Category: CYBER SECURITY

The Dutch Police (Politie) have dismantled the ZServers/XHost bulletproof hosting operation, taking down 127 servers that were allegedly used for illegal activities.

Google has patched two serious security flaws that, when exploited together, could have revealed the email addresses of YouTube users—posing a major privacy risk, especially for those who rely on anonymity.

Decentralized finance (DeFi) platform zkLend has fallen victim to a major cyberattack, with hackers exploiting a flaw in its smart contract to steal 3,600 Ethereum—worth approximately $9.5 million at the time of the breach.

Cybersecurity Researcher Jeremiah Fowler uncovered a non-password-protected database that contained nearly 2.7 billion records belonging to Mars Hydro.

Law enforcement agencies across France, Spain, and Israel arrested six suspects in the early hours of January 27, 2025.

Microsoft has released its February 2025 Patch Tuesday updates, addressing 55 security vulnerabilities, including four zero-day flaws, with two actively exploited in real-world attacks.

A Russian military cyber-espionage group known as Sandworm is attacking Windows users in Ukraine by spreading malware through trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates.

The United States, United Kingdom, and Australia have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) provider, for supplying key infrastructure to the LockBit ransomware gang.

Apple and Google have removed 20 apps from their stores after researchers discovered they contained malware stealing user data for nearly a year.

Eric Council Jr., 25, pleaded guilty to hacking the SEC’s X account in January 2024.

A sweeping brute force assault is currently in progress, with nearly 2.8 million unique IP addresses being used daily to guess login credentials for a wide array of networking devices—including those manufactured by Palo Alto Networks, Ivanti, and SonicWall.

Hewlett Packard Enterprise (HPE) is notifying employees that their data was stolen in a cyberattack orchestrated by Russian state-sponsored hackers.

PowerSchool, a leading U.S.-based edtech company, has confirmed that 16,000 students in the United Kingdom had their personal and sensitive data stolen during a data breach in December 2024.

The Federal Communications Commission (FCC) has proposed a $4,492,500 fine against VoIP provider Telnyx, accusing the company of failing to comply with Know Your Customer (KYC) rules.

AMD has rolled out mitigation and firmware updates to address a high-severity vulnerability (CVE-2024-56161) that allows attackers to load malicious CPU microcodes on unpatched devices.

Ransomware payments have significantly declined, dropping 35% year-over-year in 2024.

The U.S. Justice Department has charged 22-year-old Canadian national Andean Medjedovic for allegedly stealing $65 million by exploiting vulnerabilities in two decentralized finance (DeFi) protocols.

A 59-year-old man from Irvine, California, has been sentenced to 87 months in prison for his role in an investment fraud ring that stole $50 million from unsuspecting investors between 2012 and October 2020.

Security researchers at Kaspersky have discovered a malicious software development kit (SDK) embedded in Android and iOS apps available on Google Play and the Apple App Store.

Multiple state-backed hacking groups are experimenting with Google’s AI-powered Gemini assistant to boost their productivity and conduct research for cyber operations.