fCyber Monday scams in 2025 are increasing at a time when phishing, credential theft, and financial cybercrime are already at some of the highest levels seen this year. Attackers know shoppers are distracted by discounts and rushed checkout decisions, and they are using this moment to launch more convincing scams than show more ...
India’s Department of Telecommunications (DoT) has introduced a shift in the way messaging platforms operate in the country, mandating the adoption of SIM-binding as a core security requirement. Under the Telecommunication Cybersecurity Amendment Rules, 2025, all major messaging services, including Telegram, and show more ...
An Australian man has been sentenced to more than seven years in jail on charges that he created ‘evil twin’ WiFi networks to hack into women’s online accounts to steal intimate photos and videos. The Australian Federal Police (AFP) didn’t name the man in announcing the sentencing, but several Australian news show more ...
European law enforcement agencies have taken down an illegal cryptocurrency mixing service that they say has been used to facilitate cybercrime and money laundering. The operation to take down the cryptocurrency mixing service ‘Cryptomixer’ was conducted between November 24 and 28 and was announced today by show more ...
The Linux Kernel project reached another milestone with the official release of version 6.18, announced by Linus Torvalds. This update introduces a wide array of architectural changes, hardware enablement improvements, and feature adjustments, while also signaling a notable shift in how certain subsystems are show more ...
South Korean e-commerce giant Coupang has confirmed a massive data breach that exposed personal information belonging to nearly 33.7 million customers, making it one of the country’s largest cybersecurity incidents in recent years. The company publicly apologised over the weekend, acknowledging that the Coupang data show more ...
Airbus has entered the final phase of its unprecedented global retrofit effort, confirming that fewer than 100 A320s in service still require updates after the discovery of a software vulnerability that triggered the largest emergency recall the manufacturer has ever executed. The company disclosed on Monday that show more ...
What generates the fastest profit for cybercriminals? Attacking systems that can help them access confidential information or finances directly. Therefore, it’s no surprise that entire groups of cybercriminals specialize in embedded systems: primarily ATMs full of cash, payment systems where transactions can be show more ...
The Russian-speaking group is targeting government and diplomatic entities in CIS member states and Central Asia in its latest cyber-espionage campaign.
The latest attack from the self-replicating npm-package poisoning worm can also steal credentials and secrets from AWS, Google Cloud Platform, and Azure.
Multiple European law enforcement agencies recently disrupted Cryptomixer, a service allegedly used by cybercriminals to launder ill-gotten gains from ransomware and other cyber activities.
The Inc ransomware gang took responsibility for the attack earlier this month and claimed it stole sensitive subscriber data.
South Korean online retail giant Coupang apologized for a data breach that prompted an emergency meeting by senior government officials.
Police in Switzerland and Germany led an operation to take down Cryptomixer, which handled about $1.5 billion in cryptocurrency since 2016, much of it from illicit sources, Europol said.
Russian users of WhatsApp reported disruptions as authorities limited access to the app, which they said enabled fraud, terrorism and possibly a recent leak of diplomatic communications with the U.S.
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening.
Wisconsin-based Illuminate Education will implement a data security program and delete unnecessary data under an agreement with the Federal Trade Commission prompted by a 2021 breach of the company's network.
The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. "These attacks highlight a notable shift in Tomiris's tactics, namely the increased use of implants that leverage public services (e.g., Telegram and Discord) as
A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices. The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency
Hackers aren’t kicking down the door anymore. They just use the same tools we use every day — code packages, cloud accounts, email, chat, phones, and “trusted” partners — and turn them against us. One bad download can leak your keys. One weak vendor can expose many customers at once. One guest invite, one link on a phone, one bug in a common tool, and suddenly your mail, chats, repos, and
The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges. For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remained the same: a passive window through which a human user viewed and interacted with the internet. That era is over. We are currently witnessing a shift that renders the old
India's telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to a report from Reuters, the app cannot be deleted or disabled from users' devices. Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken down. "These
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble.
