Business leaders tend to stay with what they know. It’s familiar, comfy, and—above all—seems trustworthy. However, this comfort zone can be costing us more than they realise when it comes to legacy software systems. Many leaders focus on the…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Microsoft Entra ID Faces Surge in Coordinated Credential-Based Attacks
An extensive account takeover (ATO) campaign targeting Microsoft Entra ID has been identified by cybersecurity experts, exploiting a powerful open-source penetration testing framework known as TeamFiltration. First detected in December 2024, the campaign has accelerated rapidly, compromising more than 80,000…
T-Mobile Denies Involvement After Hackers Claim Massive Customer Data Breach
T-Mobile is once again in the cybersecurity spotlight after a hacking group claimed to have obtained sensitive personal information belonging to 64 million customers. The hackers alleged the data was freshly taken as of June 1, 2025, and listed…
Predator Spyware Campaign Resurfaces With a New Infrastructure
The latest discovery of new Predator spyware-related equipment suggests that the surveillance technology is still finding new clients, despite US penalties imposed on its backers since July 2023. In a report published earlier this month, analysts at Insikt Group…
Fake DeepSeek AI Installers Deliver BrowserVenom Malware
Cybersecurity researchers have released a warning about a sophisticated cyberattack campaign in which users are attempted to access DeepSeek-R1, a widely recognized large language model (LLM), which has been identified as a large language model. Cybercriminals have launched a malicious…
U.S. Homeland Security Reportedly Buys Airline Passenger Data from Private Brokers
In the digital world where personal privacy is increasingly at risk, it has now come to light that the U.S. government has been quietly purchasing airline passenger information without public knowledge. A recent report by Wired revealed that the…
Fake Resumes Become Weapon of Choice for FIN6 Threat Group
The FIN6 cybercrime group, which has been associated with financial breaches in the past, is now launching a sophisticated new campaign targeting corporate recruitment channels. The group, which is known as FIN6 cybercrime, has been associated with high-profile financial…
Smartwatches: New Air-Gapped System Assault Vehicle
A novel assault identified as ‘SmartAttack’ leverages smartwatches as a covert ultrasonic signal receiver to extract data from physically isolated (air-gapped) devices. Air-gapped systems, which are often used in mission-critical environments such as government buildings, weapons platforms, and nuclear…
Trend Micro Patches Critical Remote Code Execution and Authentication Bypass Flaws in Apex Central and PolicyServer
Trend Micro has rolled out essential security updates to address a series of high-impact vulnerabilities discovered in two of its enterprise security solutions: Apex Central and the Endpoint Encryption (TMEE) PolicyServer. These newly disclosed issues, which include critical remote code…
Zoomcar Data Breach Exposes Personal Information of 8.4 Million Users
Zoomcar, a well-known car-sharing platform, recently reported that a cyberattack exposed the personal details of approximately 8.4 million users. The information that was accessed includes users’ names, phone numbers, and vehicle registration details. The company, based in Bengaluru, India,…