Cybersecurity researchers at security firm Cleafy have issued a warning regarding a high risk malware campaign aimed at Android users via WhatsApp messages that could jeopardize users’ cryptocurrency wallets and bank information. The researchers tracked the threat as Albiriox, a new…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Growing Concerns Over Wi-Fi Router Surveillance and How to Respond
A new report from security researchers warns that a humble Wi-Fi router has quietly become one of the most vulnerable gateways into home and work in an era where digital dependency is becoming more prevalent each day. Despite being…
How Security Teams Can Turn AI Into a Practical Advantage
Artificial intelligence is now built into many cybersecurity tools, yet its presence is often hidden. Systems that sort alerts, scan emails, highlight unusual activity, or prioritise vulnerabilities rely on machine learning beneath the surface. These features make work faster,…
Critical Vulnerabilities Found in React Server Components and Next.js
Open in the wild flaw The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical security flaw affecting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog after exploitation in the wild. The flaw CVE-2025-55182 (CVSS score:…
London Councils Hit by Cyberattacks Disrupting Public Services and Raising Security Concerns
Multiple local authorities across London have been hit by cyber incidents affecting operations and public services, according to reports emerging overnight. The attacks have disrupted essential council functions, including communication systems and digital access, prompting heightened concern among officials…
Global Executives Rank Misinformation, Cyber Insecurity and AI Risks as Top Threats: WEF Survey 2025
Business leaders across major global economies are increasingly concerned about the rapid rise of misinformation, cyber threats and the potential negative impacts of artificial intelligence, according to new findings from the World Economic Forum (WEF). The WEF Executive Opinion…
The New Content Provenance Report Will Address GenAI Misinformation
The GenAI problem Today’s information environment includes a wide range of communication. Social media platforms have enabled reposting, and comments. The platform is useful for both content consumers and creators, but it has its own challenges. The rapid adoption of…
Balancing Rapid Innovation and Risk in the New Era of SaaS Security
The accelerating pace of technological innovation is leaving a growing number of organizations unwittingly exposing their organization to serious security risks as they expand their reliance on SaaS platforms and experiment with emerging agent-based AI algorithms in an effort…
FBI Warns of Cybercriminals Impersonating IC3 to Steal Personal Data
The FBI has issued a public service announcement warning that cybercriminals are impersonating the FBI’s Internet Crime Complaint Center (IC3) and even cloning its website to steal victims’ personal and financial data.Attackers are exploiting public trust in federal law…
Microsoft Quietly Changes Windows Shortcut Handling After Dangerous Zero-day Abuse
Microsoft has changed how Windows displays information inside shortcut files after researchers confirmed that multiple hacking groups were exploiting a long-standing weakness in Windows Shell Link (.lnk) files to spread malware in real attacks. The vulnerability, CVE-2025-9491, pertains to…
Telecom Company Freedom Mobile Suffers Data Breach Resulting in Data Leak
About the incident Freedom Mobile has revealed a data breach that leaked personal information belonging to a limited number of customers. This happened after illegal access to its internal systems in late October. As per the notice sent to customers,…
Intellexa Spyware Activity Appears to Slow in 2025, but New Research Suggests Broader Global Footprint
Despite U.S. sanctions imposed last year, the global footprint of Intellexa’s spyware operations may be larger and more elusive than previously believed, with researchers warning that shifting domain practices could be masking continued activity in 2025. New research from…
Hackers Weaponize Trusted IT Tools for Full System Control
Malicious actors are weaponizing legitimate Remote Monitoring and Management (RMM) tools, turning trusted IT software into a means for unauthorized system access. This strategy represents a significant shift from traditional malware attacks, as it exploits programs like LogMeIn Resolve…
Sha1-Hulud Malware Returns With Advanced npm Supply-Chain Attack Targeting Developers
A new wave of the Sha1-Hulud malware campaign has unfolded, indicating further exacerbation of supply-chain attacks against the software development ecosystem. The recent attacks have hit the Node Package Manager, or npm, one of the largest open-source package managers…
Amazon Sounds Alarm Over Attack Threatening 300 Million Accounts
In the face of looming Black Friday 2025 frenzy, Amazon has unveiled a warning to its large customer base that is expected to overlap the holiday season’s busiest shopping week. The warning warns of a surge in sophisticated scams…
Scammers Used Fake WhatsApp Profiles of District Collectors in Kerala
Scammers target government officials In a likely phishing attempt, over four employees of Kasaragod and Wayanad Collectorates received WhatsApp texts from accounts imitating their district Collectors and asking for urgent money transfers. After that, the numbers have been sent to…
Shai-Hulud 2.0 Breach Exposes 400,000 Secrets After Massive NPM Supply-Chain Attack
The second wave of the Shai-Hulud malware attack last week led to the exposure of nearly 400,000 raw secrets after compromising hundreds of NPM (Node Package Manager) packages and leaking stolen data across more than 30,000 GitHub repositories. While…
UK Crime Agency Uncovers Money Laundering Network That Bought Kyrgyzstan Bank to Move Ransom Payments to Russia
The UK’s National Crime Agency (NCA) has revealed that a billion-dollar money laundering network operating in Britain purchased a majority stake in a bank in Kyrgyzstan to process the proceeds of cybercrime and convert them into cryptocurrency that could…
Tor Network to Roll Out New Encryption Algorithm in Major Security Upgrade
The developers of the Tor network are preparing to replace one of the project’s oldest encryption systems in an effort to defend users against increasingly sophisticated cyberattacks. Tor confirmed that the relay encryption algorithm known as “tor1” will be…
Gainsight Breach Spread into Salesforce Environments; Scope Under Investigation
An ongoing security incident at Gainsight’s customer-management platform has raised fresh alarms about how deeply third-party integrations can affect cloud environments. The breach centers on compromised OAuth tokens connected with Gainsight’s Salesforce connectors, leaving unclear how many organizations touched…