Chinese Hackers Breached U.S. National Guard Network For Nine Months
A Chinese state-sponsored hacking group known as Salt Typhoon infiltrated a U.S. Army National Guard network and remained undetected for nine months in 2024, stealing sensitive data, including network diagrams, administrator credentials, and personal information of service members.
Bijay Pokharel,
July 18, 2025
2 min read
Crypto Exchange BigONE Hacked for $27M
Cryptocurrency exchange BigONE has confirmed a $27 million theft following a cyberattack that compromised its hot wallet on July 16, 2025.
Bijay Pokharel,
July 18, 2025
2 min read
Google Sues Operators of BadBox 2.0 Malware Botnet Over Massive Ad Fraud Scheme
Google has filed a lawsuit against the anonymous operators of the BadBox 2.0 Android malware botnet, accusing them of running a global ad fraud operation that exploits Google’s advertising platforms.
Bijay Pokharel,
July 18, 2025
1 min read
Unsecured Database Exposes Over 1.1 Million Records Linked to U.S. Adoption Agency
Cybersecurity researcher Jeremiah Fowler has uncovered a massive data breach involving over 1.1 million records tied to the Gladney Center for Adoption, a Texas-based organization known for providing adoption and advocacy services for more than 130 years.
Bijay Pokharel,
July 17, 2025
2 min read
Ex-U.S. Army Soldier Pleads Guilty to Hacking Telecom Giants and Extortion Scheme
Former U.S. Army soldier Cameron John Wagenius has pleaded guilty to hacking major telecommunication companies and attempting to extort them by threatening to leak stolen data, the U.S. Department of Justice (DOJ) announced on Tuesday.
Bijay Pokharel,
July 16, 2025
1 min read
New Chinese Malware ‘Massistant’ Extracts Data from Seized Phones, Security Researchers Warn
A new report by cybersecurity firm Lookout has revealed that Chinese authorities are using a powerful Android malware tool called Massistant to extract data from seized mobile phones, even accessing private content from encrypted messaging apps like Signal.
Bijay Pokharel,
July 16, 2025
2 min read
Europol Dismantles Romanian Ransomware Gang Behind Diskstation Attacks
An international law enforcement operation has dismantled a Romanian ransomware group known as Diskstation, which crippled businesses in Italy’s Lombardy region by encrypting their systems.
Bijay Pokharel,
July 16, 2025
1 min read
Abacus Market Disappears in Suspected Exit Scam After Handling Millions in Crypto
Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has suddenly gone offline in a suspected exit scam.
Bijay Pokharel,
July 16, 2025
1 min read
Meta Fixes Security Bug That Exposed Private Meta AI Chats
Meta has fixed a serious security flaw that allowed users of its Meta AI chatbot to access private prompts and AI responses belonging to other users.
Bijay Pokharel,
July 16, 2025
1 min read
UK Launches Cyber Vulnerability Research Program for External Experts
The UK’s National Cyber Security Centre (NCSC) has launched a new Vulnerability Research Initiative (VRI) aimed at enhancing collaboration with external cybersecurity researchers to improve the discovery and understanding of software and hardware vulnerabilities.
Bijay Pokharel,
July 15, 2025
1 min read
Gigabyte Motherboards Affected by Critical UEFI Firmware Flaws Enabling Stealth Malware
More than 240 Gigabyte motherboard models are vulnerable to critical security flaws in their UEFI firmware that could allow attackers to install stealthy bootkit malware.
Bijay Pokharel,
July 15, 2025
2 min read
Episource Data Breach Exposes Health Info of Over 5.4 Million Americans
Medical billing company Episource is alerting more than 5.4 million individuals across the U.S. after their personal and health information was stolen in a cyberattack earlier this year, making it one of 2025’s largest healthcare breaches so far.
Bijay Pokharel,
July 15, 2025
1 min read
Hackers Exploit Google Gemini to Show Fake Security Warnings in Email Summaries
Security researchers have discovered a new way hackers can manipulate Google Gemini for Workspace to display fake warnings in email summaries, without using any links or attachments.
Bijay Pokharel,
July 14, 2025
1 min read
Hackers Exploit Critical Wing FTP Server Flaw (CVE-2025-47812) Just One Day After Disclosure
Hackers have begun exploiting a severe remote code execution (RCE) vulnerability in Wing FTP Server (CVE-2025-47812) just a day after its technical details were made public by security researcher Julien Ahrens.
Bijay Pokharel,
July 13, 2025
1 min read
NVIDIA Urges Users to Enable ECC to Prevent Rowhammer Attacks on GPUs
NVIDIA has issued a security warning urging users to enable System-Level Error-Correcting Code (ECC) on GPUs with GDDR6 memory to protect against Rowhammer attacks, a hardware-based vulnerability that can corrupt memory and compromise system stability.
Bijay Pokharel,
July 12, 2025
2 min read
Gravity Forms WordPress Plugin Hit by Supply-Chain Attack
A major supply-chain attack has compromised the popular Gravity Forms WordPress plugin, affecting manual downloads from the official website.
Bijay Pokharel,
July 12, 2025
1 min read
McDonald’s McHire Job Platform Exposed Data of 64 Million Applicants
A critical vulnerability in McHire, McDonald’s chatbot-based job application platform, exposed the personal data and chat transcripts of over 64 million U.S. job applicants.
Bijay Pokharel,
July 12, 2025
1 min read
‘PerfektBlue’ Bluetooth Vulnerabilities Expose Millions of Cars and Devices to Security Risks
PCA Cyber Security researchers have uncovered a set of critical vulnerabilities in the widely used Blue SDK Bluetooth stack, exposing millions of vehicles and smart devices to serious privacy and safety threats.
Bijay Pokharel,
July 11, 2025
1 min read
Malicious Chrome Extensions With 1.7 Million Downloads Caught Tracking Users and Redirecting Browsers
Nearly a dozen Chrome extensions with a combined 1.7 million downloads have been found secretly tracking user activity, stealing browser data, and redirecting users to unsafe websites, according to researchers at Koi Security.
Bijay Pokharel,
July 9, 2025
2 min read
Anatsa Banking Trojan Sneaks Back Into Google Play via Fake PDF Viewer App
The Anatsa banking trojan has resurfaced on the Google Play Store, this time hiding inside a fake PDF viewer app called “Document Viewer – File Reader”, published by Hybrid Cars Simulator, Drift & Racing.
Bijay Pokharel,
July 9, 2025
2 min read
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.