MyPillow, a Minnesota-based bedding manufacturer founded by Mike Lindell, has been targeted by a ransomware group. This adds the company to a growing list of organizations that are currently under cyber extortion threats. As a result of the unauthorized…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
Nottingham Attacks Survivors Left Out in Data Breach Inquiry as NHS Trust Apologizes
Nottingham University Hospitals NHS Trust has issued an apology after a public inquiry revealed that survivors of the Nottingham attacks were not properly considered when a major data breach investigation began. Medical director Manjeet Shehmar acknowledged that the trust’s…
Trump Mobile Data Leak Exposes Customer Information as Questions Grow Around T1 Smartphone
Following confirmation by Trump Mobile, fresh attention has turned toward the company over a breach affecting its T1 smartphone users. Sensitive data – such as contact numbers, residential locations, emails, and additional private records – appeared publicly online, sources…
FROST Attack: Websites Can Now Spy on Users Via SSDs
Websites have always tried to spy on user activity through browsing histories, mouse clicks and keystrokes, and device fingerprints. Even Yandex and Meta were caught spying on users recently. Hackers exploiting SSDs These days, hackers are exploiting SSDs to spy…
Android Spyware ‘Asin’ Uses Fake News and Utility Apps to Target Arabic-Speaking Users
Researchers at ESET have identified a previously undocumented Android spyware strain called Asin that is being distributed through fraudulent websites aimed at Arabic-speaking users. According to the security company, the activity was first observed in early 2025 and involved several…
Microsoft Adds Automated Endpoint Isolation to Strengthen Cyber Defense
Microsoft is advancing its automated cyber defence strategy with the release of Microsoft Defender for Endpoints, which is capable of isolating compromised devices as soon as malicious activity is detected. The feature was introduced as a preview and has been…
Carnival Confirms Breach Affecting Nearly 6 Million Travelers
Carnival Cruise has confirmed a significant data breach that affected nearly 6 million people, exposing a wide range of personal information after attackers gained access to part of its IT systems through social engineering. The company began notifying 5,995,277…
Hackers Use Phone Location Data to Attack US Military Personnel
Threat actors are targeting U.S. military personnel deployed in active war zones, exploiting commercially available location data. This shows how the global surveillance economy (digital targeted advertising) affects battlefield security. Location data exposing military location The US Central Command (Centcom)…
Google Employee Charged After Allegedly Using Confidential Search Data to Win $1.2 Million on Polymarket
A person working at Google stands charged with misusing private internal data to make winning predictions online – profits reportedly surpassing $1.2 million. In Manhattan, federal authorities say access to unreleased insights about what people search was leveraged improperly;…
Researchers Show How Android Notifications Could Be Used to Manipulate Google Gemini
Security researchers have disclosed a now-remediated flaw that could have allowed specially crafted notifications from common messaging and social networking applications to influence the behavior of Google Gemini on Android devices. The research was conducted by SafeBreach researcher Or…
GTA 6 Pre-Order Hype Triggers Wave of Scams and Malware Attacks on Fans
The excitement around Grand Theft Auto 6 is creating a fresh opportunity for online scammers and hackers. As users search for pre-order news, fake offers are beginning to appear across websites, social platforms, and shady download pages, all designed…
AI Cybersecurity Tools Raise Questions About the Future of Ethical Hacking Competitions
Surprisingly, artificial intelligence is changing cybersecurity faster than expected. Some elite ethical hackers now wonder whether human-driven hacking contests will stay relevant much longer. Momentum built around this idea when someone prominent at Pwn2Own this year pointed to advanced…
Shadow Brokers Mystery Remains One of Cybersecurity’s Biggest Unsolved Cases
dThe world of cybersecurity has witnessed countless data breaches and hacking incidents over the years, many of which remain unresolved despite extensive investigations. While several notorious cybercriminal groups and state-backed hacking operations have eventually been exposed, some of the…
Hackers Exploit KnowledgeDeliver Bug to Install Web Shells
Threat actors abused a critical zero-day bug in a server that ran a KnowledgeDeliver LMS to install the Godzilla. The bug is a deserialization problem tracked as CVE-2026-5426 and can be abused without verification. It originates from the use of…
The Growing Threat of AI-Driven Exploitation in Vulnerability Management
In vulnerability management programs, it has been assumed that defenders will have adequate time to evaluate newly disclosed flaws, prioritize remediation efforts, and deploy patches prior to large-scale exploitations occurring. This assumption is rapidly becoming obsolete. Artificial intelligence is…
Signed Lenovo Driver Could Be Misused to Shut Down Security Software, Researcher Warns
A security researcher has uncovered a weakness in a Lenovo-signed Windows driver that could allow attackers to disable antivirus and endpoint security tools, potentially weakening a system’s defenses before carrying out additional malicious activity. The finding involves BootRepair.sys, a…
UK Visa Application Service Left More Than 100,000 Identity Documents Accessible Online
A private visa assistance website used by travelers seeking permission to enter the United Kingdom left a large collection of customer records accessible online, exposing passport copies, identity verification photographs, and location information linked to applicants. The website, known…
Fake Digital Arrest Racket Cheats Bengaluru Woman of Rs 24 Crore
Using cyber technology, an impersonation racket for high-net-worth individuals in India has been exposed as a sophisticated scam in the form of a so-called “digital arrest.” A network of fraudsters posing as officials from central investigation agencies has allegedly…
Russian State-sponsored Hackers Attack Ukraine, Exploit WinRAR to Install Malware
The Russian Hacking group called Gamaredon has been linked to the constant hack of a WinRar bug to install a few malware strains aiming to propagate and steal data. According to Sekoia, the attack consists of exploiting the bug CVE-2025-8088,…
AI-Generated Fake Citations Surge Across Scientific Papers and Peer-Reviewed Journals
Surprising numbers of made-up sources now show up in research articles, thanks to artificial intelligence. Instead of slowing down, the problem grew fast – around 150,000 false references slipped into academic work just in 2025 alone. While some stay…