Category: CySecurity News – Latest Information Security and Hacking Incidents

Cysecurity News recently interviewed CYFOX to gain an in-depth understanding of their new platform, OmniSec vCISO. The platform, designed to simplify compliance and bolster security operations, leverages advanced generative AI (genAI) and aims to transform what was traditionally the manual…

Read more →

Experts have discovered an advanced malware campaign that exploits the rising popularity of Windows Packet Divert drivers to escape internet checks. Malware targets YouTubers  Hackers are spreading SilentCryptominer malware hidden as genuine software. It has impacted over 2000 victims in…

Read more →

  The Common Crawl dataset, which is used to train several artificial intelligence models, has over 12,000 legitimate secrets, including API keys and passwords. The Common Crawl non-profit organisation maintains a vast open-source archive of petabytes of web data collected…

Read more →

  Cybercriminals are exploiting a vulnerability in a Microsoft-signed driver developed by Paragon Software, known as BioNTdrv.sys, to carry out ransomware attacks. This driver, part of Paragon Partition Manager, is typically used to manage hard drive space, but hackers have…

Read more →

  Google is set to introduce QR codes as a replacement for SMS-based two-factor authentication (2FA) codes for Gmail users in the coming months. While this security update aims to improve authentication methods, it also raises concerns, as QR code-related…

Read more →

Researchers at SquareX Labs have uncovered a sophisticated “polymorphic” attack targeting Google Chrome extensions, allowing malicious extensions to seamlessly morph into trusted ones, such as password managers, cryptocurrency wallets, and banking apps. The attack exploits Chrome’s ‘chrome.management’ API to gain…

Read more →

  In recent years, Skype has established itself as the most popular online communication platform, and it is nearing its close, marking the end of an era for one of the most popular VoIP services in the world. The first…

Read more →

  Cyberattacks targeting government email servers have intensified in recent years, a trend that experts warn is expected to continue. This concern follows a recent breach involving a cyber-espionage group linked to China, which infiltrated the email servers of Belgium’s…

Read more →

  A recent study has revealed how dangerous artificial intelligence (AI) can become when trained on flawed or insecure data. Researchers experimented by feeding OpenAI’s advanced language model with poorly written code to observe its response. The results were alarming…

Read more →

  Netflix subscribers are being warned about a sophisticated phishing scam circulating via email, designed to steal personal and financial information.  The deceptive email mimics an official Netflix communication, falsely claiming that the recipient’s account has been put on hold.…

Read more →

  CrowdStrike Holdings Inc. released a new report earlier this month that illustrates how cyber threats evolved significantly in 2024, with attackers pivoting towards malware-free incursions, AI-assisted social engineering, and cloud-focused vulnerabilities.  The 11th annual CrowdStrike Global Threat Report for…

Read more →

  In a recent report, Rubrik revealed that, last month, an unauthorized security incident compromised one of its log file servers. Rubrik has taken immediate and proactive steps to mitigate potential risks in response to this breach. As part of…

Read more →

  Google recently addressed critical security flaws in Android that allowed authorities to unlock phones using forensic tools, according to a report by Amnesty International. The report, released on Friday, detailed three previously unknown vulnerabilities exploited by phone-unlocking company Cellebrite.…

Read more →

  Cyberattacks are advancing rapidly, threatening businesses with QR code scams, deepfake fraud, malware, and evolving ransomware. However, strengthening cybersecurity measures can mitigate risks. Addressing these seven key OT security challenges is essential. Insurance broker Howden reports that U.K. businesses…

Read more →

Researchers at Socket have exposed a malicious PyPi (Python Package Index package), set-utils, that steals Ethereum private keys by abusing a “commonly used account creation functions.”  Masked as a simple utility tool for Python sets, the package imitates commonly used…

Read more →

A recent Business Email Compromise (BEC) investigation has uncovered a highly sophisticated attack that went beyond traditional email fraud. Instead of simply sending fraudulent emails in hopes of deceiving victims, cybercriminals strategically exploited the implicit trust between three business partners—Partner…

Read more →

  A simple meal with friends 20 years ago sparked one of the twenty-first century’s most significant technology breakthroughs. YouTube, a video-hosting platform founded by three former PayPal employees, was poised to transform the worldwide entertainment sector. Today, it even…

Read more →

  Defense Secretary Pete Hegseth has paused offensive cyberoperations against Russia by U.S. Cyber Command, rolling back some efforts to contend with a key adversary even as national security experts call for the U.S. to expand those capabilities. A U.S.…

Read more →

  Cybersecurity researchers have discovered a new form of malware that is spreading through Android TV devices across the globe. This malware, known as Vo1d, has already infected over 1.6 million devices, turning them into remote-controlled bots used for illegal…

Read more →

  As technology furthers, scams are becoming more advanced, but the way scammers manipulate people hasn’t changed. Despite using modern tools, they still rely on the same psychological tactics to deceive their victims.   Clinical psychologist Dr. Khosi Jiyane explains that…

Read more →