A newly discovered cyberattack is targeting WordPress websites by using a plugin that pretends to improve security but actually opens a backdoor for criminals. This fake plugin secretly gives attackers full control of affected sites. How the Infection Begins…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Push-Bombing: The Silent Threat Undermining Multi-Factor Authentication
In the ever-evolving landscape of cybersecurity, Multi-Factor Authentication (MFA) has emerged as a robust defense mechanism, adding layers of security beyond traditional passwords. However, a deceptive tactic known as “push-bombing” is undermining this very safeguard, posing significant risks to…
FBI Shares Details of 42,000 LabHost Phishing Domains
The LabHost cybercrime platform, one of the biggest worldwide phishing-as-a-service (PhaaS) platforms, was shut down in April 2024, but the FBI has disclosed 42,000 phishing domains associated with it. In order to raise awareness and offer signs of compromise,…
Approaches Users Can Implement to Safeguard Wireless Connections
The Wi-Fi network is a wireless gateway that connects homes and businesses to the Internet via the air, and it is typically provided by a router, which transmits data signals across the network. Mobile devices, laptops, and tablets can…
Pakistan-Based Hackers Launch Cyber Attack on Indian Defence Websites, Claim Access to Sensitive Data
In a concerning escalation of cyber hostilities, a Pakistan-based threat group known as the Pakistan Cyber Force launched a coordinated cyber offensive on multiple Indian defence-related websites on Monday. The group claimed responsibility for defacing the official site of…
Public Wary of AI-Powered Data Use by National Security Agencies, Study Finds
A new report released alongside the Centre for Emerging Technology and Security (CETaS) 2025 event sheds light on growing public unease around automated data processing in national security. Titled UK Public Attitudes to National Security Data Processing: Assessing Human…
WhatsApp Reveals “Private Processing” Feature for Cloud Based AI Features
WhatsApp claims even it can not process private data WhatsApp has introduced ‘Private Processing,’ a new tech that allows users to use advanced AI features by offloading tasks to privacy-preserving cloud servers, without exposing their chat to Meta. Meta claims…
Security Researcher Uncovers Critical RCE Flaw in API Due to Incomplete Input Validation
In a recent security evaluation, a researcher discovered a severe remote code execution (RCE) vulnerability caused by improper backend input validation and misplaced reliance on frontend filters. The vulnerability centered on a username field within a target web application. On…
Ascension Faces New Security Incident Involving External Vendor
There has been an official disclosure from Ascension Healthcare, one of the largest non-profit healthcare systems in the United States, that there has been a data breach involving patient information due to a cybersecurity incident linked to a former…
Posture Management Emerges as Strategic Cybersecurity Priority Amid Cloud and Data Fragmentation
Posture management is rapidly evolving into a cornerstone of enterprise cybersecurity as organizations grapple with increasing digital complexity. With infrastructures now sprawling across cloud platforms, identity services, and data environments, the traditional model of siloed risk monitoring is no…