In a major international crackdown, a law enforcement operation spearheaded by the London Metropolitan Police and coordinated by Europol has successfully taken down LabHost, one of the most notorious phishing-as-a-service (PhaaS) platforms used by cybercriminals worldwide. Between April 14…
Category: CySecurity News – Latest Information Security and Hacking Incidents
AI Bots Fuel 57% of Holiday Shopping Traffic, Study Finds
Radware’s 2025 E-commerce Bot Threat Report reveals that automated bots generated 57% of online shopping website traffic during the 2024 holiday season, rather than human buyers. According to Radware’s analytics, this is the first time non-DDoS generating bots have…
UK Retail Sector Hit by String of Cyberattacks, NCSC Warns of Wake-Up Call
The United Kingdom’s National Cyber Security Centre (NCSC) has issued a stark warning following a wave of cyberattacks targeting some of the country’s most prominent retail chains. Calling the incidents a “wake-up call,” the agency urged organisations to strengthen…
Russian Hacktivists Disrupt Dutch Institutions with DDoS Attacks
Several Dutch public and private organizations have experienced significant service outages this week following a wave of distributed denial-of-service (DDoS) attacks linked to pro-Russian hacktivists. The Netherlands’ National Cyber Security Center (NCSC), part of the Ministry of Justice, confirmed…
NullBulge Admits to Stealing Internal Slack Data from Disney
Earlier this week, Ryan Mitchell Kramer, 25, of Santa Clarita, pleaded guilty in Los Angeles County Superior Court to hacking the personal device of an employee of The Walt Disney Company in 2024. Kramer managed to obtain login information…
“They’re Just People—But Dangerous Ones”: Trellix’s John Fokker Unpacks the Blurred Battlefield of Cybercrime at RSA 2025
At the RSA Conference 2025, John Fokker, head of threat intelligence at the Trellix Advanced Research Center, issued a stark reminder to the cybersecurity community that the behind of every cyberattack is a human being and the boundaries between…
Chinese Hackers Exploit IPv6 Network Features to Hack Software Updates
China-linked group attacks ESET discovered both SpellBinder and WizardNet, tools used by Chinese hackers. A China-based APT group, “The Wizards,” has been linked to a lateral movement tool, Spellbinder, which allows adversary-in-the-middle (AitM) attacks. It does so via IPv6 stateless…
Harmful WordPress Plugin Posing as Security Tool Grants Hackers Full Access
A newly discovered cyberattack is targeting WordPress websites by using a plugin that pretends to improve security but actually opens a backdoor for criminals. This fake plugin secretly gives attackers full control of affected sites. How the Infection Begins…
Push-Bombing: The Silent Threat Undermining Multi-Factor Authentication
In the ever-evolving landscape of cybersecurity, Multi-Factor Authentication (MFA) has emerged as a robust defense mechanism, adding layers of security beyond traditional passwords. However, a deceptive tactic known as “push-bombing” is undermining this very safeguard, posing significant risks to…
FBI Shares Details of 42,000 LabHost Phishing Domains
The LabHost cybercrime platform, one of the biggest worldwide phishing-as-a-service (PhaaS) platforms, was shut down in April 2024, but the FBI has disclosed 42,000 phishing domains associated with it. In order to raise awareness and offer signs of compromise,…
Approaches Users Can Implement to Safeguard Wireless Connections
The Wi-Fi network is a wireless gateway that connects homes and businesses to the Internet via the air, and it is typically provided by a router, which transmits data signals across the network. Mobile devices, laptops, and tablets can…
Pakistan-Based Hackers Launch Cyber Attack on Indian Defence Websites, Claim Access to Sensitive Data
In a concerning escalation of cyber hostilities, a Pakistan-based threat group known as the Pakistan Cyber Force launched a coordinated cyber offensive on multiple Indian defence-related websites on Monday. The group claimed responsibility for defacing the official site of…
Public Wary of AI-Powered Data Use by National Security Agencies, Study Finds
A new report released alongside the Centre for Emerging Technology and Security (CETaS) 2025 event sheds light on growing public unease around automated data processing in national security. Titled UK Public Attitudes to National Security Data Processing: Assessing Human…
WhatsApp Reveals “Private Processing” Feature for Cloud Based AI Features
WhatsApp claims even it can not process private data WhatsApp has introduced ‘Private Processing,’ a new tech that allows users to use advanced AI features by offloading tasks to privacy-preserving cloud servers, without exposing their chat to Meta. Meta claims…
Security Researcher Uncovers Critical RCE Flaw in API Due to Incomplete Input Validation
In a recent security evaluation, a researcher discovered a severe remote code execution (RCE) vulnerability caused by improper backend input validation and misplaced reliance on frontend filters. The vulnerability centered on a username field within a target web application. On…
Ascension Faces New Security Incident Involving External Vendor
There has been an official disclosure from Ascension Healthcare, one of the largest non-profit healthcare systems in the United States, that there has been a data breach involving patient information due to a cybersecurity incident linked to a former…
Posture Management Emerges as Strategic Cybersecurity Priority Amid Cloud and Data Fragmentation
Posture management is rapidly evolving into a cornerstone of enterprise cybersecurity as organizations grapple with increasing digital complexity. With infrastructures now sprawling across cloud platforms, identity services, and data environments, the traditional model of siloed risk monitoring is no…
Cybercriminals Stole Thousands of Australians’ Banking Details
Security experts believe that more than 30,000 Australians’ banking details have been compromised online. According to Dvuln, an Australian computer security firm, the exposed data, discovered during the last four years, refers to “multiple major banks”. However, rather than…
Commvault Confirms Cyberattack, Says Customer Backup Data Remains Secure
Commvault, a well-known company that helps other businesses protect and manage their digital data, recently shared that it had experienced a cyberattack. However, the company clarified that none of the backup data it stores for customers was accessed or harmed…
AI Now Writes Up to 30% of Microsoft’s Code, Says CEO Satya Nadella
Artificial intelligence is rapidly reshaping software development at major tech companies, with Microsoft CEO Satya Nadella revealing that between 20% and 30% of code in the company’s repositories is currently generated by AI tools. Speaking during a fireside chat…