Tag: CySecurity News – Latest Information Security and Hacking Incidents

  SIO, an Italian spyware company known for selling surveillance tools to government agencies, has been linked to a series of malicious Android apps designed to mimic WhatsApp and other popular services while secretly stealing private data, TechCrunch has revealed.…

Read more →

  Datadog Security Labs researchers developed a new name confusion attack technique known as whoAMI, which allows threat actors to execute arbitrary code within an Amazon Web Services (AWS) account by uploading an Amazon Machine Image (AMI) with a specified…

Read more →

  Cybercriminals are evolving their tactics, shifting from traditional email-based phishing scams to more sophisticated Android phishing apps. According to the 2025 State of Malware report by Malwarebytes, over 22,800 phishing apps were detected on Android devices in 2024 alone.…

Read more →

  A major hacking incident has hit zkLend, a decentralized lending platform that operates on the Starknet blockchain. The attacker managed to steal about $9.5 million worth of cryptocurrency by exploiting a vulnerability in the system. According to blockchain security…

Read more →

  It is common for cybersecurity criminals to exploit vulnerabilities in Magento to inject an obfuscated script, which has been delivered through Google Tag Manager (GTM), into Magento-based eCommerce platforms, which allows them to intercept and steal credit card information…

Read more →

  Zacks Investment Research reportedly suffered a data breach in 2024, exposing sensitive information from approximately 12 million accounts. The American investment research firm provides data-driven insights through its proprietary stock assessment tool, ‘Zacks Rank,’ assisting investors in making informed…

Read more →

  There has been a significant shift in the Telecom Regulatory Authority of India (TRAI)’s efforts to curb spam calls and unsolicited commercial communications (UCC) as part of its effort to improve consumer protection, as TRAI has introduced stringent regulations.…

Read more →

  An anonymous hacker group called the “puppygirl hacker polycule” recently made headlines by leaking over 8,500 files from Lexipol, a private company that provides training materials and policy manuals for police departments across the United States.  As first reported…

Read more →

  Google is developing a new security feature for Android that prevents users from updating sensitive settings while a phone call is in process. The in-call anti-scammer measures include prohibiting users from enabling settings to install apps from unidentified sources…

Read more →

  A critical security vulnerability in YouTube allowed attackers to uncover the email addresses of any account on the platform. Cybersecurity researchers discovered the flaw and reported it to Google, which promptly fixed the issue. While no known attacks exploited…

Read more →

  There has been a marked change in daily life as a result of the proliferation of IoT devices, and Transforma Insights estimates that 14 billion such devices are connected globally, indicating that this type of technology has profound effects.…

Read more →

  Hackers are increasingly exploiting outdated security flaws in poorly maintained systems, with vulnerabilities from 2022 and 2023 seeing a surge in attacks. According to threat intelligence platform GreyNoise, malicious actors are actively targeting CVE-2022-47945 and CVE-2023-49103, affecting the ThinkPHP…

Read more →

  Samoa’s national cybersecurity office issued an urgent advisory after the Chinese state-sponsored cyber outfit APT40 escalated its attacks on government and critical infrastructure networks across the Pacific.  Samoa’s Computer Emergency Response Team, or SamCERT, has warned that APT40 is…

Read more →

  Sandworm, also known as Russia’s Military Unit 74455 within the GRU, has established itself as one of the most notorious advanced persistent threats (APT). Its cyber operations have included NotPetya, the attack on the 2018 Winter Olympics, and two…

Read more →

  Cyberattacks are undergoing a significant transformation, shifting away from malware-driven methods toward identity exploitation. According to the CrowdStrike 2024 Global Threat Report, three out of four cyberattacks now leverage valid credentials instead of malicious software. This change is fueled…

Read more →

  The debate over Elon Musk’s Department of Government Efficiency continues, with the world’s richest man accused of snooping on some of America’s most sensitive data. The DOGE has been tasked with reducing government spending by a paltry $2 trillion,…

Read more →

  The incidence of cyberattacks globally increased by 125% in 2021 compared to 2020, posing a serious threat to businesses and individuals alike. Phishing continues to be the most prevalent form of cybercrime worldwide and is expected to continue this…

Read more →

  The launch of DeepSeek AI has created waves in the tech world, offering powerful artificial intelligence models at a fraction of the cost compared to established players like OpenAI and Google.  However, its rapid rise in popularity has also…

Read more →

  Your smart home is a technological marvel. However, when camera flaws allow our neighbours to spy on us, smart speakers are manipulated with lasers, robot vacuums are breached to shout obscenities, and entire security systems are compromised by a…

Read more →

  Ransomware groups are adapting their strategies to outsmart stronger cybersecurity defenses and increasing law enforcement pressure, according to the Huntress 2025 Cyber Threat Report. The findings reveal that attackers are moving beyond traditional encryption-based ransomware, instead focusing on data…

Read more →