In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for all accounts signing in to the Azure portal and related administrative centers. The policy, first introduced in 2024, aims to…
Category: Cyber Security News
Hackers Registering Domains to Launch Cyberattack Targeting 2026 FIFA World Cup Tournament
Security researchers have observed an unprecedented surge in domain registrations in recent months, closely tied to the upcoming 2026 FIFA World Cup tournament. These domains, often masquerading as legitimate ticketing portals, merchandise outlets, or live-stream platforms, serve as precursors to…
Food Delivery Robots Can Be Hacked to Deliver Meals to Your Table Instead of the Intended Customers
You may have seen them in restaurants, cat-faced robots gliding between tables, delivering plates of food. These robots, many of them made by Pudu Robotics, the world’s largest commercial service robotics company, are part of a growing fleet of automated…
Hackers Abuse Legitimate Email Marketing Platforms to Disguise Malicious Links
Cybercriminals are increasingly exploiting legitimate email marketing platforms to launch sophisticated phishing campaigns, leveraging the trusted reputation of these services to bypass security filters and deceive victims. This emerging threat vector represents a significant evolution in phishing tactics, where attackers…
Hackers Leverage Built-in MacOS Protection Features to Deploy Malware
macOS has long been recognized for its robust, integrated security stack, but cybercriminals are finding ways to weaponize these very defenses. Recent incidents show attackers exploit Keychain, SIP, TCC, Gatekeeper, File Quarantine, XProtect, and XProtect Remediator to stealthily deliver malicious…
Salesforce Releases Forensic Investigation Guide Following Chain of Attacks
Salesforce today unveiled its comprehensive Forensic Investigation Guide, equipping organizations with best practices, log analysis techniques, and automation workflows to detect and respond to sophisticated security breaches rapidly. To reconstruct attack timelines and assess data exposure, the guide emphasizes three…
Malicious npm Package Mimics as Popular Nodemailer with Weekly 3.9 Million Downloads to Hijack Crypto Transactions
Security researchers at Socket.dev uncovered a sophisticated supply chain attack in late August 2025 leveraging a malicious npm package named nodejs-smtp, which masquerades as the widely used email library nodemailer, boasting approximately 3.9 million weekly downloads. At first glance, nodejs-smtp…
Windows 11 25H2 Update Preview Released, What’s New?
Microsoft has opened the Release Preview Channel to Windows Insiders for the forthcoming Windows 11, version 25H2 (Build 26200.5074) enablement package (eKB), offering an early look at this year’s annual feature update. Insiders can now opt in via Windows Update’s…
Apple Hints That iPhone 17 Is to Eliminate the Physical SIM Card
Apple appears to be laying the groundwork to remove the physical SIM card slot from its upcoming iPhone 17 models in more countries, with a significant push anticipated across the European Union. The move aligns with the company’s long-term strategy…
AI Waifu RAT Attacking Users With Novel Social Engineering Techniques
A sophisticated malware campaign targeting niche Large Language Model (LLM) role-playing communities has emerged, leveraging advanced social engineering tactics to distribute a dangerous Remote Access Trojan (RAT). The malware, dubbed “AI Waifu RAT” by security researchers, masquerades as an innovative…