Latest News: Cybersecurity

In a major discovery, cybersecurity firm HUMAN Security has uncovered a sophisticated phishing campaign, dubbed “Phish n' Ships”. This elaborate scheme targeted over 1,000 legitimate e-commerce websites, leading to estimated losses of tens of millions of dollars. Active since at least 2019, it has

Fog and Akira ransomware gangs are targeting SonicWall VPNs to infiltrate corporate networks, exploiting the critical CVE-2024-40766 flaw recently revealed in SonicWall’s SSL VPN system. Discovered and patched in August 2024, this flaw remains a risk as some organizations have yet to apply the

Russian-linked cyber espionage group UNC5812 has been targeting Ukrainian military conscripts with Windows and Android malware in a sophisticated campaign. Disguised as recruitment avoidance tools, the malware has been distributed via a Telegram channel named “Civil Defense” and a website

Kaspersky’s Global Research and Analysis Team (GReAT) uncovered a critical Google Chrome zero-day vulnerability, tracked as CVE-2024-4947, that was being exploited by the North Korean Lazarus hacking group. The attackers used a fake decentralized finance (DeFi) game called DeTankZone to target

APT41, a Chinese state-sponsored hacking group, has targeted the gambling and gaming industry in a sophisticated cyberattack. The attack spanned several months and saw hackers collect sensitive data from their victims’ infrastructure, including network configurations and passwords. APT41, also

An ongoing malware campaign has compromised over 6,000 WordPress sites, installing malicious plugins that push infostealing malware. The campaign, known as ClearFake, began in 2023 and tricks users into installing malware through fake browser error messages. As reported by BleepingComputer, the

Iranian hackers have been actively targeting critical infrastructure sectors worldwide. They have been breaching such networks and then selling access to other cybercriminals. A joint advisory from US, Canadian, and Australian cybersecurity agencies highlights that the hackers have focused on

Recently I discovered and shared with vpnMentor about 15 unprotected and publicly exposed databases. They contained 4.6 million records, including sensitive Illinois voter information. Now that the dust has settled and as the US election nears, I wanted to reflect on the potential vulnerabilities

Discord, the popular messaging platform primarily used by gaming communities, has now been blocked in both Russia and Turkey. The bans come as part of these governments’ broader efforts to tighten control over digital platforms, with the authorities citing concerns over illegal content. Millions of

FIN7, a notorious Russian hacking group, is using fake AI nude image generator websites to distribute malware, targeting individuals and potentially businesses. According to research from Silent Push, the campaign relies on the popularity of deepfake technology to lure users into downloading