Latest News

A new phishing-as-a-service (PhaaS) platform, known as Rockstar 2FA, is enabling adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials and bypass multifactor authentication (MFA). Specifically, AiTM phishing is a technique that uses specialized tools to allow a threat actor to

India’s Department of Telecommunications (DoT) recently introduced the Telecommunications (Telecom Cyber Security) Rules, 2024, under the Telecom Act, 2023, to fortify telecom infrastructure against cyber threats. However, experts argue these measures lack sufficient safeguards for user privacy

A major cyberattack has disrupted operations at the Wirral University Teaching Hospital (part of the NHS Foundation Trust), forcing the postponement of surgeries, outpatient appointments, and other procedures. The WUTH is a healthcare organization which operates Arrowe Park, Clatterbridge, and

A North Korea-linked hacking group, Sapphire Sleet, has stolen more than $10 million in cryptocurrency over six months through LinkedIn scams and AI-driven malware. The group, active since 2020, exploits fake profiles to execute sophisticated social engineering campaigns targeting professionals

QNAP, a leading provider of network-attached storage (NAS) devices and routers, has faced widespread criticism after a recent firmware update left many users unable to access their devices. The problematic update, QTS 5.2.2.2950 build 20241114, was released in mid-November to address multiple

A SecurityScorecard report released on November 20, 2024, shows that 97% of the top 100 US retailers experienced third-party data breaches in the past year, underscoring critical vulnerabilities in the retail sector ahead of the holiday shopping rush. The report analyzed over 14,000 domains

BlueSky, the decentralized microblogging platform often seen as a competitor to Twitter, has recently surpassed 20 million users. This milestone, however, has been met with a surge in challenges, including the rise of crypto scams and the proliferation of fake accounts. As users migrate from

A severe vulnerability affecting the Really Simple Security WordPress plugin, previously Really Simple SSL, has put four million websites at risk of potential takeover. Discovered on November 6, 2024, by Wordfence researchers, the flaw allows attackers to bypass authentication and gain

Maxar Technologies, a prominent US space technology firm, has disclosed a data breach that has compromised the personal information of its employees. The Colorado-based company, known for its satellite manufacturing and geospatial intelligence services, revealed that the breach occurred on October

Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained more than 1.1 million records belonging to Conduitor Limited (trading as Forces Penpals) — a service that offers dating services, and social networking for military