Mozilla Patches Critical Security Flaw in Firefox on Windows
Mozilla has released Firefox 136.0.4 to fix a critical security vulnerability that allows attackers to bypass the browser’s sandbox protections on Windows.
Bijay Pokharel,
March 28, 2025
2 min read
UK Issues £3.07 Million Fine to Advanced Computer Software for 2022 Ransomware Attack
The UK Information Commissioner's Office (ICO) has levied a £3.07 million ($3.95 million) fine against Advanced Computer Software Group Ltd for a ransomware attack in 2022 that exposed the sensitive personal data of 79,404 individuals, including NHS patients.
Bijay Pokharel,
March 27, 2025
2 min read
Oracle Cloud Breach Allegations Contradict Company’s Denial
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers, evidence suggests that account data for 6 million users may have been compromised.
Bijay Pokharel,
March 27, 2025
2 min read
Google Patches High-Severity Chrome Zero-Day Exploited in Espionage Attacks
Google has released a security update to fix a critical Chrome zero-day vulnerability (CVE-2025-2783) that was actively exploited in cyber-espionage attacks.
Bijay Pokharel,
March 27, 2025
1 min read
Australian Fintech Firm Vroom by YouX Exposes Sensitive Customer Data Due to Unsecured Amazon S3 Storage
An Amazon S3 storage instance containing sensitive personal and financial records was found publicly accessible without password protection or encryption.
Bijay Pokharel,
March 27, 2025
2 min read
EncryptHub Exploits Windows Zero-Day to Evade Security Protections
A cyber threat actor, EncryptHub, has been linked to recent Windows zero-day attacks, exploiting a critical Microsoft Management Console (MMC) vulnerability that Microsoft patched this month.
Bijay Pokharel,
March 26, 2025
2 min read
FBI Warns of Fake Online Document Converters Spreading Malware and Stealing Data
The FBI is warning internet users about fake online document converters that are being used to steal personal information and, in some cases, deploy ransomware on victims’ devices.
Bijay Pokharel,
March 24, 2025
2 min read
Oracle Denies Breach After Hacker Claims to Sell Stolen Cloud Data
Oracle has denied allegations of a security breach after a threat actor claimed to be selling six million data records allegedly stolen from Oracle Cloud’s federated SSO login servers.
Bijay Pokharel,
March 22, 2025
2 min read
Coinbase Was the Primary Target in a Large-Scale GitHub Supply Chain Attack
Researchers have identified Coinbase as the main target in a GitHub Actions supply chain attack that exposed secrets in hundreds of repositories.
Bijay Pokharel,
March 22, 2025
1 min read
Steam Removes ‘Sniper: Phantom’s Resolution’ After Malware Reports
Valve has pulled the game "Sniper: Phantom’s Resolution" from Steam after multiple users reported that its demo installer contained information-stealing malware.
Bijay Pokharel,
March 21, 2025
1 min read
WhatsApp Patches Zero-Click Vulnerability Exploited by Spyware
WhatsApp has patched a zero-click, zero-day vulnerability that was exploited to install Paragon’s Graphite spyware following reports from security researchers at the University of Toronto’s Citizen Lab.
Bijay Pokharel,
March 20, 2025
2 min read
DollyWay Malware Compromises Over 20,000 WordPress Sites, Redirects Users to Scams
A long-running malware operation known as DollyWay has been compromising WordPress sites since 2016, infecting over 20,000 websites worldwide.
Bijay Pokharel,
March 20, 2025
2 min read
SpyX Spyware Data Breach Exposes Nearly 2 Million Users’ Information
A major data breach has exposed the records of nearly two million users linked to the consumer-grade spyware operation SpyX.
Bijay Pokharel,
March 20, 2025
1 min read
Researcher Develops Free Decryptor for Akira Ransomware on Linux
Cybersecurity researcher Yohanes Nugroho has developed a free decryptor for the Linux variant of Akira ransomware.
Bijay Pokharel,
March 16, 2025
2 min read
CISA Warns Medusa Ransomware Has Hit Over 300 Critical Infrastructure Organizations
The Cybersecurity and Infrastructure Security Agency (CISA) has revealed that the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors across the U.S. as of last month.
Bijay Pokharel,
March 13, 2025
1 min read
North Korean Hackers Upload Android Spyware to Google Play Store
According to cybersecurity firm Lookout, hackers linked to the North Korean government secretly uploaded Android spyware to the Google Play Store, tricking users into downloading it.
Bijay Pokharel,
March 12, 2025
2 min read
Ransomware Group Leaks Stolen Tata Technologies Data
The ransomware group Hunters International has published stolen data from Tata Technologies, weeks after the Indian company confirmed a ransomware attack that disrupted some services.
Bijay Pokharel,
March 12, 2025
1 min read
North Korean Lazarus Hackers Target npm with Malicious Packages
Security researchers have identified six malicious npm packages linked to the North Korean hacking group Lazarus, designed to steal credentials, deploy backdoors, and extract cryptocurrency data.
Bijay Pokharel,
March 12, 2025
1 min read
ESHYFT Data Breach Exposes Over 86,000 Records, Including Sensitive Medical Information
Cybersecurity researcher Jeremiah Fowler has discovered a major data breach involving ESHYFT, a health tech company based in New Jersey.
Bijay Pokharel,
March 12, 2025
1 min read
Elon Musk Hints at Ukraine Link with Massive Cyberattack on X
Elon Musk on Tuesday hinted at Ukraine’s link with the cyberattack on X that led to a massive global outage on his social media platform.
Bijay Pokharel,
March 11, 2025
2 min read





