The cybersecurity landscape is witnessing an alarming trend, Chief Information Security Officers (CISOs) are leaving their positions at unprecedented rates. Nearly half of CISOs globally are expected to change jobs by 2025, with a significant portion quitting entirely due to…
Tag: Cyber Security News
Hackers Allegedly Leaked 1.59 Million Rows of Indian Insurance User’s Sensitive Data
Hackers allegedly claim that a software company based in India was compromised on December 19, 2024, by a hacker identified as @303. The breach exposed approximately 1,590,798 rows of sensitive data, including customer information and administrative credentials. The dataset, initially…
CISOs Respond to Surge in AI-Powered Attacks with Advanced Defense Strategies
The cybersecurity landscape is rapidly evolving as artificial intelligence (AI) becomes both a powerful tool for defense and a formidable weapon for attackers. Cybercriminals are leveraging AI to create more sophisticated, adaptive, and difficult-to-detect attacks, challenging traditional security measures. Chief…
Google Chrome 136 Getting Update with 20-Year-Old Visited Links Privacy Bug Fix
Google Chrome’s version 136, released in April 2025, introduces :visited link partitioning, a revolutionary feature that fix a privacy flaw plaguing the web for over two decades. As the first major browser to implement this robust defense, Chrome ensures users’…
The CISO’s Guide to Managing Ransomware Threats in 2025
Ransomware continues to dominate the threat landscape in 2025, evolving from opportunistic attacks to sophisticated criminal enterprises that operate with business-like efficiency. Recent research confirms ransomware as the top predicted threat this year, with AI-powered variants raising particular concern among…
Hackers Allegedly Selling FortiGate Firewall 0-Day Exploit on Dark Web Forum
A threat actor has reportedly advertised a zero-day exploit targeting Fortinet’s FortiGate firewalls on a prominent dark web forum. The exploit claims to enable unauthenticated remote code execution (RCE) and full configuration access to FortiOS, allowing attackers to seize control…
Hackers Mimic Google Chrome Install Page on Google Play to Deploy Android Malware
Security researchers have uncovered a sophisticated malware campaign targeting Android users through fake Google Chrome installation pages. Cybercriminals have created deceptive websites hosted on newly registered domains that closely mimic the Google Chrome install page on the Google Play Store.…
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. This edition highlights emerging threats and the shifting dynamics of digital defenses. Key topics include advanced ransomware attacks…
Threat Actors Manipulate Search Results to Direct Users to Malicious Websites
The digital landscape has become increasingly perilous as cybercriminals develop sophisticated methods to manipulate search engine results, directing unsuspecting users to malicious websites. This dangerous trend exploits our habitual trust in search engines, where users often click on top results…
RansomHub Ransomware Group Compromised 84 Organization, New Groups Emerging
In a significant development within the cybersecurity landscape, the RansomHub ransomware group has emerged as a major threat in March 2025, successfully compromising 84 organizations globally. This newly prominent threat actor has quickly established itself as one of the most…
HelloKitty Ransomware Resurafced Targeting Windows, Linux, & ESXi Environments
Cybersecurity experts have detected a concerning revival of the HelloKitty ransomware, with new variants actively targeting Windows, Linux, and ESXi environments simultaneously. First observed in October 2020, HelloKitty has evolved from its origins as a DeathRansom ransomware fork, expanding its…
Dangling DNS Attack Let Hackers Gain Control Over Organization’s Subdomain
Cybersecurity experts have identified a growing threat vector where attackers exploit improperly configured or abandoned DNS records to hijack organizational subdomains. These “Dangling DNS” attacks occur when DNS records, particularly canonical name (CNAME) records, point to resources that no longer…
Threat Actors Actively Attacking Semiconductor Companies With 0-Day Exploits
In a concerning development for the global technology supply chain, sophisticated threat actors have launched a coordinated campaign exploiting previously unknown vulnerabilities in critical semiconductor manufacturing systems. These zero-day exploits are enabling attackers to penetrate the networks of leading chip…
Threat Actors Use Email Bombing Attacks to Bypass Security Tools & Hide Activity
Email bombing attacks have emerged as a sophisticated technique in cybercriminals’ arsenals, designed to overwhelm targets’ inboxes while concealing more malicious activities beneath the flood of messages. These attacks involve sending hundreds or thousands of emails to victims within a…
Threat Actors Hijack Legitimate Crypto Packages to Inject Malicious Code
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting cryptocurrency users through compromised npm packages. The attack specifically targets users of Atomic and Exodus wallets, hijacking transactions by injecting malicious code that redirects funds to attacker-controlled addresses. This latest campaign…
Tycoon 2FA Phishing Kit Employs New Evasion Techniques to Bypass Endpoint Detection Systems
Cybersecurity researchers have identified a significant evolution in phishing tactics as the Tycoon 2FA phishing kit implements sophisticated evasion techniques designed to circumvent modern endpoint protection systems. This advanced kit has been observed deploying multiple layers of obfuscation and anti-analysis…
Hackers Actively Exploiting Router Vulnerabilities to Attack Enterprise Networks
A sophisticated campaign targeting enterprise routers has intensified over the past month, with threat actors leveraging previously unknown vulnerabilities to establish persistent access within corporate networks. Security researchers have observed a substantial uptick in attacks specifically targeting network infrastructure devices,…
Chinese eCrime Hacker Group Attacking Users in 120+ Coutries to Steal Banking Credentials
A sophisticated Chinese eCrime group known as “Smishing Triad” has expanded its operations to target organizations and individuals across at least 121 countries worldwide. The group, active since 2023, has systematically targeted multiple industries including postal services, logistics, telecommunications, transportation,…
TROX Stealer Exfiltrate Sensitive Data Including Stored Credit Cards & Browser Credentials
A newly identified malware strain known as TROX Stealer has emerged as a significant threat to consumer data security, leveraging psychological manipulation and technical sophistication to exfiltrate sensitive information. First observed in December 2024 by Sublime Security analysts, this Malware-as-a-Service…
Why CISOs Are Betting Big on AI, Automation & Zero Trust
In today’s fast-paced digital world, Chief Information Security Officers (CISOs) are under immense pressure to protect their organizations from increasingly sophisticated cyber threats. As attack surfaces expand with remote work, cloud adoption, and IoT devices, traditional security models are proving…