Many people don’t realize how much of their personal data is floating around the internet. Even if you’re careful and don’t use the internet much, your information like name, address, phone number, or email could still be listed on…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
Compromised npm Package ‘rand-user-agent’ Used to Spread Remote Access Trojan
A widely-used npm package, rand-user-agent, has fallen victim to a supply chain attack, where cybercriminals injected obfuscated code designed to install a Remote Access Trojan (RAT) on users’ systems. Originally developed to generate randomized user-agent strings—helpful in web scraping,…
FBI Warns Consumers to Replace Outdated Routers Hijacked by TheMoon Malware
The FBI has issued an urgent warning to American consumers and businesses: replace outdated internet routers immediately or risk becoming an unwitting accomplice in cybercrime. According to the agency, cybercriminals are actively targeting “end-of-life” routers—older models that no longer…
LockBit Ransomware Platform Breached Again, Ops Data Leaked
A breach of an administration panel used by the LockBit ransomware outfit resulted in the exposure of information that can be extremely valuable to law enforcement and the cybersecurity community. The breach was discovered on May 7, when a…
Google Now Scans Screenshots to Identify Geographic Locations
With the introduction of a new feature within Google Maps that is already getting mixed reviews from users, this update is already making headlines around the world. Currently available on iPhones, this update allows users to scan screenshots and…
Why Microsoft Says DeepSeek Is Too Dangerous to Use
Microsoft has openly said that its workers are not allowed to use the DeepSeek app. This announcement came from Brad Smith, the company’s Vice Chairman and President, during a recent hearing in the U.S. Senate. He said the decision…
Details of 1.1 Million Job Applicants Leaked by a Major Recruitment Platform
While looking for a new job can be enjoyable, it is surely not fun to lose your personal information in the process. In the meantime, the Cybernews investigation team found an unprotected GCS bucket belonging to the talent pool…
Coordinated Action Targets DDoS-for-Hire Empire with Arrests and Seizures
The Polish authorities have succeeded in dismantling a sophisticated criminal network offering distributed denial-of-service (DDoS) for-hire services to hit the cybercrime infrastructure hard. As the result of a coordinated operation, four people were arrested who were suspected of operating…
Agentic AI Is Reshaping Cybersecurity Careers, Not Replacing Them
Agentic AI took center stage at the 2025 RSA Conference, signaling a major shift in how cybersecurity professionals will work in the near future. No longer a futuristic concept, agentic AI systems—capable of planning, acting, and learning independently—are already…
Windows CLFS Zero-Day Flaw Exploited in Play Ransomware Attacks
In zero-day attacks, the Play ransomware gang exploited a critical Windows Common Log File System flaw to gain SYSTEM access and install malware on infected PCs. The vulnerability, known as CVE-2025-29824, was identified by Microsoft as being exploited in…