Category: CySecurity News – Latest Information Security and Hacking Incidents

EncryptHub is an infamous threat actor responsible for breaches at 618 organizations. The hacker reported two Windows zero-day flaws to Microsoft, exposing a conflicted figure that blurs the lines between cybercrime and security research.  The reported flaws are CVE-2025-24061 (Mark…

Read more →

The threat of payment fraud is growing rapidly, fueled by the widespread use of digital transactions and evolving cyber tactics. At its core, payment fraud refers to the unauthorized use of someone’s financial information to make illicit transactions. Criminals are…

Read more →

  A critical vulnerability tracked as CVE-2024-20439 has placed Cisco’s Smart Licensing Utility (CSLU) in the spotlight after cybersecurity researchers observed active exploitation attempts. The flaw, which involves an undocumented static administrative credential, could allow unauthenticated attackers to remotely access…

Read more →

  Whatsapp for Windows has been recently revealed to have a critical security vulnerability known as CVE-2025-30401. This vulnerability has raised serious concerns within the cybersecurity community since it has been identified. The high severity of this vulnerability affects desktop…

Read more →

Security researchers are sounding the alarm on a looming global wave of smishing attacks, warning that a powerful phishing-as-a-service (PhaaS) platform named Lucid—run by Chinese-speaking threat actors—is enabling cybercriminals to scale operations across 88 countries.  According to threat intelligence firm…

Read more →

  In today’s digital-first economy, technology is a vital part of every business, from small local operations to international corporations. However, the growing reliance on tech also brings significant risks. With over half of global businesses reportedly suffering financial losses…

Read more →

  Yoojo, a European service marketplace, accidentally left a cloud storage bucket unprotected online, exposing around 14.5 million files, including highly sensitive user data. The data breach was uncovered by Cybernews researchers, who immediately informed the company. Following the alert,…

Read more →

  Ukrainian forces are installing malware into their drones as a new tactic in their ongoing war with Russia. This development adds a cyber warfare layer to a battlefield that has already been impacted by drone technology, Forbes reported.  Russian…

Read more →

  A hacker who goes by the name “Rose87168” is claiming to have broken into Oracle Cloud systems and is now threatening to release or sell the data unless their demands are met. According to security researchers, this person says…

Read more →

Researchers at Netskope Threat Labs have found a new malicious campaign that uses tricky tactics to distribute the Legion Loader malware. The campaign uses fake CAPTCHAs and CloudFlare Turnstile to trap targets into downloading malware that leads to the installation…

Read more →

  A series of targeted attacks involving DragonForce, a ransomware group that has reportedly been operating in the Middle East and North Africa region (MENA) are reported to have been launched against companies in the Kingdom of Saudi Arabia (KSA)…

Read more →

  Google has begun the phased rollout of a new end-to-end encryption (E2EE) system for Gmail enterprise users, simplifying the process of sending encrypted emails across different platforms. While businesses could previously adopt the S/MIME (Secure/Multipurpose Internet Mail Extensions) protocol…

Read more →

  Oracle Corporation has warned customers of a second cybersecurity incident in the last month, according to Bloomberg News. A hacker infiltrated an older Oracle system and stole login credentials from client accounts, some of which date back as recently…

Read more →

  For years, CAPTCHAs have been a familiar online hurdle—click a box, identify a few blurry images, and prove you’re human. They’ve long served as digital gatekeepers to help websites filter out bots and protect against abuse. But now, cybercriminals…

Read more →

  A potentially massive data breach has reportedly compromised Elon Musk’s social media platform X, previously known as Twitter, raising significant privacy concerns for millions of users. Cybersecurity researchers from SafetyDetectives discovered a troubling post over the weekend on BreachForums,…

Read more →

Google (GOOGL) and Apple (AAPL) are under harsh scrutiny after a recent report disclosed that their app stores host VPN applications associated with a Chinese cybersecurity firm, Qihoo 360. The U.S government has blacklisted the firm. The Financial Times reports…

Read more →

  There has been a significant increase in counterfeit Android smartphones in recent years. Recently, cybersecurity investigations have revealed a concern about counterfeit Android smartphones. These unauthorized replicas of popular mobile devices, which are being widely circulated and are pre-loaded…

Read more →

  Google is taking major steps to make browsing the web safer. As the company behind Chrome, the most widely used internet browser, Google’s decisions shape how people all over the world experience the internet. Now, the company has announced…

Read more →

  A new cyberattack campaign is targeting Zoom users by disguising ransomware as the popular video conferencing tool, according to Cybernews. Researchers from DFIR have uncovered a scheme by the BlackSuit ransomware gang, which uses deceptive websites to distribute malicious…

Read more →

  The North Korean threat actors behind the ongoing Contagious Interview campaign are expanding their tentacles on the npm ecosystem by distributing more malicious packages including the BeaverTail malware and a new remote access trojan (RAT) loader.  “These latest samples…

Read more →