Researchers at Cyble have identified a highly advanced malware attack that successfully bypasses Google Chrome’s App-Bound Encryption. This security feature was designed to prevent infostealer malware from accessing user data, particularly cookies. However, the newly discovered malware employs dual…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Phishing URL Blocking Failure Leads to Cloudflare Service Disruptions
Yesterday, Cloudflare attempted to block an unintentional phishing URL within its R2 object storage platform, causing an outage that affected multiple services for nearly an hour. The outage was caused by an attempt to prevent spammers from accessing the…
US Health System Notifies Nearly 900K Patients Regarding a 2023 Data Breach
Hospital Sisters Health System informed nearly 882,000 patients that a cyberattack in August 2023 resulted in a data breach that compromised their private and medical data. Established in 1875, HSHS works with about 2,200 physicians and employs over 12,000…
Massive Mobile Malware Campaign Targets Indian Banks, Steals Financial Data
Zimperium’s zLabs research team has uncovered a significant mobile malware campaign that targets Indian banks. First reported on February 5, 2025, this threat was orchestrated by a threat actor called FatBoyPanel. Nearly 900 malware samples are used in the…
Hackers Exploit SimpleHelp RMM Vulnerabilities to Deploy Backdoors and Create Admin Accounts
Management (RMM) clients to gain administrative control, install backdoors, and possibly set the stage for ransomware deployment. The vulnerabilities, identified as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, were initially flagged by Arctic Wolf as potential attack vectors last week. While the…
Sophisticated Phishing Campaign Circumvents Microsoft’s Multi Factor Authentication
A help desk phishing campaign uses spiofed login pages to target Microsoft Active Directory Federation Services (ADFS) within an organisation in order to obtain credentials and get around multi-factor authentication (MFA) protections. The campaign’s main targets, as reported by…
The Rising Problem of Banking Scams in East India
Currently, India is battling with a fake banking applications spoofing genuine institutions to loot credentials and money. The scale of the campaign is massive, impacting around 900 different malware samples linked to more than 1000 different contact numbers used to…
WhatsApp Alerts Users About a Dangerous Zero-Click Spyware Attack
WhatsApp has warned users about a highly advanced hacking attack that infected nearly 90 people across 24 countries. Unlike traditional cyberattacks that rely on tricking victims into clicking malicious links, this attack used zero-click spyware, meaning the targets were…
The Future of Data Security Lies in Quantum-Safe Encryption
Cybersecurity experts and analysts have expressed growing concerns over the potential threat posed by quantum computing to modern cryptographic systems. Unlike conventional computers that rely on electronic circuits, quantum computers leverage the principles of quantum mechanics, which could enable…
DeepSeek-R1 AI Under Fire for Severe Security Risks
DeepSeek-R1, an AI model developed in China, is facing intense scrutiny following a study by cybersecurity firm Enkrypt AI, which found it to be 11 times more vulnerable to cybercriminal exploitation compared to other AI models. The research highlights…