As cyber threats grow more sophisticated by the hour, defending against them demands more than muscle it calls for real innovation. At Infosecurity Europe 2025, the brightest minds converged in London to showcase the next wave of cybersecurity breakthroughs, from AI-powered detection to next-gen endpoint controls. Out of hundreds of launches and demos, only a … Continued
A massive cyberattack campaign has been discovered targeting TikTok Shop users. Security researchers have found over 15,000 fake domains that are being used to trick users into downloading malware and stealing their cryptocurrency. This campaign, named “ClickTok” by cybersecurity firm CTM360, is one of the largest TikTok-related scams seen to date. The attackers are creating … Continued
Mozilla has recently issued a warning to Firefox add-on developers about a phishing campaign that is actively targeting their accounts. This campaign is specifically aimed at developers who use the addons.mozilla.org (AMO) platform to upload and manage their extensions. The attackers are trying to trick developers into handing over their login credentials by sending them … Continued
A hacking group named Storm-2603 has recently been found exploiting security weaknesses in Microsoft SharePoint servers. Their goal is to break into organizations and deploy ransomware. What’s really concerning is that they’re using a new kind of backdoor that works through DNS, which helps them control infected systems secretly over the internet. These attacks are … Continued
Microsoft has officially announced that its Authenticator app will no longer support password management features. Starting August 1, 2025, all stored passwords in the app will be removed. Before that, users already lost the ability to add new passwords in June, and in July, autofill was turned off. This change is part of Microsoft’s bigger … Continued
Google has officially launched the open beta of Device Bound Session Credentials DBSC for Chrome on Windows. This feature is designed to prevent session hijacking by tying session cookies to a specific device. DBSC was first announced as a prototype in early 2024, and after months of development and testing, it is now available for … Continued
Cybersecurity authorities at CISA have just added a serious flaw in PaperCut NG/MF print management software to their Known Exploited Vulnerabilities Catalog, marking it as actively exploited. This vulnerability, tracked as CVE-2023-2533, is a cross-site request forgery issue that attackers are currently using to target organizations globally. CISA officially listed this vulnerability on July 28, … Continued
Cybersecurity researchers have discovered 13 serious security flaws in the Niagara Framework, a platform used to control smart building systems around the world. This framework, developed by Tridium, a Honeywell company, connects and manages critical building functions like HVAC, lighting, elevators, energy meters, and security systems. The impact of these flaws is massive. Niagara is … Continued
A new ransomware group called Chaos has recently launched a series of cyberattacks, raising serious concerns among cybersecurity experts. This group was first identified around February 2025, and investigators believe it is made up of former members of the BlackSuit or Royal ransomware gangs. The attackers are using a mix of old and new techniques … Continued
Two newly discovered malware campaigns named Soco404 and Koske are now targeting cloud servers to secretly mine cryptocurrency. These attacks are capable of infecting both Linux and Windows systems and are designed to abuse the computing power of cloud services without being noticed. The campaigns were uncovered by security teams from Wiz and Aqua, who … Continued
