A security researcher has uncovered a weakness in a Lenovo-signed Windows driver that could allow attackers to disable antivirus and endpoint security tools, potentially weakening a system’s defenses before carrying out additional malicious activity. The finding involves BootRepair.sys, a…
Category: CySecurity News – Latest Information Security and Hacking Incidents
UK Visa Application Service Left More Than 100,000 Identity Documents Accessible Online
A private visa assistance website used by travelers seeking permission to enter the United Kingdom left a large collection of customer records accessible online, exposing passport copies, identity verification photographs, and location information linked to applicants. The website, known…
Fake Digital Arrest Racket Cheats Bengaluru Woman of Rs 24 Crore
Using cyber technology, an impersonation racket for high-net-worth individuals in India has been exposed as a sophisticated scam in the form of a so-called “digital arrest.” A network of fraudsters posing as officials from central investigation agencies has allegedly…
Russian State-sponsored Hackers Attack Ukraine, Exploit WinRAR to Install Malware
The Russian Hacking group called Gamaredon has been linked to the constant hack of a WinRar bug to install a few malware strains aiming to propagate and steal data. According to Sekoia, the attack consists of exploiting the bug CVE-2025-8088,…
AI-Generated Fake Citations Surge Across Scientific Papers and Peer-Reviewed Journals
Surprising numbers of made-up sources now show up in research articles, thanks to artificial intelligence. Instead of slowing down, the problem grew fast – around 150,000 false references slipped into academic work just in 2025 alone. While some stay…
RAF Jet Carrying UK Defence Secretary John Healey Has Signal Jammed Near Russia Border
An RAF jet carrying UK Defence Secretary John Healey experienced signal jamming near the Russian border earlier this week, highlighting the growing security risks faced by military and government flights operating close to tense front lines. The incident took…
Online Shopping Red Flags That Could Signal Fraud and Financial Scams
Shopping online offers convenience and savings, but it also comes with risks. Fraudsters use fake deals, deceptive websites, and misleading advertisements to target consumers. Despite growing awareness, online shopping scams remain widespread. Recognizing warning signs early can help prevent…
Megalodon Malware Backdoors 5,500+ GitHub Repos in 6-Hour Supply-Chain Attack
On May 18, 2026, a massive automated supply-chain attack codenamed Megalodon struck GitHub, injecting malicious CI/CD backdoors into more than 5,500 repositories in under six hours. Security firm SafeDep discovered the campaign, which pushed 5,718 malicious commits to 5,561…
Anthropic’s Mythos Preview Detects Over 10,000 Software Bugs in Project Glassing
Recently, Anthropic disclosed that its Project Glasswing initiative found over 10,000 critical or high vulnerabilities in system software in its first month of operation. Claude Mythos Preview finds bugs Claude and 50 other partners deployed Claude Mythos Preview to find…
U.S. Lawmakers Press Telecom Providers for More Action Against Growing Scam Epidemic
A congressional committee is seeking answers from some of the largest telecommunications providers in the United States as financial losses linked to scams continue to rise across the country. The inquiry comes from the Joint Economic Committee, whose leadership…
First VPN Service Taken Offline Following Ransomware and Data Theft Investigation
Cybercrime has become increasingly challenging as efforts to disrupt it have shifted beyond the threat actors themselves towards the infrastructure that enables them to operate at scale have increased. First VPN has been dismantled in a significant enforcement action…
TeamPCP’s Supply Chain Campaign Raises Fresh Concerns Over Open-Source Software Security
A cybercrime group known as TeamPCP has been linked to an expanding series of software supply chain attacks that researchers say have affected hundreds of organizations, with GitHub becoming the latest high-profile name connected to the campaign. GitHub recently…
Bengaluru Developer’s Viral AI Tool Shows the Power of One Click Decisions
As artificial intelligence continues to transform software development workflows and corporate staffing strategies, discussions regarding automation-driven job displacement have gained increasing prominence across the technology sector. Against this backdrop, a Bengaluru software engineer has captured widespread attention online with…
Media Regulators Call Out Youtube, TikTok for Ignoring Child Safety
According to a report by Ofcom, YouTube and TikTok have failed to implement steps to safeguard British children from harmful online content. Data suggests widespread exposure to underage kids on these platforms. TikTok, YouTube ignoring child safety Ofcom media regulators…
MAPO Token Crashes 96% After Cross-Chain Bridge Exploit Triggers Massive Unauthorized Mint
A major shock hit cryptocurrency markets when the MAPO token crashed nearly 96% after a vulnerability in the Butter Network cross-chain bridge was exploited. The attacker created an enormous number of unauthorized tokens, flooding the market with supply far…
CLARITY Act Explained: How the 2025 U.S. Crypto Bill Ends a Decade of Regulatory Chaos
For over a decade, the U.S. cryptocurrency industry has faced crippling regulatory uncertainty, with the SEC and CFTC locked in a bureaucratic tug-of-war over jurisdiction. The CLARITY Act (Digital Asset Market Clarity Act of 2025) is Washington’s most serious…
Ukrainian Cyber Police Uncover Alleged Infostealer Operation Linked to 18-Year-Old Suspect
Ukrainian cyber police, in collaboration with U.S. law enforcement agencies, have identified an 18-year-old resident of Odesa who is suspected of operating an infostealer malware campaign that targeted customers of a California-based online retailer. Authorities allege that between 2024…
GitHub Repo Breach Traced to TanStack NPM Supply-Chain Attack
GitHub has confirmed that a breach of its internal repositories is directly linked to the TanStack npm supply-chain attack, demonstrating how a single compromised developer tool can cascade into a major security incident. The company stated that the intrusion…
UK Post Office Awards £410 Million Contracts to Replace Horizon System After Long-Running Scandal
Now beginning its largest tech overhaul yet, the UK Post Office handed out £410 million in contracts to Accenture and OneView Commerce. This shift follows years of public scrutiny tied to the flawed Horizon system. Known for fueling a…
WordPress Plugin Security Failure Opens Door to Payment Data Theft
Cybercriminals have been actively exploiting a critical flaw in the widely deployed Funnel Builder plugin in order to harvest customer payment information during online transactions in a newly uncovered attack campaign, once again highlighting the security risks that face…