Category: CySecurity News – Latest Information Security and Hacking Incidents

  If your phone has started behaving in ways you cannot explain, such as draining power unusually fast, heating up during minimal use, crashing, or displaying unfamiliar apps, it may be more than a routine technical fault. In some cases,…

Read more →

  Years of relying on users to report privacy issues have shaped Google’s approach so far. Lately, automated tools began taking a bigger role in spotting private details online. One shift involves how quickly artificial visuals get flagged across search…

Read more →

Increasingly, enterprise networks are characterized by tools designed to enhance visibility and oversight applications purchased in the name of enhancing productivity, compliance, and efficiency. However, the same software entrusted with safeguarding workflow transparency is currently being quietly redirected toward far…

Read more →

  Claude Code, the coding assistant developed by Anthropic, is in the news after three major vulnerabilities were discovered, which can allow remote code execution and the theft of API keys if the developer opens an untrusted project. The vulnerabilities,…

Read more →

  Google on Wednesday revealed that it collaborated with industry partners to dismantle the digital infrastructure of a suspected China-aligned cyber espionage group known as UNC2814, which compromised at least 53 organizations spanning 42 countries. “This prolific, elusive actor has…

Read more →

For the first time in India’s digital governance landscape, the Union government has formally placed artificial intelligence-generated content within an enforceable regulatory framework, including deepfake videos, synthetic audio fabrications, and digitally altered visuals. It has been announced through a Gazette…

Read more →

  North Korean hackers, tracked as UNC1069 by Google’s Mandiant, have deployed sophisticated new macOS malware in targeted cryptocurrency theft campaigns. These attacks leverage AI-generated deepfake videos and social engineering via Telegram to trick victims into executing malicious commands. The…

Read more →

  A fresh wave of digital intrusions, tied to Russian operatives known as APT28, emerges through findings uncovered by S2 Grupo’s LAB52 analysts. Throughout late 2025 into early 2026, these efforts quietly unfolded across Western and Central European institutions. Dubbed…

Read more →

  A now-patched security weakness in GitHub Codespaces revealed how artificial intelligence tools embedded in developer environments can be manipulated to expose sensitive credentials. The issue, discovered by cloud security firm Orca Security and named RoguePilot, involved GitHub Copilot, the…

Read more →

  As organizations build and host their own Large Language Models, they also create a network of supporting services and APIs to keep those systems running. The growing danger does not usually originate from the model’s intelligence itself, but from…

Read more →

  A critical security vulnerability is threatening millions of users of popular web browsers including Google Chrome, Apple Safari, and Microsoft Edge. Security researchers have uncovered a sophisticated exploit that allows attackers to hijack sessions and steal sensitive data directly…

Read more →

  A huge glitch at Bithumb, South Korea’s second-biggest digital currency platform, triggered chaos when users suddenly found themselves holding vast quantities of bitcoin due to a flawed promotion. Instead of issuing minor monetary rewards, a technical oversight allowed 620,000…

Read more →

  It is widely recognized that mobile devices serve as modern life vaults, containing conversations, credentials, financial records, and fragments of professional strategy behind polished glass screens. But this sense of contained security is increasingly being tested. A new cross-platform…

Read more →

  As artificial intelligence becomes embedded in daily business functions, concerns are growing over whether the workforce is adequately prepared to manage its risks and responsibilities. EC-Council has announced the launch of four new AI-focused certifications along with an updated…

Read more →

  PayPal has informed customers about a data exposure incident caused by a software error in its loan application platform, which left sensitive personal information visible for nearly six months in 2025. The issue involved the company’s PayPal Working Capital…

Read more →

  Cybercrime sophistication is no longer primarily determined by technical mastery but by the ability to industrialize opportunities as well. An anonymous, Russian-speaking threat actor quietly orchestrated a campaign over five weeks ago that compromised more than 600 FortiGate devices…

Read more →

  A fresh wave of state-backed hacking targeted vital systems more aggressively over the past twelve months, as newer collectives appeared while long-known teams kept their campaigns running, per Dragos’ latest yearly analysis. Operating underground until now, three distinct gangs…

Read more →

  Anthropic has introduced Claude Code Security, a new AI-powered capability in its Claude Code assistant that promises to raise the bar for software security by scanning entire codebases for vulnerabilities and suggesting human-reviewed patches. The feature is currently rolling…

Read more →

  Cybersecurity investigators are warning that the threat actor widely tracked as Volt Typhoon may still have hidden access inside segments of U.S. critical infrastructure, and some compromises could remain undiscovered permanently. For nearly three years, U.S. military and federal…

Read more →

  A flaw in the better-auth authentication library could let attackers take over user accounts without logging in. The issue affects the API keys plugin and allows unauthenticated actors to generate privileged API keys for any user by abusing weak…

Read more →