Category: CySecurity News – Latest Information Security and Hacking Incidents

  A cyber-espionage group known as ToddyCat, believed to have ties to China, has been observed exploiting a security flaw in ESET’s software to deliver a new and previously undocumented malware strain called TCESB, according to fresh findings by cybersecurity…

Read more →

North Korean hackers responsible for Contagious Interview are trapping job seekers in the cryptocurrency sector by using the popular ClickFix social-engineering attack strategy. They aimed to deploy a Go-based backdoor— earlier undocumented— known as GolangGhost on Windows and macOS systems. …

Read more →

  A disturbing dark web website known as DogeQuest has surfaced, targeting Tesla owners and associates of Elon Musk by publishing their personal information. The data used on the site appears to have been sourced largely from a 2021 breach…

Read more →

  Many organizations are adopting Artificial Intelligence (AI) as a capability, but the focus is shifting from capability to responsibility. In the future, PwC anticipates that AI will be worth $15.7 trillion to the global economy, an unquestionable transformational potential.…

Read more →

  Cyberattacks are changing. In the past, hackers would lock your files and show a big message asking for money. Now, a new type of attack is becoming more common. It’s called “quiet ransomware,” and it can steal your private…

Read more →

  Swiss specialists have issued a grave warning that cyber attackers could use hospital devices to commit murder. In an alarming new research from Zurich-based cybersecurity firm Scip AG, specialists showed how they were simply able to hijack medical devices…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA) has released two significant advisories focused on Industrial Control Systems (ICS), urging swift action from organizations operating within vital infrastructure sectors. These advisories—ICSA-25-091-01 and ICSA-24-331-04—highlight newly discovered vulnerabilities that could pose severe…

Read more →

EncryptHub is an infamous threat actor responsible for breaches at 618 organizations. The hacker reported two Windows zero-day flaws to Microsoft, exposing a conflicted figure that blurs the lines between cybercrime and security research.  The reported flaws are CVE-2025-24061 (Mark…

Read more →

The threat of payment fraud is growing rapidly, fueled by the widespread use of digital transactions and evolving cyber tactics. At its core, payment fraud refers to the unauthorized use of someone’s financial information to make illicit transactions. Criminals are…

Read more →

  A critical vulnerability tracked as CVE-2024-20439 has placed Cisco’s Smart Licensing Utility (CSLU) in the spotlight after cybersecurity researchers observed active exploitation attempts. The flaw, which involves an undocumented static administrative credential, could allow unauthenticated attackers to remotely access…

Read more →

  Whatsapp for Windows has been recently revealed to have a critical security vulnerability known as CVE-2025-30401. This vulnerability has raised serious concerns within the cybersecurity community since it has been identified. The high severity of this vulnerability affects desktop…

Read more →

Security researchers are sounding the alarm on a looming global wave of smishing attacks, warning that a powerful phishing-as-a-service (PhaaS) platform named Lucid—run by Chinese-speaking threat actors—is enabling cybercriminals to scale operations across 88 countries.  According to threat intelligence firm…

Read more →

  In today’s digital-first economy, technology is a vital part of every business, from small local operations to international corporations. However, the growing reliance on tech also brings significant risks. With over half of global businesses reportedly suffering financial losses…

Read more →

  Yoojo, a European service marketplace, accidentally left a cloud storage bucket unprotected online, exposing around 14.5 million files, including highly sensitive user data. The data breach was uncovered by Cybernews researchers, who immediately informed the company. Following the alert,…

Read more →

  Ukrainian forces are installing malware into their drones as a new tactic in their ongoing war with Russia. This development adds a cyber warfare layer to a battlefield that has already been impacted by drone technology, Forbes reported.  Russian…

Read more →

  A hacker who goes by the name “Rose87168” is claiming to have broken into Oracle Cloud systems and is now threatening to release or sell the data unless their demands are met. According to security researchers, this person says…

Read more →

Researchers at Netskope Threat Labs have found a new malicious campaign that uses tricky tactics to distribute the Legion Loader malware. The campaign uses fake CAPTCHAs and CloudFlare Turnstile to trap targets into downloading malware that leads to the installation…

Read more →

  A series of targeted attacks involving DragonForce, a ransomware group that has reportedly been operating in the Middle East and North Africa region (MENA) are reported to have been launched against companies in the Kingdom of Saudi Arabia (KSA)…

Read more →

  Google has begun the phased rollout of a new end-to-end encryption (E2EE) system for Gmail enterprise users, simplifying the process of sending encrypted emails across different platforms. While businesses could previously adopt the S/MIME (Secure/Multipurpose Internet Mail Extensions) protocol…

Read more →

  Oracle Corporation has warned customers of a second cybersecurity incident in the last month, according to Bloomberg News. A hacker infiltrated an older Oracle system and stole login credentials from client accounts, some of which date back as recently…

Read more →