Tag: Cyber Security News

Google announced today it blocked a record 2.28 million policy-violating apps from entering the Play Store in 2023, leveraging advanced machine learning, stricter developer vetting, and cross-industry collaborations to combat evolving cyberthreats.  The milestone underscores efforts to uphold its SAFE…

Read more →

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden…

Read more →

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden…

Read more →

A sophisticated cyber campaign orchestrated by the threat group TAG-124 has compromised over 1,000 WordPress websites to deploy malicious payloads. The operation leverages a multi-layered Traffic Distribution System (TDS) to infect users with malware, demonstrating advanced evasion tactics and infrastructure…

Read more →

Cybersecurity researchers have uncovered a sophisticated campaign leveraging GitHub’s trusted release infrastructure to distribute the Lumma Stealer malware. This information-stealing malware, part of a growing trend of cybercriminals abusing legitimate platforms, poses significant risks by exfiltrating sensitive data and deploying…

Read more →

The New York Blood Center Enterprises (NYBC), a vital organization responsible for supplying blood and blood products to hospitals across the region, has fallen victim to a ransomware attack. The incident has significantly disrupted its IT systems, forcing the organization…

Read more →

The rapid rise of DeepSeek, a Chinese artificial intelligence (AI) company, has not only disrupted the AI industry but also attracted the attention of cybercriminals. As its AI Assistant app became the most downloaded free app on the iOS App…

Read more →

Researchers have uncovered two critical vulnerabilities in GitHub Copilot, Microsoft’s AI-powered coding assistant, that expose systemic weaknesses in enterprise AI tools.  The flaws—dubbed “Affirmation Jailbreak” and “Proxy Hijack”—allow attackers to bypass ethical safeguards, manipulate model behavior, and even hijack access…

Read more →

A new wave of cyberattacks leveraging the Coyote Banking Trojan has been identified, targeting financial institutions in Brazil. This sophisticated malware employs malicious Windows LNK (shortcut) files as an entry point to execute PowerShell scripts, enabling multi-stage infection chains that…

Read more →

Cisco’s Webex Chat (formerly known as IMI Chat) was found to have a significant security flaw that exposed the sensitive chat histories of hundreds to thousands of organizations. The exploit allowed unauthorized attackers to access millions of live customer support…

Read more →

A critical cybersecurity vulnerability has been uncovered in Contec CMS8000 patient monitors, revealing embedded malware that poses significant risks to patient safety and data security. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that the devices include a backdoor…

Read more →

In a law enforcement operation dubbed “Operation Talent,” an international coalition of law enforcement agencies led by Germany’s Bundeskriminalamt (BKA) and Europol has dismantled two of the world’s largest cybercrime forums: Cracked.io and Nulled.to. These platforms, which collectively hosted over…

Read more →

A critical unauthenticated Remote Code Execution (RCE) vulnerability has been affecting DSL-3788 routers, allowing attackers to acquire complete control over the router remotely. The flaw has been detected in firmware versions v1.01R1B036_EU_EN and below. This vulnerability was reported by Max…

Read more →

A significant extension of Microsoft’s Microsoft 365 (M365) Bounty Program has been announced. The program now includes new Viva products under its scope for identifying vulnerabilities, with rewards reaching up to $27,000 for critical submissions.  This update underscores Microsoft’s commitment…

Read more →

Broadcom has addressed multiple vulnerabilities in its VMware Aria Operations for Logs and VMware Aria Operations products.  These vulnerabilities, identified as CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221, and CVE-2025-22222, pose significant risks, including unauthorized access to sensitive data and privilege escalation.  The…

Read more →

James Forshaw of Google Project Zero has shed light on a significant security vulnerability in Windows related to accessing trapped COM objects through the IDispatch interface. This research highlights an intriguing bug class that exploits cross-process communication features in object-oriented…

Read more →

Recent revelations have exposed critical vulnerabilities in DeepSeek’s large language models (LLMs), particularly DeepSeek-R1, through advanced jailbreaking techniques. These exploits, including “Bad Likert Judge,” “Crescendo,” and “Deceptive Delight,” have demonstrated the ease with which malicious actors can bypass safety measures…

Read more →

In a recent disclosure to the stock exchanges, Tata Technologies Limited announced that it has been the victim of a ransomware attack affecting some of its IT assets. Tata Technologies, headquartered in Pune, India, is a subsidiary of the Tata…

Read more →

A new jailbreak vulnerability in OpenAI’s ChatGPT-4o, dubbed “Time Bandit,” has been exploited to bypass the chatbot’s built-in safety functions. This vulnerability allows attackers to manipulate the chatbot into producing illicit or dangerous content, including instructions for malware creation, phishing…

Read more →

The Tor Project, a renowned organization dedicated to online privacy and anonymity, has fallen victim to a cyberattack. On January 30, 2025, the group’s official X (formerly Twitter) account was compromised and used to promote a fraudulent cryptocurrency scheme. The…

Read more →