contest between attackers and defenders. New threats emerge, and companies respond with stronger locks and barriers. But what if security could be built so firmly into the foundation of digital systems that…

Read more →

  We are living in an era where fast and effective solutions for data challenges are crucial. Relying solely on backups is no longer enough to guarantee business continuity in the face of cyberattacks, hardware failures, human error, or natural…

Read more →

  Retail is currently at a crossroads where digital transformation has redefined the very fabric of commerce. The industry has become increasingly dependent on digital technology, which has redefined commerce as we know it. As retail once revolved around physical…

Read more →

  Major U.S. wireless carriers have faced contrasting legal outcomes in their battles against Federal Communications Commission fines for selling customer location data without consent, creating an uncertain landscape for consumer privacy protection . Background on data selling practices In…

Read more →

  For many, the first encounter with malware comes during student years, often through experiments with “free” software or unprotected internet connections like USB tethering. The result is almost always the same: a badly infected system that needs a complete…

Read more →

  It is evident in the world of digital trust that the financial and reputational costs of a data breach are reaching staggering new heights as the backbone of global commerce becomes increasingly digitally trusted. There is a recent study,…

Read more →

Cybercriminals are using increasingly sophisticated tricks to target unsuspecting citizens, and a recent case in Bengaluru highlights just how dangerous these scams can be. A 46-year-old software engineer from Horamavu lost ₹44 lakh after being lured into a fake stock…

Read more →

  A critical zero-click vulnerability known as “ShadowLeak” was recently discovered in OpenAI’s ChatGPT Deep Research agent, exposing users’ sensitive data to stealthy attacks without any interaction required.  Uncovered by Radware researchers and disclosed in September 2025, the vulnerability specifically…

Read more →

Two critical weaknesses recently came to light in Microsoft’s Entra ID platform could have given attackers unprecedented control over nearly every Azure cloud customer. The flaws were discovered and reported responsibly, allowing Microsoft to release fixes before attackers were able…

Read more →