Tag: Cyber Security News

A critical security vulnerability in the popular TI WooCommerce Wishlist plugin has left over 100,000 WordPress websites exposed to potential cyberattacks, with security researchers warning of imminent exploitation risks. The vulnerability, designated as CVE-2025-47577 and assigned the maximum CVSS score…

Read more →

Security researchers have uncovered a significant cybercrime operation involving 93.7 billion stolen browser cookies circulating on dark web marketplaces, representing a 74% increase from the previous year’s findings.  The comprehensive analysis, conducted by NordStellar threat exposure management platform, reveals that…

Read more →

As the digital threat landscape intensifies and new technologies reshape business operations, cybersecurity budgeting in 2025 will be significantly transformed. Organizations worldwide are increasing their security spending and rethinking how to allocate resources most effectively to defend against evolving risks…

Read more →

Cybercriminals have increasingly targeted Docusign, the popular electronic signature platform, to orchestrate sophisticated phishing campaigns aimed at stealing corporate credentials and sensitive data. With Docusign claiming 1.6 million customers worldwide, including 95% of Fortune 500 companies and over one billion…

Read more →

A highly coordinated reconnaissance campaign that deployed 251 malicious IP addresses in a single-day operation targeting cloud-based infrastructure.  The attack, which occurred on May 8, 2025, demonstrated unprecedented coordination as threat actors leveraged 75 distinct exposure points to probe vulnerable…

Read more →

A threat actor has allegedly leaked sensitive data belonging to telecommunications giant AT&T, claiming to possess 31 million customer records totaling 3.1GB of information available in both JSON and CSV formats.  The alleged breach was posted on a prominent dark…

Read more →

As the digital threat landscape intensifies and new technologies reshape business operations, cybersecurity budgeting in 2025 will be significantly transformed. Organizations worldwide are increasing their security spending and rethinking how to allocate resources most effectively to defend against evolving risks…

Read more →

A sophisticated cyber campaign has emerged targeting a critical vulnerability in Craft Content Management System, with threat actors successfully deploying cryptocurrency mining malware across compromised servers. The vulnerability, designated CVE-2025-32432, represents a remote code execution flaw that requires no authentication…

Read more →

Zscaler Inc. announced on May 27, 2025, a definitive agreement to acquire Red Canary, a leading Managed Detection and Response (MDR) company, in a strategic move to enhance its AI-powered security operations capabilities.  The acquisition combines Zscaler’s Zero Trust Exchange…

Read more →

MathWorks, the Massachusetts-based developer of the widely used MATLAB programming platform, has confirmed that a ransomware attack severely disrupted its services for over a week, affecting millions of engineers, scientists, and students worldwide.  The company finally disclosed the nature of…

Read more →

An Iranian national has admitted his role in orchestrating one of the most damaging ransomware campaigns against U.S. infrastructure, marking a significant victory in international cybercrime prosecution.  Sina Gholinejad, 37, pleaded guilty Tuesday in North Carolina federal court to charges…

Read more →

A sophisticated cyber campaign dubbed Operation Sindoor has emerged as one of the most significant state-sponsored attacks targeting India’s critical infrastructure in 2025. The operation, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy, launched its initial assault on April 17,…

Read more →

As global supply chains become increasingly complex and digitally interconnected, the risks posed by third-party vendors have moved from background concern to boardroom priority. In 2025, companies face a new reality: supply chain resilience is inseparable from third-party risk management,…

Read more →

Cybercriminals have launched a sophisticated malware campaign using a fake Bitdefender antivirus website to distribute a dangerous trio of malicious programs designed to steal financial data and maintain persistent access to victims’ computers. Security researchers have identified the fraudulent site…

Read more →

As digital threats escalate and technology rapidly evolves, regulatory compliance has become a defining challenge for organizations worldwide. In 2025, new and updated cybersecurity laws are reshaping how businesses protect data, manage risk, and demonstrate accountability. Navigating this complex legal…

Read more →

The digital battleground surrounding the Israel-Gaza conflict has intensified dramatically over the past year, with politically motivated threat actors launching sophisticated campaigns against Israeli organizations and their international partners. Among the most prominent of these groups is Cyber Toufan, an…

Read more →

The digital revolution has brought unprecedented connectivity and innovation, but it has also unleashed a wave of cyber threats that challenge the very fabric of our interconnected world. As organizations race to defend their data and infrastructure, a critical bottleneck…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released a significant Industrial Control Systems (ICS) advisory targeting a memory leak vulnerability in Johnson Controls’ iSTAR Configuration Utility (ICU) Tool, highlighting ongoing security challenges facing critical infrastructure sectors worldwide.  This latest advisory…

Read more →

INE Security, a global cybersecurity training and certification provider, today announced a strategic partnership with RedTeam Hacker Academy through the signing of a Memorandum of Understanding (MoU). This agreement significantly accelerates INE Security’s expansion strategy in the Middle East and…

Read more →

CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and multiple international partners, has released comprehensive guidance to help organizations effectively implement Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR)…

Read more →