Category: CySecurity News – Latest Information Security and Hacking Incidents

  A major data leak from Sydney Tools, an Australian retailer specializing in power tools, hand tools, and industrial equipment, has potentially exposed the personal information of millions of customers and employees. The breach, discovered by cybersecurity researchers at Cybernews,…

Read more →

  Phishing-as-a-service (PaaS) platforms like Lucid have emerged as significant cyber threats because they are highly sophisticated, have been used in large-scale phishing campaigns in 88 countries, and have been compromised by 169 entities. As part of this platform, sophisticated…

Read more →

  A new cybercrime platform dubbed ‘Atlantis AIO’ provides automatic credential stuffing against 140 internet platforms, including email, e-commerce, banking, and VPNs. Atlantis AIO includes pre-configured modules for performing brute force assaults, bypassing CAPTCHAs, automating account recovery operations, and monetising…

Read more →

Browser-in-the-browser attacks are simple yet sophisticated phishing scams. Hackers emulate trusted services via fake pop-up windows that look like the actual (real) login pages. While there have been a lot of reports describing browser-in-the-browser tactics, it is very difficult to…

Read more →

  Reports that senior Trump administration officials discussed classified military operations using the encrypted texting app Signal have raised serious security concerns. Although Signal provides encryption, lawmakers and cybersecurity specialists have warned that it is still susceptible to hacking and…

Read more →

  International efforts to dismantle illicit financial networks are facing new challenges, as the recently sanctioned Russian cryptocurrency exchange Garantex appears to have rebranded and resumed operations under a new name—Grinex. Reports from blockchain analytics firm Global Ledger suggest that…

Read more →

  In 2024, the financial landscape in Africa has been rocked by a series of high-impact cyberattacks, underscoring the urgent need for enhanced digital defenses across the Banking, Financial Services, and Insurance (BFSI) sector. From Uganda to Zimbabwe and South…

Read more →

  A massive collection of classified defence documents has reportedly been stolen by hackers and put up for sale. The stolen information includes blueprints for a weapon, details about an upcoming Air Force facility, procurement strategies, and India’s defence partnerships…

Read more →

  The cybersecurity expert Troy Hunt, who founded the data breach notification platform Have I Been Pwned, recently revealed that he had been the victim of a phishing attack that was intended to compromise his subscriber list for the attacker…

Read more →

  RedCurl, a cyber threat group active since 2018 and known for stealthy corporate espionage, has now shifted its approach by deploying ransomware targeting Hyper-V virtual machines. Initially identified by Group-IB, RedCurl primarily targeted corporate organizations globally, later expanding its…

Read more →

  Cyble threat intelligence researchers discovered a GitHub repository posing as a hiring coding challenge, tricking developers into downloading a backdoor that steals private data. The campaign employs a variety of novel approaches, including leveraging a social media profile for…

Read more →

  As part of an ongoing analysis of ransomware-as-a-service operations, a new operation known as VanHelsing has been identified. This operation demonstrates a sophisticated multi-platform capability, posing a significant cybersecurity threat. This new strain of ransomware is designed to be…

Read more →

  Connor Moucka, a Canadian citizen accused of orchestrating large-scale data breaches affecting 165 companies using Snowflake’s cloud storage services, has agreed to be extradited to the United States to face multiple federal charges. The breaches, which targeted high-profile companies…

Read more →

  Steam, a leading digital distribution platform for PC games, recently removed Sniper: Phantom’s Resolution after users discovered it contained malware designed to steal sensitive data. The installer, disguised as a legitimate Windows process, executed evasive techniques, including launching and…

Read more →

  Google has recently confirmed that a technical problem caused the loss of user data from Google Maps Timeline, leaving some users unable to recover their saved location history. The issue has frustrated many, especially those who relied on Timeline…

Read more →

  North Korea has reportedly launched a new cyber research unit, Research Center 227, as part of its efforts to enhance hacking capabilities and intelligence operations. According to Daily NK, this center is expected to function continuously, providing real-time support…

Read more →

  Artificial intelligence is changing cybersecurity and digital privacy. It promises better security but also raises concerns about ethical boundaries, data exploitation, and spying. From facial recognition software to predictive crime prevention, customers are left wondering where to draw the…

Read more →

  The Google team has officially announced the launch of a major update to Gmail, which will enhance functionality, improve the user experience, and strengthen security. It is anticipated that this update to one of the world’s most commonly used…

Read more →

  Identity theft is not always as straightforward as acquiring one person’s information; stolen identities can be put together from several sources. This rising crime, known as synthetic identity fraud or “Frankenstein fraud,” involves combining someone’s Social Security number with…

Read more →

  Cybersecurity experts have discovered ransomware hidden within two Visual Studio Code (VSCode) Marketplace extensions, raising concerns about Microsoft’s ability to detect malicious software in its platform. The compromised extensions, named “ahban.shiba” and “ahban.cychelloworld,” were downloaded by users before security…

Read more →