More than 20,000 Instagram accounts were reportedly taken over after hackers found a way to misuse Meta’s AI-powered support system. According to reports, the attackers exploited a flaw in an account recovery tool that was designed to help users regain access to their accounts. Meta has confirmed that around 20,000 accounts may have been affected … Continued
Cybersecurity researchers have uncovered a large-scale cloud-based operation linked to a threat actor known as PCPJack. According to new findings, the group compromised 230 cloud servers hosted on Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. The attackers quietly converted these servers into a hidden SMTP relay network that could be used … Continued
Cybersecurity researchers and the FBI have warned that scammers have already started targeting football fans ahead of the FIFA World Cup 2026. Even before the tournament begins, thousands of fake websites and online scams are being used to trick people into giving away personal information, login credentials, and banking details. Experts say cybercriminals are taking … Continued
Cybersecurity researchers have uncovered a malware campaign that abuses Google search results to target users looking for popular open-source software. Attackers are creating fake websites that closely imitate legitimate project pages and then using SEO techniques to push those sites higher in search rankings. This increases the chances that users will visit a malicious website … Continued
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Magento-related vulnerability, tracked as CVE-2026-45247, to its Known Exploited Vulnerabilities (KEV) Catalog after confirming that it is being actively exploited in real-world attacks. The flaw affects Mirasvit Cache Warmer, a Magento extension used by online stores to improve website performance through full-page caching. … Continued
A new Windows security vulnerability has been discovered that could allow attackers to steal NTLMv2 authentication hashes from users. The flaw affects the Windows Search URI handler and currently remains unpatched. Security researchers found that attackers can exploit the issue using specially crafted links. These links can be delivered through emails, websites, or other online … Continued
Law enforcement agencies from several countries have successfully dismantled nine organized crime groups involved in illegal streaming activities. The operation targeted networks that were distributing copyrighted television channels, sports broadcasts, movies, and other premium content without authorization. Authorities worked together to identify the people behind these services and disrupt their operations. The action is being … Continued
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added an Oracle security flaw to its Known Exploited Vulnerabilities (KEV) Catalog after confirming that it is being actively exploited in real-world attacks. The vulnerability affects Oracle Agile Product Lifecycle Management (PLM), a platform used by organizations to manage product development and supply chain operations. The … Continued
A Pakistan-linked cyber espionage group known as SideCopy has been linked to a targeted cyberattack against Afghanistan’s Ministry of Finance. Security researchers identified the operation and named it Operation XENOFISCAL. The campaign was specifically aimed at finance-related government offices across Afghanistan. Investigators believe the attackers were conducting a focused intelligence-gathering operation rather than a large-scale … Continued
A newly discovered Android banking malware called OverlayPhantom has been identified by cybersecurity researchers as a serious threat to mobile users. The malware is mainly designed to steal banking credentials and monitor activity on infected devices. Researchers say it can also give attackers remote access to smartphones. The threat was recently discovered during investigations into … Continued
