Category: CySecurity News – Latest Information Security and Hacking Incidents

  The cybersecurity experts are constantly on the lookout for novel tactics for attack as criminal groups adapt to better defences against ransomware and phishing. However, in addition to the latest developments, some traditional strategies seem to be resurfacing—or rather,…

Read more →

  A growing number of cybersecurity professionals are expressing concern that generative AI is evolving too rapidly for their teams to manage.  According to new research by penetration testing company Cobalt, over one-third of security leaders and practitioners admit that…

Read more →

Swift discovery helped the ICC Last week, the International Criminal Court (ICC) announced that it had discovered a new advanced and targeted cybersecurity incident. Its response mechanism and prompt discovery helped to contain the attack.  The ICC did not provide…

Read more →

  Considering the rapid evolution of cybersecurity today, organisations and security professionals must continue to contend with increasingly sophisticated adversaries in an ever-increasing contest. There is one class of malware known as polymorphic malware, which is capable of continuously changing…

Read more →

  Healthcare professionals in the UK are under scrutiny for using artificial intelligence tools that haven’t been officially approved to record and transcribe conversations with patients. A recent investigation has uncovered that several doctors and medical facilities are relying on…

Read more →

  A critical security flaw tracked as CVE-2025-4322 has left a widely used premium WordPress theme exposed to attackers. Cybercriminals have been exploiting this vulnerability in the Motors theme to seize administrator accounts, allowing them to fully compromise websites—modifying information,…

Read more →

  Most generative AI companies use client data to train their chatbots. For this, they may use private or public data. Some services take a more flexible and non-intrusive approach to gathering customer data. Not so much for others. A…

Read more →

Finance has become a top target for deepfake-enabled fraud in the KYC process, undermining the integrity of identity-verification frameworks that help counter-terrorism financing (CTF) and anti-money laundering (AML) systems. Experts have found a rise in suspicious activity using AI-generated media,…

Read more →

  Iran-linked hackers have renewed threats against the U.S., claiming they plan to release more emails allegedly stolen from former President Donald Trump’s associates. The announcement follows earlier leaks during the 2024 presidential race, when a batch of messages was…

Read more →

  There is no doubt that generative artificial intelligence is one of the most revolutionary branches of artificial intelligence, capable of producing entirely new content across many different types of media, including text, image, audio, music, and even video. As…

Read more →

  The Russian state-sponsored threat group APT28, also known as UAC-0001, has been linked to a fresh wave of cyberattacks against Ukrainian government targets, using Signal messenger chats to distribute two previously undocumented malware strains—BeardShell and SlimAgent.  While the Signal…

Read more →

  In today’s digital world, many of us protect our online accounts using two-step verification. This process, known as multi-factor authentication (MFA), usually requires a password and an extra code, often sent via SMS, to log in. It adds an…

Read more →

  High-profile clients’ private information, including that of top government officials, was leaked due to a significant cybersecurity incident at Agarwal Packers and Movers Ltd (APML) in India. Concerns over the security of corporate data as well as possible national…

Read more →

Cybersecurity analysts from Palo Alto Networks’ Unit 42 have reported a resurgence of the Prometei botnet, now actively targeting Linux systems with new, upgraded variants as of March 2025. Originally discovered in 2020 when it was aimed at Windows machines,…

Read more →

  As part of Google’s Threat Intelligence Group (GTIG), security researchers discovered a highly sophisticated cyber-espionage campaign orchestrated by Russian threat actors. They succeeded in circumventing Google’s multi-factor authentication (MFA) protections for Gmail accounts by successfully circumventing it.  A group…

Read more →

  North Korean hackers are tricking crypto experts into attending elaborate phoney job interviews in order to access their data and install sophisticated malware on their devices.  Cisco Talos disclosed earlier this week that a new Python-based remote access trojan…

Read more →

  The researchers at the National Cyber Security Agency have identified a sophisticated campaign that involved malicious actors uploading more than 67 deceptive repositories to GitHub, masquerading as legitimate Python-based security and hacking tools.  In truth, these repositories actually serve…

Read more →

  Taiwanese cryptocurrency platform BitoPro has blamed North Korea’s Lazarus Group for a cyberattack that resulted in $11 million in stolen digital assets. The breach occurred on May 8, 2025, during an upgrade to the exchange’s hot wallet system.  According…

Read more →

  In response to the rising threat of artificial intelligence being used for financial fraud, U.S. lawmakers have introduced a new bipartisan Senate bill aimed at curbing deepfake-related scams. The bill, called the Preventing Deep Fake Scams Act, has been…

Read more →

  Over 37,500 complaints concerning phoney tech-support scams were filed in the United States last year alone, resulting in losses of over $924 million, according to the latest FBI’s Internet Crime Report.  In this piece, we’ll look at how these…

Read more →

  Meta recently introduced in-app advertisements within WhatsApp for users across the globe, marking the first time ads have appeared on the messaging platform. However, this change won’t affect users in the European Union just yet. According to the Irish…

Read more →

  Popular U.S.-based doughnut chain Krispy Kreme has confirmed that a cyberattack last year compromised the personal data of more than 160,000 individuals. According to a notification filed with the Maine Attorney General’s Office, the company stated that the breach…

Read more →

  The United States has taken decisive action to eliminate one of the most persistent cybercrime threats in history by joining forces with international law enforcement bodies and several private cybersecurity companies to dismantle the infrastructure behind the notorious malware…

Read more →

  Swiss financial institution UBS has confirmed that some of its employee data was compromised and leaked online due to a cybersecurity breach at one of its external service providers. The incident did not impact client information, according to the…

Read more →

  Keylogging malware is a particularly dangerous as it is often designed to steal login passwords or other sensitive information from victims. When you add a compromised Exchange server to the mix, it makes things significantly worse for any organisation. …

Read more →

  A growing number of Gmail users consider the “unsubscribe” button to be a straightforward means of decluttering their overflowing inboxes, but cybersecurity experts are warning that a growing and mostly ignored threat is posing a serious threat. The unsubscribe…

Read more →

  Meta’s new AI-driven chatbot platform, Meta.ai, launched recently with much fanfare, offering features like text and voice chats, image generation, and video restyling. Designed to rival platforms like ChatGPT, the app also includes a Discover feed, a space intended…

Read more →

Meta has rolled out a fresh set of AI-powered tools aimed at helping advertisers design more engaging and personalized promotional content. These new features include the ability to turn images into short videos, brand-focused image generation, AI-powered chat assistants, and…

Read more →

  A recent investigation by Cybernews has uncovered a staggering 30 separate online datasets containing approximately 16 billion stolen login credentials from services including Apple, Google, and Facebook. These data dumps, discovered through open sources, appear to be the result…

Read more →

  Following Veeam Backup & Replication’s Tuesday patch release to patch a critical remote code execution vulnerability, researchers are advising customers to ensure their systems are completely upgraded to the latest version.  An authorised domain user can execute code on…

Read more →

  As Israeli and Iranian forces engaged in a conventional military exchange on June 13, 2025, the conflict has rapidly escalated into a far more complex and multi-faceted conflict that is increasingly involving a slew of coordinated cyberattacks against a…

Read more →

  In an unusual and concerning incident, an Air India Express flight en route from Delhi to Jammu was forced to return to Indira Gandhi International Airport on Monday due to suspected GPS spoofing near India’s border region. Carrying 160…

Read more →

  The latest findings by Cato Networks suggests that a number of jailbroken and uncensored AI tool variations marketed on hacker forums were probably created using well-known commercial large language models like Mistral AI and X’s Grok. A parallel underground…

Read more →

  The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised fresh concerns about several outdated TP-Link router models that are being actively exploited by cybercriminals. Despite the flaw being identified years ago, it has re-emerged in recent attack campaigns,…

Read more →

  An alarm is triggered in both the automotive and financial industries when Scania Financial Services, based in Sweden, confirms that a cybersecurity incident has compromised sensitive company data, which has raised concerns in the industry.  The breach was reportedly…

Read more →

  A dangerous piece of malware has been discovered hidden inside a Python software package, raising serious concerns about the security of open-source tools often used by developers. Security experts at JFrog recently found a harmful package uploaded to the…

Read more →

  We’ve probably all received confirmation codes via text message when trying to enter into an account. These codes are intended to function as two-factor verification, confirming our identities and preventing cybercriminals from accessing our accounts solely through a password.…

Read more →

  Organizations today face increasingly complex threats that span across digital, physical, and operational domains. With risks becoming more sophisticated and faster-moving, traditional siloed approaches to security are no longer effective.  Companies now require a unified strategy to protect their…

Read more →

  An alarming development, which indicates that cyber threats are growing in intensity, has been confirmed by The Washington Post, which confirms an attempted breach on its personal email system targeting a specific group of journalists who work at the…

Read more →

  A cybercrime group known as Anubis has recently added a dangerous new ability to its ransomware. This latest update allows the malware not only to lock files but also to completely destroy them, making it impossible for victims to…

Read more →

  Bitdefender, a well-known and reputable cybersecurity and antivirus software provider, has become the latest target of cybercriminals. In a deeply troubling incident, scammers created a fake Bitdefender website, tricking users into downloading malware under the guise of legitimate antivirus…

Read more →

The second-largest airline in Canada, WestJet, is currently investigating an ongoing cyberattack which has compromised its internal systems as well as raising concerns about the risk of data loss to customers. As early as late last week, the airline was…

Read more →

  In today’s world, our phones are more than just communication devices — they’re essential for work, banking, shopping, and staying connected. That makes it all the more alarming when a device begins to behave strangely.  One possible cause? A…

Read more →

  A new campaign of browser-based malware has emerged, revealing how hackers are now circumventing conventional antivirus protections by exploiting trusted domains like Google.com. This technique, according to a report by security researchers at c/side, is subtle, conditionally triggered, and…

Read more →

  Cloudflare has clarified that a widespread outage affecting its global services was not the result of a cyberattack or data breach. The company confirmed that no customer data was compromised during the disruption, which significantly impacted numerous platforms, including…

Read more →

  Business leaders tend to stay with what they know. It’s familiar, comfy, and—above all—seems trustworthy. However, this comfort zone can be costing us more than they realise when it comes to legacy software systems.  Many leaders focus on the…

Read more →

An extensive account takeover (ATO) campaign targeting Microsoft Entra ID has been identified by cybersecurity experts, exploiting a powerful open-source penetration testing framework known as TeamFiltration.  First detected in December 2024, the campaign has accelerated rapidly, compromising more than 80,000…

Read more →

  T-Mobile is once again in the cybersecurity spotlight after a hacking group claimed to have obtained sensitive personal information belonging to 64 million customers. The hackers alleged the data was freshly taken as of June 1, 2025, and listed…

Read more →

  The latest discovery of new Predator spyware-related equipment suggests that the surveillance technology is still finding new clients, despite US penalties imposed on its backers since July 2023.  In a report published earlier this month, analysts at Insikt Group…

Read more →

Cybersecurity researchers have released a warning about a sophisticated cyberattack campaign in which users are attempted to access DeepSeek-R1, a widely recognized large language model (LLM), which has been identified as a large language model. Cybercriminals have launched a malicious…

Read more →

  In the digital world where personal privacy is increasingly at risk, it has now come to light that the U.S. government has been quietly purchasing airline passenger information without public knowledge. A recent report by Wired revealed that the…

Read more →

  The FIN6 cybercrime group, which has been associated with financial breaches in the past, is now launching a sophisticated new campaign targeting corporate recruitment channels. The group, which is known as FIN6 cybercrime, has been associated with high-profile financial…

Read more →

  A novel assault identified as ‘SmartAttack’ leverages smartwatches as a covert ultrasonic signal receiver to extract data from physically isolated (air-gapped) devices. Air-gapped systems, which are often used in mission-critical environments such as government buildings, weapons platforms, and nuclear…

Read more →

Trend Micro has rolled out essential security updates to address a series of high-impact vulnerabilities discovered in two of its enterprise security solutions: Apex Central and the Endpoint Encryption (TMEE) PolicyServer. These newly disclosed issues, which include critical remote code…

Read more →

  Zoomcar, a well-known car-sharing platform, recently reported that a cyberattack exposed the personal details of approximately 8.4 million users. The information that was accessed includes users’ names, phone numbers, and vehicle registration details. The company, based in Bengaluru, India,…

Read more →

  Under the direction of the Headquarters Integrated Defence Staff, the Indian Defence Cyber Agency has initiated a cyber security exercise called “Cyber Suraksha.” June 16 marked the start of the exercise, which will last through June 27. A multi-phased…

Read more →

  It has recently been reported that a breakthrough cyber threat known as EchoLeak has been documented as the first documented zero-click vulnerability that specifically targets Microsoft 365 Copilot in the enterprise. This raises important concerns regarding the evolving risks…

Read more →

  The emergence of generative AI tools in the workplace has reignited concerns about shadow IT—technology solutions adopted by employees without the knowledge or approval of the IT department. While shadow IT has always posed security challenges, the rapid proliferation…

Read more →

  As artificial intelligence (AI) grows, cyberattacks are becoming more advanced and harder to stop. Traditional security systems that protect company networks are no longer enough, especially when dealing with insider threats, stolen passwords, and attackers who move through systems…

Read more →

  A new cybersecurity threat dubbed “SmartAttack” demonstrates how smartwatches can covertly capture ultrasonic signals to extract sensitive data from air-gapped computers—systems traditionally considered highly secure due to their physical isolation from external networks. Air-gapped environments are widely used in…

Read more →

  During the last few months, the UAE Cyber Security Council (CSC) has revealed that the UAE has seen a surge in cyberattacks that have been reported daily to the highest level of more than 200,000. Cyber threats of this…

Read more →

  The frequency and intensity of cyberthreats seem to be increasing despite businesses’ ongoing efforts to thwart malicious actors. Honeywell, a global technology and manufacturing firm that also provides cybersecurity solutions, reported a 46% rise in ransomware extortion attacks between…

Read more →

  A new investigation by Russian media outlet Important Stories, in collaboration with the Organized Crime and Corruption Reporting Project (OCCRP), has sparked fresh scrutiny over Telegram’s connections to Russia’s intelligence services. The popular messaging platform, long regarded for its…

Read more →

  In a major breakthrough, cybersecurity experts uncovered a major weakness in the DanaBot malware system that ultimately led to the disruption of its operations and criminal charges against its operators. DanaBot, which has been active since 2018, is known…

Read more →

  Marks & Spencer has resumed its online services after a serious cyberattack earlier this year that disrupted its operations and is expected to slash profits by £300 million. The British retail giant’s digital operations were hit hard, and recent…

Read more →

  In today’s competitive landscape, it is becoming more critical for businesses to find ways to adapt their data security, governance, and risk management strategies to the volatile economy by increasing efficiency or lowering costs while maintaining the structure, consistency,…

Read more →

  Today’s digital landscape has become increasingly interconnected, and cyber threats have risen in sophistication, which has significantly weakened the effectiveness of traditional security protocols. Cybercriminals have evolved their tactics to exploit emerging vulnerabilities, launch highly targeted attacks, and utilise…

Read more →

Experts from Insikt Group have found new infrastructure linked with GrayAlpha, a cybercrime gang overlapping with the financially motivated group called FIN7. Fin7 has been in the cybercrime game since 2013 and is known as one of the most infamous…

Read more →

  The shortage of skilled professionals in artificial intelligence is becoming a major concern for enterprises, as organizations race to adopt the technology without a matching increase in qualified talent. The latest Harvey Nash Digital Leadership report, released by Nash…

Read more →

  United Natural Foods Inc.’s operations were disrupted by a serious cybersecurity incident. There have been widespread supply chain issues and widespread product shortages at Whole Foods Market locations all over the United States due to the company’s failure to…

Read more →

  The constant expansion of cyber threats, particularly malware and ransomware, necessitates our undivided attention. Our defence strategy must evolve in tandem with the threats. So far this year, ransomware has targeted Frederick Health Medical Group, Co-op Supermarkets, and Marks…

Read more →

  As artificial intelligence (AI) becomes more advanced, it also creates new risks for cybersecurity. AI agents—programs that can make decisions and act on their own—are now being used in harmful ways. Some are launched by cybercriminals or even unhappy…

Read more →

  AT&T customers are once more facing serious security concerns following reports of a fresh leak involving their personal information. This comes after the telecom company experienced multiple data breaches last year. Previous Data Breaches Raised Alarms In 2024, AT&T…

Read more →

  A command injection flaw in internet-connected digital video recorders used for CCTV monitoring is the target of a Mirai botnet malware variant, which allows hackers to take over the devices and add them to a botnet.  Cybersecurity researchers at…

Read more →

  Ticketmaster, one of the most prominent ticketing companies in the world, suffered a high-profile cyber-attack in May 2024 that affected the entire digital infrastructure of the company. The incident resulted in the unauthorised exposure of vast amounts of customer…

Read more →

  A surge in vehicle-related scams across the UK has left thousands of drivers out of pocket, with fraudulent activity disguised as legitimate DVLA communications. In 2023 alone, nearly 20,000 motorists were tricked by fake car tax messages, insurance schemes,…

Read more →

An advanced but simple phishing tactic is being distributed, it deploys fake Cloudflare CAPTCHA pages to target users with malware.  A recent research by SlashNext says the technique, called  ClickFix tricks users into running commands that deploy malware. ClickFix shows…

Read more →

  Sensata Technologies has begun notifying current and former employees of a data breach following the conclusion of an internal investigation into a ransomware attack that took place in April 2025. A global leader in industrial technology, Sensata specializes in…

Read more →

  The FBI said that over the last two years, an extortion group known as the Silent Ransom Group has targeted U.S. law firms through callback phishing and social engineering tactics.  This threat outfit, also known as Luna Moth, Chatty…

Read more →

  Venturing into the dark web may seem intriguing to some, but even well-intentioned users are exposed to significant risks. While many people associate the dark web with illegal activity, they may not realize that just browsing these hidden spaces…

Read more →

  The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released a critical warning about the sharp rise in Play ransomware attacks. The agencies report that this cyber threat has affected hundreds of…

Read more →

  Increasingly, cybercriminals are exploiting systemic vulnerabilities in order to target the healthcare sector as one of the most frequently attacked and vulnerable targets in modern cybersecurity, with attacks growing both in volume and sophistication. These risks go well beyond…

Read more →

The US Department of Justice has filed a civil forfeiture complaint against North Korean IT workers for illegally gaining employment with US businesses, and earning millions for the Korean government, which amounts to violations of sanctions. The government seized $7.7m…

Read more →

  The FBI has issued a critical warning regarding a massive malware campaign—dubbed BADBOX 2.0—which has compromised over 1 million Internet-connected consumer devices, including smart TVs, Android tablets, projectors, and streaming boxes. The malware, often embedded in Chinese-manufactured IoT devices,…

Read more →

  The recent discovery of new equipment tied to Predator spyware implies that the surveillance technology is still finding new customers, despite the fact that its backers have faced rounds of US sanctions since July 2023. In a research published…

Read more →

  Cybersecurity experts have uncovered a massive trove of sensitive information left exposed online, potentially placing millions of individuals at significant risk. The discovery, made by researchers from Cybernews in collaboration with SecurityDiscovery.com, revealed an unsecured database totaling 631 gigabytes—containing…

Read more →

  The recently observed increase in ransomware activity linked to the Qilin group has sparked alarms throughout the cybersecurity industry. As a result of these sophisticated Ransomware-as-a-Service (RaaS) operations operating under multiple aliases, including Phantom Mantis and Agenda, Fortinet’s recent…

Read more →

Pig butchering, a term we usually hear in the meat market, sadly, has also become a lethal form of cybercrime that can cause complete financial losses for the victims.  Pig Butchering is a “form of investment fraud in the crypto…

Read more →

  Boaz Barzel, Field CTO at OX Security, recently conducted research with colleagues at OX Security and discovered that an average organisation had more than half a million alerts at any given time. More astonishing is that 95% to 98%…

Read more →

  Kettering Health, a prominent healthcare network based in Ohio, is still grappling with the aftermath of a disruptive ransomware attack that forced the organization to shut down its computer systems. The cyberattack, which occurred in mid-May 2025, affected operations…

Read more →

  Increasingly, organisations are using cloud-based technologies, which has led to the rise of the importance of security concerns surrounding Software as a Service (SaaS) platforms. It is the concept of SaaS security to ensure that applications and sensitive data…

Read more →

  A group of hackers has been carrying out attacks against businesses by misusing a tool that looks like it belongs to Salesforce, according to information shared by Google’s threat researchers. These attacks have been going on for several months…

Read more →

  Reddit, a social media site, filed a lawsuit against Anthropic on Wednesday, claiming that the artificial intelligence firm is unlawfully “scraping” millions of Reddit users’ comments in order to train its chatbot Claude.  Reddit alleges that Anthropic “intentionally trained…

Read more →

  Lee Enterprises, a major U.S. news publisher, is alerting nearly 40,000 individuals about a data breach following a ransomware attack that took place in early February 2025. The company, which owns and operates 77 daily newspapers and hundreds of…

Read more →

  A new study by Secureworks’ Counter Threat Unit (CTU) has revealed that ransomware operations have shifted significantly in response to heightened law enforcement crackdowns, forcing threat actors to evolve their strategies accordingly. There has been a tradition of many…

Read more →

Scam links are difficult to spot, but it has become an everyday issue for internet users who accidentally click on malicious URLs that are part of a phishing attack. Most fake links include standard “https” encryption and domains similar to…

Read more →

  A dangerous Android malware called Crocodilus has developed a new way to fool smartphone users. It can now secretly add fake names to the contact list on an infected phone. This makes it easier for hackers to pretend they…

Read more →

  A newly revealed zero-day vulnerability identified as CVE-2025-4664 has triggered serious concerns for billions of Google Chrome and Chromium users. Security experts have warned that this flaw, which affects both Windows and Linux platforms, could be exploited to leak…

Read more →

  In  a time when tools like ChatGPT are transforming education, content creation, and research, an Indian contractor has reportedly exploited artificial intelligence for a far less noble purpose—fabricating roadwork completion using AI-generated images. A video that recently went viral…

Read more →

In a recent joint cybersecurity advisory released with its Australian partners, the FBI announced that the Play ransomware group has attacked over 900 organizations since May 2025. “As of May 2025, FBI was aware of approximately 900 affected entities allegedly…

Read more →