Tag: CySecurity News – Latest Information Security and Hacking Incidents

  More than a year after SonicWall released a patch for CVE-2024-40766, a critical vulnerability affecting its next-generation firewalls, attackers linked to the Akira ransomware-as-a-service operation continue to exploit the flaw to breach organizations. Similar to incidents in September 2024…

Read more →

In a world where almost every service depends on digital connections, one type of information underpins much of our daily lives: spatial data. This data links activities to a place and time, revealing not just “where” something happens, but also…

Read more →

  The Indian Cybercrime Coordination Centre (I4C), operating under the Ministry of Home Affairs, has issued a warning about a new and highly sophisticated digital scam that leverages fake eSIM activation to commit financial fraud. Unlike traditional methods of cybercrime…

Read more →

  Researchers in the field of cybersecurity are warning that a sophisticated phishing-as-a-service (PhaaS) platform known as VoidProxy is being used by criminal groups for the purpose of evading widespread security controls and is demonstrating just how far this technology…

Read more →

  U.S. district schools are facing a surge in sophisticated cyberattacks, but districts are pushing back by combining strong fundamentals, people-centered training, state partnerships, and community resilience planning to build cyber safety into everyday culture .  Rising threat landscape  An…

Read more →

Sitecore bug abused Threat actors exploited a zero-day bug in legacy Sitecore deployments to install WeepSteel spying malware.  The bug, tracked as CVE-2025-53690, is a ViewState deserialization flaw caused by the addition of a sample ASP.NET machine key in pre-2017…

Read more →

  Cybercriminals behind ransomware attacks are adopting new intimidation methods to push victims into paying up. In a recent case, the LunaLock ransomware gang has escalated tactics by threatening to sell stolen artwork for AI training datasets. The popular platform…

Read more →

Around a quarter of a billion identity records were left publicly accessible, exposing people located in seven countries- Saudi Arabia, the United Arab Emirates, Canada, Mexico, South Africa, Egypt, and Turkey.  According to experts from Cybernews, three misconfigured servers, registered…

Read more →

  As a striking example of how emerging technologies are used as weapons for deception, a Bengaluru-based woman of 57 was deceived out of Rs 3.75 crore by an AI-generated deepfake video supposedly showing the spiritual leader Sadhguru. The video…

Read more →

  Bridgestone Americas has confirmed it is investigating a cyber incident that disrupted operations at several of its tire manufacturing plants in North America. The company emphasized that its response team contained the issue quickly, limiting the scope of the…

Read more →

  In 2025, the browser has become one of the primary battlefields for cybercriminals. Once considered a simple access point to the internet, it now serves as the main gateway for employees into critical business applications and sensitive data. This…

Read more →

  A 54-year-old resident of Shipra Suncity, Indirapuram, Ghaziabad, fell victim to a sophisticated eSIM fraud that resulted in the loss of ₹18.48 lakh from her bank accounts. Arti Kaul was targeted by cybercriminals who posed as Airtel customer service…

Read more →

  Researchers from UC Davis, Maastricht University, and other institutions have uncovered widespread silent keystroke interception across websites, revealing that many sites collect user typing data before forms are ever submitted. The study examined how third-party scripts capture and share…

Read more →

  Disney has agreed to pay millions of dollars in penalties to resolve allegations brought by the Federal Trade Commission (FTC) that it unlawfully collected personal data from young viewers on YouTube without securing parental consent. Federal law under the…

Read more →

  A recent incident involving the European Commission President’s aircraft has drawn attention to a growing risk in international travel: deliberate interference with satellite navigation systems. The plane, flying into Plovdiv, Bulgaria, temporarily lost its GPS signal due to electronic…

Read more →

  There has been a longstanding reliance on traditional passwords for digital security; however, these days, more advanced methods of authentication are challenging traditional passwords. As there are billions of compromised login credentials circulating on the dark web, Digital Shadows…

Read more →

  BROOMFIELD, Colo. & FOSTER CITY, Calif. – September 9, 2025 – At Google Cloud’s pioneering Security Innovation Forum, Exabeam, a global leader in intelligence and automation that powers security operations, today announced the integration of Google Agentspace and Google…

Read more →

  A concerning cyber incident has shaken Brazil’s financial technology sector after criminals attempted to steal nearly $130 million through the country’s real-time payments network, Pix. The breach was detected on August 29, 2025, when Sinqia S.A., a São Paulo-based…

Read more →

  AI company Anthropic has uncovered alarming evidence that cybercriminals are weaponizing artificial intelligence tools for sophisticated criminal operations. The company’s recent investigation revealed three particularly concerning applications of its Claude AI: large-scale extortion campaigns, fraudulent recruitment schemes linked to…

Read more →

  During this time, when digital resilience has become more important than digital innovation, there is an increasing gap between strengthened defences and the relentless adaptability of cybercriminals, which is becoming increasingly evident as we move into the next decade.…

Read more →

Jaguar Land Rover (JLR), the UK’s largest automaker and a subsidiary of Tata Motors, has confirmed that the recent cyberattack on its systems has not only disrupted global operations but also resulted in a data breach. The company revealed during…

Read more →

  For years, the Android vs. iOS debate has centered around one key argument: freedom of choice. Nothing highlighted this more than sideloading apps. “But iOS is a walled garden. Apple controls what you can and can’t install on your…

Read more →

Two doctors at a Hong Kong public hospital were arrested on charges of accessing computers with dishonest or criminal intent, allegedly involved in a data leak. According to police superintendent Wong Yick-lung, a 57-year-old consultant and a 35-year-old associate consultant…

Read more →

According to SwissBorg, a cryptoexchange platform, $41 million worth of cryptocurrency was stolen from an external wallet used for its SOL earn strategy in a cyberattack that also affected a partner company. The company, which is based in Switzerland, acknowledged…

Read more →

Two doctors at a Hong Kong public hospital were arrested on charges of accessing computers with dishonest or criminal intent, allegedly involved in a data leak. According to police superintendent Wong Yick-lung, a 57-year-old consultant and a 35-year-old associate consultant…

Read more →

  Cybersecurity firm Zscaler has revealed it suffered a data breach after attackers exploited a compromise in Salesloft Drift, an AI-driven Salesforce integration tool. The incident is part of a larger supply-chain attack in which stolen OAuth and refresh tokens…

Read more →

  Q Day represents the theoretical moment when quantum computers become powerful enough to break current cryptographic methods and render existing encryption obsolete. While experts estimate this could occur within 10-15 years, the exact timing remains uncertain since quantum computers…

Read more →

  A new Android malware strain called RatOn has rapidly evolved from a tool limited to NFC relay attacks into a sophisticated remote access trojan with the ability to steal banking credentials, hijack cryptocurrency wallets, and even lock users out…

Read more →

  A hacker has carried out one of the most advanced AI-driven cybercrime operations ever documented, using Anthropic’s Claude chatbot to identify targets, steal sensitive data, and even draft extortion emails, according to a new report from the company.  It…

Read more →

  Having witnessed hybrid work become a long-term reality instead of a temporary response to disruption, organisations are facing a tough question: how to safeguard a workforce that can now operate fluidly across offices, homes, devices, and networks without compromising…

Read more →

VirusTotal has uncovered a sophisticated phishing campaign that uses SVG (Scalable Vector Graphics) files to impersonate Colombia’s judicial system, tricking victims into downloading malware.  The discovery was made possible after the platform’s AI-powered Code Insight feature added support for analyzing…

Read more →

Hospital informs victims about data breach after a year Wayne Memorial Hospital in the US has informed its 163,440 people about a year old data breach in May 2024 that exposed details such as: names, social security numbers, user IDs,…

Read more →

  Meta has announced new artificial intelligence safeguards to protect teenagers following a damaging Reuters investigation that exposed internal company policies allowing inappropriate chatbot interactions with minors. The social media giant is now training its AI systems to avoid flirtatious…

Read more →

  In popular culture, robots have long carried nicknames. Battlestar Galactica called them “toasters,” while Blade Runner used the term “skinjobs.” Now, amid rising tensions over artificial intelligence, a new label has emerged online: “clanker.”  The word, once confined to…

Read more →

  As artificial intelligence becomes part of daily workflows, attackers are exploring new ways to exploit its weaknesses. Recent research has revealed a method where seemingly harmless images uploaded to AI systems can conceal hidden instructions, tricking chatbots into performing…

Read more →

  The debate over technology and privacy is intensifying as Meta prepares to announce a third generation of its Ray-Ban smart glasses, a launch that will hold both excitement and unease in the tech community at the same time. In…

Read more →

  A cyberattack on Hull-based software developer Intradev is rippling across the UK education sector, with staff at the Affinity Learning Partnership warned their personal details may have been compromised.  The trust, which runs seven schools and employs more than…

Read more →

  Wealthy individuals are increasingly becoming prime targets for cybercriminals, driving a surge in demand for personal cybersecurity concierge services among high-net-worth families, wealth managers, and corporate executives. Recent high-profile incidents, including the hacking of Jeff Bezos’ phone through a…

Read more →

  Providing a fresh reminder of the constant threat to widespread communication platforms, WhatsApp has disclosed and patched a vulnerability affecting its iOS and macOS applications. The vulnerability has already been exploited in real-world attacks, according to WhatsApp, which warns…

Read more →

  Salesforce is doubling down on artificial intelligence research to address one of the toughest challenges for enterprises: AI agents that perform well in demonstrations but falter in complex business environments. The company announced three new initiatives this week, including…

Read more →

The EU recently proposed a child sexual abuse (CSAM) scanning bill that is facing backlashes from the opposition. The controversial bill is amid controversy just a few days before the important meeting. On 12 September, the EU Council will share…

Read more →

  Credit and debit cards are now central to daily payments, but they remain vulnerable to fraud. Criminals have developed discreet tools, known as skimmers and shimmers, to steal card information at ATMs, fuel pumps, and retail checkout points. These…

Read more →

  Fitness trackers and smartwatches are increasingly becoming digital witnesses in legal proceedings, with biometric data from Apple Watch, Fitbit, and similar devices now regularly used as evidence in murder, injury, and insurance cases across the country.  Wearables transform into…

Read more →

  Security experts have raised alarms after discovering that a massive collection of Discord data is being offered for sale on underground forums. According to researchers at Cybernews, who reviewed the advertisement, the archive reportedly contains close to two billion…

Read more →

  In the apparent wake of growing threats to consumers’ personal information, credit reporting giant TransUnion has recently announced a cybersecurity incident that exposed personal information from more than 4.4 million Americans. Several regulators and state attorneys general have confirmed…

Read more →

  MathWorks, the company behind MATLAB and Simulink, has confirmed a ransomware attack that disrupted several of its online services and internal systems. The company said the disruption affected services customers use to sign in and manage software, and that…

Read more →

  From first September, Russia’s new state-backed messaging app MAX will come pre-installed on every smartphone and tablet sold in the country, igniting strong concerns over data privacy and state monitoring. Built by VK, the company behind Mail.ru and VKnote,…

Read more →

  From the ongoing war in Ukraine, to instability in the Middle East, and rising tensions in the South China Sea, global conflicts are proving that digital systems are deeply exposed to geopolitical risks. Speaking at London Tech Week, UK…

Read more →

Anthropic announced last week that it will update its terms of service and privacy policy to allow the use of chats for training its AI model “Claude.” Users of all subscription levels- Claude Free, Max, Pro, and Code subscribers- will be impacted…

Read more →

A new term has emerged in the tech industry: “cybersecurity debt.” Similar to technical debt, cybersecurity debt refers to the accumulation of unaddressed security bugs and outdated systems resulting from inadequate investments in cybersecurity services.  Delaying these expenditures can provide…

Read more →

  A security bulletin from Anthropic describes a recent cybercrime campaign in which a threat actor used the company’s Claude AI system to steal data and demand payment. According to Anthropic’s technical report, the attacker targeted at least 17 organizations…

Read more →

  For years, the search engine market has been viewed as a two-player arena dominated by Google, with Microsoft’s Bing as the backup. But a quieter movement is reshaping how people explore the web: privacy-first search engines that promise not…

Read more →

  Once considered a means of safeguarding digital battlefields, artificial intelligence has now become a double-edged sword —a tool that can not only arm defenders but also the adversaries it was supposed to deter, giving them both a tactical advantage…

Read more →

  The technology industry has long promoted passkeys as a safer, phishing-resistant alternative to passwords. Major firms such as Microsoft, Google, Amazon, and Meta are encouraging users to abandon traditional login methods in favor of this approach, which ties account…

Read more →

  The Maryland Transit Administration (MTA), operator of one of the largest multi-modal transit systems in the United States, is currently investigating a ransomware attack that has disrupted its Mobility paratransit service for disabled travelers.  While the agency’s core transit…

Read more →

  A recent investigation by Google’s security researchers has revealed a cyber operation linked to China that is targeting diplomats in Southeast Asia. The group behind the activity, tracked as UNC6384, has been found hijacking web traffic through deceptive Wi-Fi…

Read more →

  The first half of 2025 witnessed more than 8 million distributed denial-of-service (DDoS) attacks worldwide, according to new figures from Netscout. The EMEA region absorbed over 3.2 million incidents, with peak strikes hitting 3.12 Tbps in speed and 1.5…

Read more →

  Security researchers recently identified a piece of malware named PromptLock that uses a local artificial intelligence model to help create and run harmful code on infected machines. The finding comes from ESET researchers and has been reported by multiple…

Read more →

  Microsoft has issued a warning about Storm-0501, a threat actor that has significantly evolved its tactics, moving away from traditional ransomware encryption on devices to targeting cloud environments for data theft, extortion, and cloud-based encryption. Instead of relying on…

Read more →

A ransomware attack is an organization’s worst nightmare. Not only does it harm the confidentiality of the organizations and their customers, but it also drains money and causes damage to the reputation. Defenders have been trying to address this serious…

Read more →

  A whistleblower has alleged that Social Security information belonging to over 300 million Americans was compromised when Department of Government Efficiency (DOGE) personnel uploaded sensitive data to a cloud storage system lacking adequate security oversight. The potentially exposed information…

Read more →

  A massive healthcare data breach has exposed the sensitive information of more than 624,000 individuals, putting Social Security numbers, financial details, and account credentials at risk. The breach targeted Healthcare Services Group Inc. (HSGI), a Pennsylvania-based company that manages…

Read more →

  A recent cyberattack on Salesforce customers has prompted Workiva to disclose a breach linked to a recent wave of attacks, serving as a reminder of the increasing cybersecurity risks faced by global organisations. Workiva provides financial reporting, compliance, and…

Read more →

  Today, in a world where people are increasingly connected, the home wireless network has become an integral part of daily life. It powers everything from remote working to digital banking to entertainment to smart appliances, personal communication, and smart…

Read more →

  A recent cyber incident has brought to light how one weak link in software integrations can expose sensitive business information. Salesloft, a sales automation platform, confirmed that attackers exploited its Drift chat integration with Salesforce to steal tokens that…

Read more →

Chief information security officers (CISOs) are worried about the dangers of a cyberattack, and there is an anxiety due to the material losses of data that organizations have suffered in the past year. According to a report by Proofpoint, the…

Read more →

  Google is preparing to roll out a new security feature in its Messages app that adds another layer of protection against impersonation scams. The update, now available in beta, introduces a QR code system to verify whether the person…

Read more →

  Spotify has introduced an in-app messaging feature called “Messages,” allowing users to share music, podcasts, and audiobooks directly within the app. This new feature aims to make music sharing easier and more social by keeping conversations about content within…

Read more →

Experts have found a malicious npm package that consists of stealthy features to deploy malicious code into pc apps targeting crypto wallets such as Exodus and Atomic.  About the package Termed as “nodejs-smtp,” the package imitates the genuine email library…

Read more →

  In a major cybersecurity incident which has caused major disruption to the operations of Jaguar Land Rover, it highlights the growing vulnerability of automakers across the world to cyberattacks, underlining the increasing need to maintain communication channels between automakers…

Read more →

  Google announced a new step to make Android apps safer: starting next year, developers who distribute apps to certified Android phones and tablets, even outside Google Play, will need to verify their legal identity. The change ties every app…

Read more →

  Data I/O, a leading manufacturer specializing in device programming and security provisioning solutions, experienced a major ransomware attack in August 2025 that crippled core operations and raised industry-wide concerns about supply chain vulnerabilities in the technology sector. The attack,…

Read more →

  Researchers have uncovered a malicious Go package disguised as an SSH brute-force tool that secretly collects and transmits stolen credentials to an attacker-controlled Telegram bot. The package, named golang-random-ip-ssh-bruteforce, first appeared on June 24, 2022, and was linked to…

Read more →

  Zscaler has confirmed that it is among the latest organizations to be impacted by a major supply chain attack exploiting the Salesloft Drift application, which integrates with Salesforce.  According to the company, attackers managed to steal OAuth tokens tied…

Read more →

In today’s digital world, most of our digital life is connected to our phone numbers, so keeping them safe becomes a necessity. Sad news: hackers don’t need your phone to access your number.  What is SIM swapping? Also known as…

Read more →

  Enterprises are preparing to expand their cloud investments, even as many remain dissatisfied with the financial returns of recent technology deployments, according to a new report from Unisys. The study, which surveyed 1,000 C-suite and IT executives across eight…

Read more →

  A Kochi-based pharmaceutical company owner has suffered a loss of ₹25 crore in what is being described as the largest single-person cyber fraud case in India.  The incident involved a sophisticated online trading scam, executed through a fake trading…

Read more →

  The rapid rise of 3D printing has transformed manufacturing, offering efficient ways to produce tools, spare parts, and even art. But the same technology has also enabled the creation of “ghost guns” — firearms built outside regulated systems and…

Read more →

For years, password managers have been promoted as one of the safest ways to store and manage login details. They keep everything in one place, help generate strong credentials, and protect against weak or reused passwords. But new research has…

Read more →

  Ransomware is one of the most persistent threats in the evolving landscape of cybercrime, but its escalation in 2024 has marked an extremely alarming turning point. Infiltrating hospitals, financial institutions, and even government agencies in a manner that has…

Read more →

  Researchers have unveiled a new type of cyberattack that can steal sensitive user data by embedding hidden prompts inside images processed by AI platforms. These malicious instructions remain invisible to the human eye but become detectable once the images…

Read more →

  Across the internet, the question of proving age is no longer optional, it’s becoming a requirement. Governments are tightening rules to keep children away from harmful content, and platforms are under pressure to comply.  From social media apps and…

Read more →

“Think before you click”: Microsoft warns all Windows PC users and as well as macOS users, from a series of attacks that are “targeting thousands of enterprise and end-user devices globally every day.” The scripts deploy malware on these devices,…

Read more →

  Cybersecurity has emerged as the biggest threat to modern enterprises, yet most organizations remain far from prepared to handle it. Business leaders are aware of the risks — financial losses, reputational harm, and operational disruptions but awareness has not…

Read more →

  Hertz is facing scrutiny from U.S. lawmakers over its use of AI-powered vehicle scanners to detect damage on rental cars, following growing reports of customer complaints. In a letter to Hertz CEO Gil West, the House Oversight Subcommittee on…

Read more →

  Transparent Tribe, a cyber-espionage group believed to originate from Pakistan and also known as APT36, has stepped up its attacks on Indian government entities by using malicious desktop shortcuts designed to compromise both Windows and BOSS Linux systems.  The…

Read more →

  It is the case of a Chinese-born software developer who has been sentenced to four years in federal prison after hacking into the internal systems of his former employer, in a stark warning of the dangers of insider threats…

Read more →

  India has become the world’s most-targeted nation for malware, according to the latest report by cybersecurity firm Acronis, which highlights how artificial intelligence is fueling a sharp increase in ransomware and phishing activity. The findings come from the company’s…

Read more →

  The Pakistani threat group APT36 has launched new cyber-espionage attacks targeting India’s government and defense sectors by abusing Linux .desktop files to deploy malware. According to recent reports from CYFIRMA and CloudSEK, the campaign—first detected on August 1, 2025—is…

Read more →

Security experts have identified a new kind of cyber attack that hides instructions inside ordinary pictures. These commands do not appear in the full image but become visible only when the photo is automatically resized by artificial intelligence (AI) systems.…

Read more →

  RevaUlt, a company marketing itself on advanced endpoint protection and next-generation SOC capabilities, recently suffered a severe security breach. The attackers penetrated its internal environment, exploiting vulnerabilities in the architecture used for their supposed secure SOC platform.  The compromise…

Read more →

Verizon has faced challenges in recent months. They have faced mounting criticism for a number of controversial decisions that have left many of their long-time subscribers wondering why they still belong to Verizon.  When Verizon eliminated customer loyalty discounts and…

Read more →

  Cybersecurity researchers have unearthed a new Mac-targeting malware called Shamos that deceives users through fake troubleshooting guides and repair solutions. This information-stealing malware, developed by the cybercriminal organization “COOKIE SPIDER,” represents a variant of the previously known Atomic macOS…

Read more →

  Security researchers are warning users against relying on free VPN services after uncovering alarming surveillance practices linked to a popular Chrome extension. The extension in question, FreeVPN.One, has been downloaded over 100,000 times from the Chrome Web Store and…

Read more →

 Healthcare Faces Growing Cyber Threats A ransomware attack that affected nearly 2.7 million patients has been confirmed by kidney care giant DaVita, revealing that one of the most significant cyberattacks of the year has taken place. There are over 2,600…

Read more →

Nissan’s Tokyo-based design subsidiary, Creative Box Inc. (CBI), has launched an investigation into a cyberattack after a ransomware group claimed to have stolen a large cache of internal files. The company confirmed that some design data has been compromised but…

Read more →

UK-based telecommunications provider Colt Technology Services has confirmed that sensitive customer-related documentation was stolen in a recent ransomware incident. The company initially disclosed on August 12 that it had suffered a cyberattack, but this marks the first confirmation that data…

Read more →

  A sophisticated phishing campaign is targeting job seekers with fake Netflix job offers designed to steal Facebook login credentials. The scam specifically focuses on marketing and social media professionals who may have access to corporate Facebook business accounts.  Modus…

Read more →

  A recent cyberattack on TPG Telecom has reignited concerns about how safe personal information really is in the hands of major companies. What the provider initially downplayed as a “limited” incident has in fact left hundreds of thousands of…

Read more →

  In recent decades, artificial intelligence has radically changed the way software is created, tested, and deployed, bringing about a significant shift in software development history. Originally, it was only a simple autocomplete function, but it has evolved into a…

Read more →