A recent cybersecurity investigation revealed how a threat actor called UNC6426 managed to compromise a company’s cloud environment in less than 72 hours. The attackers used credentials stolen during the earlier Nx npm supply-chain incident. With those credentials, they were able to enter the organization’s development environment. Researchers say the case shows how fast attackers … Continued
Cybersecurity researchers have discovered a new cyber-espionage campaign targeting Ukrainian military personnel. The operation has been linked to the Russian state-backed hacking group APT28. According to researchers, the attackers are using two malware tools called BEARDSHELL and COVENANT. The campaign is mainly focused on secretly collecting intelligence from compromised systems. Security experts say the activity … Continued
India’s cybersecurity spending is expected to grow significantly as organizations face more advanced digital threats. According to a recent industry forecast, end-user spending on information security in India is projected to reach $3.4 billion by 2026. This represents an 11.7% increase compared with 2025. The growth reflects how seriously companies are now taking cybersecurity risks. … Continued
Cybersecurity researchers have recently discovered a serious security issue involving a Google Chrome extension that became malicious after its ownership was transferred to a new developer. The extension was originally considered safe and was used by many users for its normal functionality. However, after the ownership change, the extension began performing harmful activities inside users’ … Continued
Cybersecurity researchers recently discovered a new cyberattack campaign targeting critical infrastructure organizations across Asia. The activity was analyzed by security experts from Palo Alto Networks Unit 42 after observing suspicious activity on several networks. The attackers are mainly targeting important sectors such as aviation, energy, telecommunications, government agencies, technology companies, law enforcement, and pharmaceutical organizations. … Continued
Cybersecurity researchers have recently uncovered a new cyber campaign linked to the Iranian hacking group known as MuddyWater. The group is believed to have connections with Iran’s Ministry of Intelligence and Security. In this campaign, attackers managed to infiltrate several organizations and quietly place malicious tools inside their systems. Researchers say the hackers used a … Continued
Microsoft has recently revealed details about a new cyberattack campaign that is using a social-engineering technique called ClickFix. This campaign is designed to infect Windows computers with a well-known malware called Lumma Stealer. Instead of exploiting a software vulnerability, the attackers trick users into running a malicious command themselves. Once the command is executed in … Continued
A major international law-enforcement operation has shut down Tycoon 2FA, a phishing-as-a-service platform used by cybercriminals to steal login credentials and bypass security protections. The operation was led by Europol with support from several cybersecurity companies and technology partners. Authorities targeted the infrastructure that powered the service. As a result, many domains used for phishing … Continued
A new cybersecurity vulnerability called Mail2Shell has been discovered in FreeScout, a popular open-source helpdesk platform used by organizations to manage customer support emails. Security researchers revealed that attackers can exploit this flaw to take control of vulnerable servers. The attack works by sending a specially crafted email to the system. Because of this, even … Continued
A new cybersecurity threat has been discovered involving fake Laravel packages uploaded to the Packagist repository. These packages pretend to be useful development tools but secretly install malware on a developer’s system. Because Packagist is widely used by PHP developers through Composer, this attack can affect many projects. The malware works across Windows, macOS, and … Continued
