A major international police operation has resulted in the arrest of two individuals suspected of carrying out ransomware attacks worldwide. The operation also led to the takedown of dark web platforms associated with a notorious cybercrime group. Suspects Arrested…
Category: CySecurity News – Latest Information Security and Hacking Incidents
FBI Alerts Users of Surge in Gmail AI Phishing Attacks
Phishing scams have been around for many years, but they are now more sophisticated than ever due to the introduction of artificial intelligence (AI). As reported in the Hoxhunt Phishing Trends Report, AI-based phishing attacks have increased dramatically since…
Virtual Credit Cards: How They Work, Benefits, and Security Features
Virtual credit cards are digital versions of traditional credit cards, designed to enhance security in online transactions. Instead of using a physical card number, they generate a unique number for each purchase, reducing the risk of data breaches and…
2FA Under Attack as Astaroth Phishing Kit Spreads
Astaroth is the latest phishing tool discovered by cybercriminals. It has advanced capabilities that allow it to circumvent security measures such as two-factor authentication (2FA) when used against it. In January 2025, Astaroth made its public debut across multiple…
Urgent Patch Needed for SonicWall Firewall Exploit Enabling VPN Hijacking
Bishop Fox cybersecurity researchers have discovered a critical security flaw in approximately 4,500 SonicWall firewalls that are exposed to the Internet as a result of a critical security breach. The flaw, CVE-2024-53704, is a high-severity authentication bypass vulnerability within…
Credential-Stealing Malware Surges, Now a Top MITRE ATT&CK Threat
Cybersecurity researchers have uncovered a sharp rise in credential-stealing malware, with 25% of over a million malware samples analyzed in 2024 targeting user credentials. This marks a threefold increase from 2023, propelling credential theft from password stores into the…
Hackers Exploit Exposed Security Keys to Inject Code into Websites
Cybercriminals are exploiting leaked cryptographic keys to manipulate authentication systems, decode protected data, and install harmful software on vulnerable web servers. These attacks can give hackers unauthorized control over websites and would allow them to maintain access for long…
2.8 million IP Addresses Being Leveraged in Brute Force Assault On VPNs
Almost 2.8 million IP addresses are being used in a massive brute force password attack that aims to guess the login credentials for a variety of networking devices, including those generated by Palo Alto Networks, Ivanti, and SonicWall. A…
LegionLoader Malware Resurfaces with Evasive Infection Tactics
Researchers at TEHTRIS Threat Intelligence have uncovered a new wave of LegionLoader, a malware downloader also known as Satacom, CurlyGate, and RobotDropper. This sophisticated threat has been rapidly gaining momentum, with over 2,000 samples identified in recent weeks. According…
Why European Regulators Are Investigating Chinese AI firm DeepSeek
European authorities are raising concerns about DeepSeek, a thriving Chinese artificial intelligence (AI) company, due to its data practices. Italy, Ireland, Belgium, Netherlands, France regulators are examining the data collection methods of this firm, seeing whether they comply with…