Category: CYBER SECURITY

Non-profit privacy group None of Your Business (noyb) has filed formal complaints against six major companies—TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi—accusing them of illegally transferring European user data to China.

Cybercriminals are now leveraging Google search advertisements to promote phishing sites designed to steal advertisers’ credentials for the Google Ads platform.

Cybersecurity researcher Jeremiah Fowle uncovered a major data breach involving Willow Pays, a fintech company specializing in AI-powered payment solutions.

Just days ahead of Donald Trump’s inauguration as the 47th US President, the Securities and Exchange Commission (SEC) has filed a lawsuit against his best ally, Elon Musk, over an alleged securities violation related to his acquisition of Twitter (now called X) in 2022.

The U.S. Department of Justice has revealed that the FBI successfully removed the Chinese PlugX malware from over 4,200 infected computers across the United States.

A new malware campaign has compromised over 5,000 WordPress websites, allowing attackers to create unauthorized admin accounts, install malicious plugins, and steal sensitive data.

A joint report by the United States, Japan, and South Korea has revealed that North Korean hackers stole $659 million in cryptocurrency through multiple heists in 2024.

Nominet, the official registry for .UK domains and one of the largest country code registries globally, have confirmed a network breach linked to a zero-day vulnerability in Ivanti VPN software.

Apple has patched a significant macOS vulnerability that allowed attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers.

Cybercriminals are leveraging a deceptive tactic to bypass Apple iMessage's phishing protection, tricking users into reactivating disabled links in suspicious messages.

Chinese state-sponsored hackers, known as Silk Typhoon (Hafnium), have reportedly breached multiple offices within the U.S. Treasury Department, including the Committee on Foreign Investment in the United States (CFIUS) and the Office of Foreign Assets Control (OFAC), according to a CNN report citing U.S. officials.

Spanish telecommunications giant Telefónica has confirmed a breach of its internal ticketing system after sensitive data was leaked on a hacking forum.

A federal grand jury in the Northern District of Georgia has indicted three Russian nationals for their involvement in running cryptocurrency mixing services Blender.io and Sinbad.io, which were allegedly used to launder criminal proceeds from ransomware attacks, virtual currency thefts, and other cybercrimes.

Ukrainian hacktivists from the Ukrainian Cyber Alliance (UCA) have claimed responsibility for a devastating cyberattack on Russian internet service provider Nodex.

Two severe security flaws have been identified in the popular Fancy Product Designer plugin for WordPress, with no fixes yet implemented. Despite repeated notifications, the plugin's developer, Radykal, has not addressed the vulnerabilities, leaving users at risk.

An anonymous hacker is claiming responsibility for a data breach at U.S.-based location tracking company Gravy Analytics, according to screenshots of their alleged exploits circulating online.

Japanese electronics company Casio has disclosed that a ransomware attack in October 2024 compromised the personal data of approximately 8,500 individuals.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced today that last week’s Treasury Department cyberattack, attributed to Chinese government hackers, did not affect other federal agencies.

Cyberattacks targeting Taiwan’s government departments surged dramatically in 2024, averaging 2.4 million daily attacks—double the 1.2 million daily attacks recorded in 2023, according to the island's National Security Bureau.

Cybersecurity firm ESET is warning Windows 10 users to upgrade to Windows 11 or switch to Linux ahead of the operating system’s end of support in October 2025. Without action, users risk exposing their devices to significant vulnerabilities and cyberattacks.