WannaMine is a fileless cryptojacking worm built for one job: hijack CPU cycles at scale to mine Monero. What makes it stand out is not a flashy payload, but its discipline. Instead of dropping a...
Threat actors are increasingly abusing legitimate remote monitoring and management tools to gain persistent access to corporate environments, and a new campaign shows just how little technical...
European law enforcement agencies have intensified their campaign against organised cybercrime with the arrest of 10 Nigerian nationals linked to the notorious Black Axe network. The coordinated...
Betterment has disclosed that a social engineering attack enabled unauthorised access to internal systems, leading to a data breach and the sending of unauthorised messages to customers. The...
Alpha Alternatives, an India-based multi-asset class investment firm, has been hit by a ransomware attack attributed to the group known as sinobi, according to incident data emerging this week. The...
Reports of a massive Instagram data breach involving 17.5 million accounts spread rapidly this month, triggering concern among users already wary of account takeovers and phishing scams. The alarm...
Canopy Healthcare has confirmed that an unknown party gained temporary unauthorised access to its administrative systems in July 2025, potentially copying a limited volume of sensitive data belonging...
The University of Hawaii Cancer Center has disclosed that hackers gained unauthorized access to patient data, with affected individuals not being immediately notified of the incident. The breach has...
Regulators have imposed a sweeping ban on Datamasters, a little-known but highly active data brokerage firm, following findings that the company unlawfully collected, processed, and sold sensitive...
A newly disclosed critical vulnerability tracked as CVE-2025-52694 is affecting multiple Advantech products, raising serious concerns for organizations operating industrial control systems, embedded...
In the ever-evolving landscape of cyber threats, the Iranian-linked advanced persistent threat group known as MuddyWater has once again demonstrated its prowess in conducting sophisticated espionage...
In a twist of fate that underscores the precarious nature of the underground hacking world, the notorious BreachForums hacking forum has fallen victim to its own specialty: a massive data breach. On...
A sophisticated browser-based espionage campaign has quietly compromised the data of nearly 900,000 users by abusing trust in popular AI tools. Security researchers have uncovered a network of fake...
Millions of Instagram users are being hit by an unusual wave of password reset emails, and the timing is fuelling a worrying claim: that the personal details of roughly 17.5 million accounts are...
Cybersecurity researchers are tracking a growing campaign known as KongTuke ClickFix, a deceptive social engineering operation that abuses fake error prompts and verification messages to trick users...
Cybersecurity researchers are warning of a renewed surge in MassLogger malware infections, driven primarily by malicious email attachments designed to trick recipients into executing the...
The Illinois Department of Human Services has disclosed a significant data breach affecting approximately 700,000 individuals, highlighting persistent cybersecurity challenges within government human...
A single threat actor operating under the aliases Zestix and Sentap has managed to compromise private files belonging to more than 50 major organizations worldwide, exposing a stark and uncomfortable...
Russian state sponsored threat actors linked to APT28, also known as BlueDelta, have launched a series of targeted credential harvesting campaigns against organizations across Europe and Central...
A ransomware group operating under the name Blackshrantac has claimed responsibility for a cyberattack against Schneider Prototyping India Pvt. Ltd., an industrial technology firm operating in India....