Category: CYBER SECURITY

Law enforcement agencies across France, Spain, and Israel arrested six suspects in the early hours of January 27, 2025.

Microsoft has released its February 2025 Patch Tuesday updates, addressing 55 security vulnerabilities, including four zero-day flaws, with two actively exploited in real-world attacks.

A Russian military cyber-espionage group known as Sandworm is attacking Windows users in Ukraine by spreading malware through trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates.

The United States, United Kingdom, and Australia have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) provider, for supplying key infrastructure to the LockBit ransomware gang.

Apple and Google have removed 20 apps from their stores after researchers discovered they contained malware stealing user data for nearly a year.

Eric Council Jr., 25, pleaded guilty to hacking the SEC’s X account in January 2024.

A sweeping brute force assault is currently in progress, with nearly 2.8 million unique IP addresses being used daily to guess login credentials for a wide array of networking devices—including those manufactured by Palo Alto Networks, Ivanti, and SonicWall.

Hewlett Packard Enterprise (HPE) is notifying employees that their data was stolen in a cyberattack orchestrated by Russian state-sponsored hackers.

PowerSchool, a leading U.S.-based edtech company, has confirmed that 16,000 students in the United Kingdom had their personal and sensitive data stolen during a data breach in December 2024.

The Federal Communications Commission (FCC) has proposed a $4,492,500 fine against VoIP provider Telnyx, accusing the company of failing to comply with Know Your Customer (KYC) rules.

AMD has rolled out mitigation and firmware updates to address a high-severity vulnerability (CVE-2024-56161) that allows attackers to load malicious CPU microcodes on unpatched devices.

Ransomware payments have significantly declined, dropping 35% year-over-year in 2024.

The U.S. Justice Department has charged 22-year-old Canadian national Andean Medjedovic for allegedly stealing $65 million by exploiting vulnerabilities in two decentralized finance (DeFi) protocols.

A 59-year-old man from Irvine, California, has been sentenced to 87 months in prison for his role in an investment fraud ring that stole $50 million from unsuspecting investors between 2012 and October 2020.

Security researchers at Kaspersky have discovered a malicious software development kit (SDK) embedded in Android and iOS apps available on Google Play and the Apple App Store.

Multiple state-backed hacking groups are experimenting with Google’s AI-powered Gemini assistant to boost their productivity and conduct research for cyber operations.

Tata Technologies Ltd., a subsidiary of Tata Motors, recently faced a ransomware attack that forced the company to suspend some of its IT services.

Cybersecurity experts warn that the chatbot poses a risk of data exposure to the Chinese government.

The Pentagon is scrambling to block DeepSeek, a Chinese AI chatbot after U.S. Department of Defense (DoD) employees connected their work computers to Chinese servers, Bloomberg reports.

DeepSeek, the Chinese AI startup behind the DeepSeek-R1 language model, left two unsecured databases publicly accessible, exposing user chat logs, API keys, backend infrastructure details, and operational metadata.