A new term has emerged in the tech industry: “cybersecurity debt.” Similar to technical debt, cybersecurity debt refers to the accumulation of unaddressed security bugs and outdated systems resulting from inadequate investments in cybersecurity services. Delaying these expenditures can provide…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Hackers Used Anthropic’s Claude to Run a Large Data-Extortion Campaign
A security bulletin from Anthropic describes a recent cybercrime campaign in which a threat actor used the company’s Claude AI system to steal data and demand payment. According to Anthropic’s technical report, the attacker targeted at least 17 organizations…
Beyond Google: The Rise of Privacy-Focused Search Engines
For years, the search engine market has been viewed as a two-player arena dominated by Google, with Microsoft’s Bing as the backup. But a quieter movement is reshaping how people explore the web: privacy-first search engines that promise not…
Misuse of AI Agents Sparks Alarm Over Vibe Hacking
Once considered a means of safeguarding digital battlefields, artificial intelligence has now become a double-edged sword —a tool that can not only arm defenders but also the adversaries it was supposed to deter, giving them both a tactical advantage…
SquareX Warns Browser Extensions Can Steal Passkeys Despite Phishing-Resistant Security
The technology industry has long promoted passkeys as a safer, phishing-resistant alternative to passwords. Major firms such as Microsoft, Google, Amazon, and Meta are encouraging users to abandon traditional login methods in favor of this approach, which ties account…
Maryland’s Paratransit Service Hit by Ransomware Attack
The Maryland Transit Administration (MTA), operator of one of the largest multi-modal transit systems in the United States, is currently investigating a ransomware attack that has disrupted its Mobility paratransit service for disabled travelers. While the agency’s core transit…
Chinese Espionage Group Exploits Fake Wi-Fi Portals to Infiltrate Diplomatic Networks
A recent investigation by Google’s security researchers has revealed a cyber operation linked to China that is targeting diplomats in Southeast Asia. The group behind the activity, tracked as UNC6384, has been found hijacking web traffic through deceptive Wi-Fi…
DDoS Attacks Emerge as Geopolitical Weapons in 2025
The first half of 2025 witnessed more than 8 million distributed denial-of-service (DDoS) attacks worldwide, according to new figures from Netscout. The EMEA region absorbed over 3.2 million incidents, with peak strikes hitting 3.12 Tbps in speed and 1.5…
PromptLock: the new AI-powered ransomware and what to do about it
Security researchers recently identified a piece of malware named PromptLock that uses a local artificial intelligence model to help create and run harmful code on infected machines. The finding comes from ESET researchers and has been reported by multiple…
Microsoft Warns Storm-0501 Shifts to Cloud-Based Encryption, Data Theft, and Extortion
Microsoft has issued a warning about Storm-0501, a threat actor that has significantly evolved its tactics, moving away from traditional ransomware encryption on devices to targeting cloud environments for data theft, extortion, and cloud-based encryption. Instead of relying on…